-
Language:
English
-
Language:
English
Red Hat Training
A Red Hat training course is available for JBoss Enterprise Application Platform Common Criteria Certification
22.4.4. Configuring the Cookie Domain
As noted above the SSO valve supports a
cookieDomain
configuration attribute. This attribute allows configuration of the SSO cookie's domain (i.e. the set of hosts to which the browser will present the cookie). By default the domain is "/"
, meaning the browser will only present the cookie to the host that issued it. The cookieDomain
attribute allows the cookie to be scoped to a wider domain.
For example, suppose we have a case where two apps, with URLs
http://app1.xyz.com
and http://app2.xyz.com
, that wish to share an SSO context. These apps could be running on different servers in a cluster or the virtual host with which they are associated could have multiple aliases. This can be supported with the following configuration:
<Valve className="org.jboss.web.tomcat.service.sso.ClusteredSingleSignOn" cookieDomain="xyz.com" />