Red Hat Training
A Red Hat training course is available for Red Hat JBoss Web Server
16.4. Configuring the Cookie Domain
The SSO valve supports a
cookieDomain
configuration attribute. This attribute allows configuration of the SSO cookie's domain (the set of hosts to which the browser will present the cookie). By default the domain is "/"
, meaning the browser will only present the cookie to the host that issued it. The cookieDomain
attribute allows the cookie to be scoped to a wider domain.
For example, suppose we have a case where two apps, with URLs
http://app1.xyz.com
and http://app2.xyz.com
, that wish to share an SSO context. These apps could be running on different servers in a cluster or the virtual host with which they are associated could have multiple aliases. This can be supported with the following configuration:
<Valve className="org.jboss.web.tomcat.service.sso.ClusteredSingleSignOn" cookieDomain="xyz.com" />