Details

    • Type: Bug Bug
    • Status: Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: web_container
    • Labels:
      None
    • Environment:

      any

      Description

      There is no way to set domain for sso-cookie.

      I have tried hacking by intercepting response#addCookie, response#addHeader or any other possible method, but the org.apache.catalina.authenticator.AuthenticatorBase is not provided with my wrapped ServletResponse.

        Activity

        Hide
        pljosh added a comment - - edited

        Here is my (ugly) workaround:

        private void setupSsoCookieDomain(HttpServletResponse response) {
            if (domainName == null || domainName.indexOf('.') == -1) {
                return;
            }
            boolean first = true;
            for (String cookie : response.getHeaders("Set-Cookie")) {
                if (cookie.startsWith(SSO_COOKIE_NAME) && !cookie.contains("Domain")) {
                    //insert Domain=.domain to apply cookie for any subdomain
                    cookie = cookie.replace("Path=", "Domain=." + domainName + "; Path=");
                }
                if (first) {
                    response.setHeader("Set-Cookie", cookie);
                } else {
                    response.addHeader("Set-Cookie", cookie);
                }
                first = false;
            }
        }
        
        Show
        pljosh added a comment - - edited Here is my (ugly) workaround: private void setupSsoCookieDomain(HttpServletResponse response) { if (domainName == null || domainName.indexOf('.') == -1) { return ; } boolean first = true ; for ( String cookie : response.getHeaders( "Set-Cookie" )) { if (cookie.startsWith(SSO_COOKIE_NAME) && !cookie.contains( "Domain" )) { //insert Domain=.domain to apply cookie for any subdomain cookie = cookie.replace( "Path=" , "Domain=." + domainName + "; Path=" ); } if (first) { response.setHeader( "Set-Cookie" , cookie); } else { response.addHeader( "Set-Cookie" , cookie); } first = false ; } }

          People

          • Assignee:
            Dhiru Pandey
            Reporter:
            pljosh
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated: