Loading...

XML

Word

Printable

Details

Type: Feature Request
Resolution: Done
Priority: Critical
Fix Version/s: 8.1.0.CR1, 8.1.0.Final
Affects Version/s: 8.0.0.Final
Component/s: Web (Undertow)
Labels:
- single-sign-on
- undertow

Forum Reference:
https://community.jboss.org/message/859916
Affects:

Compatibility/Configuration
Git Pull Request:
https://github.com/undertow-io/undertow/pull/179, https://github.com/wildfly/wildfly/pull/6080

Description

When enabling Undertow SSO in standalone.xml, the only option to tweak is the cookie domain.

My life would be made easier by two changes:

1) If the domain is not specified, the SSO cookie should have no domain set. This will make the browser apply the domain from the URL being requested. Currently the cookie domain gets populated with a value from the enclosing XML element.

2) There's no way of setting the cookie path, which makes this less useful for services on different URLs. I propose adding a path attribute to the SSO XML element, which would set the cookie path. For example:

<single-sign-on path="/" />

Right now my workaround is to use my reverse proxy (Apache) to edit response headers and modify the cookie, removing the domain and adding the path. If anyone else needs the workaround:

Header edit Set-Cookie "^JSESSIONIDSSO=([^; ])." "JSESSIONIDSSO=$1; path=/"

Attachments

Activity

People

Assignee:: Tomaž Cerar (Inactive)

Reporter:: Tin Tvrtkovic (Inactive)

Votes:: 4 Vote for this issue

Watchers:: 10 Start watching this issue

Dates

Created:: 2014/02/27 4:34 AM

Updated:: 2017/12/06 11:27 AM

Resolved:: 2014/03/31 5:43 AM