Forum Discussion

Cirrocumulus

Feb 04, 2016

Ignore domain cookie for some services in the same domain?

Hi, We have setup up sso configuration for domain.com and it´s working as expected for the most part. All sites in domain.com use sso configuration to enable serverside sso towards the AD. ...

application delivery

BIG-IP Access Policy Manager (APM)

Walter_Kacynski

Cirrostratus

Feb 05, 2016

The HTTP spec does not allow you to know which cookie is for which domain when it is arriving into the server. The browser will present a cookie with the same name twice. Once for domain.com AND site2.domain.com

Your alternative is to use an HTTP_RESPONSE event and check if a Set-Cookie header is present when the cookie is being created and then CHANGE the cookie to a different name. Then you would have code an HTTP_REQUEST event to reverse this logic so as to pass the original name to the backend server.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)