I have a problem with the cookie domain I am using in .mydomain.net and I would like to have it in a scoop of 3 so it would be .app.mydomain.net So I have this:
// Save siteminder cookie from a login succes and redirect to target application url
log.debug("Certificate type: "+ s_certificateType );
log.debug("Application Authentication Level: "+ s_authLevel );
if ( s_certificateType.length() == 0 || s_certificateType.equals ("HARD") || ( s_certificateType.equals ("SOFT") && ( s_authLevel.equals("1") || s_authLevel.equals("2") ) ) ) {
Cookie c_cookie = new Cookie ("SSOHUBSESSION", s_sessionToken );
c_cookie.setDomain(application.getInitParameter("domain"));
response.addCookie ( c_cookie );
log.debug("REDIRECT: "+ s_returnurl );
session.invalidate();
Cookie[] a_cookies = request.getCookies();
if (a_cookies != null) {
for (int i = 0; i < a_cookies.length; i++)
{
if (a_cookies[i].getName().equals("SSOHUBFED_OLD_SESSION") ) {
log.debug("Update the SSOHUBFED_OLD_SESSION with the new Session. ");
c_cookie = new Cookie("SSOHUBFED_OLD_SESSION", s_sessionToken);
c_cookie.setDomain(application.getInitParameter("domain"));
//c_cookie.setMaxAge(0);
c_cookie.setValue(s_sessionToken);
response.addCookie(c_cookie);
}
}
}
response.sendRedirect(s_returnurl);
return;
}
}
Here I was thinking to just add in the end response.addCookie(".app."+c_cookie); I don't know maybe there is a way to get direcly the scoop of 3 or something!!! Does anyone have an idea of how I can Do that ? Thank you for your help.
I'm not sure I follow what you're trying to do in the code, but in SiteMinder (aka CA SSO) the cookie domain scope is defined in the Agent Configuration Object. Also there will be a request header called SM_SDOMAIN or SMSDOMAIN (underscore may or may not be present, also depends on ACO settings) that contains the exact cookie domain that SiteMinder is using, e.g.
String smcookiedomain = request.getHeader("SM_SDOMAIN");
Hope this helps!