Red Hat SummitEste conteúdo não está disponível no idioma selecionado.
19.11. Cookie Domain
19.11.1. About the Cookie Domain
The cookie domain refers to the set of hosts able to read a cookie from the client browser which is accessing your application. It is a configuration mechanism to minimize the risk of third parties accessing information your application stores in browser cookies.
The default value for the cookie domain is
/. This means that only the issuing host can read the contents of a cookie. Setting a specific cookie domain makes the contents of the cookie available to a wider range of hosts. To set the cookie domain, refer to Section 19.11.2, “Configure the Cookie Domain for Single Sign On”.
19.11.2. Configure the Cookie Domain for Single Sign On
To enable your SSO valve to share a SSO context, configure the cookie domain in the valve configuration. The following configuration would allow applications on
http://app1.xyz.com and http://app2.xyz.com to share an SSO context, even if these applications run on different servers in a cluster or the virtual host with which they are associated has multiple aliases.
Clustered SSO (shared against clustered JBoss EAP instances)
Using the CLI (in Standalone mode):
/subsystem=web/virtual-server=default-host/sso=configuration:add(cache-container="web",cache-name="sso")
Editing
standlone.xml or domain.xml and append the below to the relevant web subsystem:
<subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false"> <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/> <virtual-server name="default-host" enable-welcome-root="true"> <alias name="localhost"/> <alias name="example.com"/> <sso cache-container="web" cache-name="sso"/> <!--FIXME: ADD this Line--> </virtual-server> </subsystem>
Non-Clustered SSO (SSO only shared against instances within the Jboss EAP instances)
Using the CLI (in Standalone mode):
/subsystem=web/virtual-server=default-host/sso=configuration:add()
Editing
standlone.xml or domain.xml and append the below to the relevant web subsystem:
<subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false"> <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/> <virtual-server name="default-host" enable-welcome-root="true"> <alias name="localhost"/> <alias name="example.com"/> <sso/> <!--FIXME: ADD this Line--> </virtual-server> </subsystem>
The Single Sign On (SSO) configuration in JBoss EAP 6 includes a domain attribute that can be specified. For example:
/subsystem=web/virtual-server=default-host/sso=configuration:add(domain="example.com",...)
Which adds the following SSO configuration:
<sso domain="example.com"/>
