This is a strange one so stick with me.

The application worked fine in wildfly 8.0.0.Final. The first startup on wildfly 8.1.0.final it worked fine. On the second and subsequent startups, my authentication system failed. The user could log in, but navigating to other content would result in either a redirect to the login page, or "requires login" content not being rendered on the page (only the publicly visible content being shown- that is a partial rendering of the page).

I initially assumed the issue was some incompatibility between prettyfaces as wildfly 8.1.0 and stripped out prettyfaces. The problem persisted. I then assumed the problem was my authorization filter. Removing/gutting it had no effect.

Eventually after several days of hacking, I came across some posts about wildfly 8.0.0.CR1 (and other pre-final versions) having issues with cookie based session ids. Some people said switching to URL based session management fixed the problem for them. I tried this. It fixed my problem but isn't acceptable for the production system. Other people indicated that changing the cookie name from the default fixed the problem.

In my case, changing the cookie name fixes the problem on THE NEXT STARTUP ONLY. If I wish to restart the server, I have to change the cookie name or the problem (the session is not available in sub-directories of my web content) returns. Simply assigning the cookie a random name fixes the issue, but obviously isn't practical in the real world.

Question: What is going on? How do I begin to trouble shoot this beyond where I am now? I've been working on this problem (indirectly and directly) for more than 2 weeks...