6 Replies Latest reply on Oct 1, 2016 1:47 AM by jaikiran pai

    JSESSIONIDSSO cookie not set in response on WF9

    Matt Smith Newbie

      Hi all,

       

      We are currently experiencing an issue where the JSESSIONIDSSO cookie is not being set on the response of the login page upon successful login.  This occurs immediately after a restart of the Wildfly service and only affects two of the apps deployed there - there are several others that don't have the issue.  All apps use the same security domain and share the SSO context (usually successfully).  If we disable and then enable the broken app it will begin working properly until the next service restart.  Without the SSO cookie users are unable to use the app as all requests just keep being redirected to the login form.

       

      Here are two responses captured with Wireshark to illustrate the issue.  The first is immediately after a restart, and the second is after the app is disabled and then re-enabled.

       

      HTTP/1.1 200 OK

      Date: Wed, 31 Aug 2016 05:57:31 GMT

      Server: WildFly/9

      X-Powered-By: Undertow/1

      Content-Type: application/json

      Content-Length: 23

      Set-Cookie: JSESSIONID=7as3vdBA12cerHoE8Ofz6lMMyy1Vszfe03CliJ1P.server8102; path=/app

      Set-Cookie: BALANCEID=.server2; path=/;

      Keep-Alive: timeout=5, max=100

      Connection: Keep-Alive

       

      { "status": "SUCCESS" }

       

      HTTP/1.1 200 OK

      Date: Wed, 31 Aug 2016 06:04:27 GMT

      Server: WildFly/9

      X-Powered-By: Undertow/1

      Content-Type: application/json

      Content-Length: 23

      Set-Cookie: JSESSIONID=gQxWB7Mjg6c1MpO2Cl-2C3LUXxU7dsznvxPrP7rq.server8102; path=/app

      Set-Cookie: JSESSIONIDSSO=k1ZB8kZ4Wod91-qN8jTj3cvCE3MOUK2NJA1i38f3; path=/

      Set-Cookie: BALANCEID=.server2; path=/;

      Keep-Alive: timeout=5, max=100

      Connection: Keep-Alive

       

      { "status": "SUCCESS" }

       

      I've attached relevant config.  We are using Wildfly 9.0.1 on Windows.  It does sit behind a modproxy reverse proxy server but I don't think that has anything to do with it. 

       

      Any help with this would be much appreciated.

       

      Thanks,

      Matt