0 Replies Latest reply on Nov 3, 2017 11:56 AM by Daniel Klaus

    SSO Cookie configuration

    Daniel Klaus Newbie

      I am migrating two webapps from an older JBOSS server to Wildfly 10.1.0. In the past they shared the same JSESSIONID. As it's recommended not to share the JSESSIONID I would like to use the JSESSIONIDSSO cookie which should then be available to both web applications.

      Unfortunately I am not getting the right config to deliver the SSO cookie. I get a JSESSIONID but no additional SSO cookie.

      I configured the following:

      In standalone.xml I added single-sign-on path:

      <server name="default-server">
                      <host name="default-host" alias="localhost">
                          <location name="/" handler="welcome-content"/>
                          <filter-ref name="server-header"/>
                          <filter-ref name="x-powered-by-header"/>
                          <single-sign-on path="/"/>
                      </host>
                  </server>
      
      

       

      I also tried to add the following to the web application's jboss-web.xml:

      <jboss-web>
      
              <security-domain>my-sec-domain</security-domain>
      
      </jboss-web>
      </jboss-web>
      
      

       

      and again in standalone.xml added a security-domain:

                  
      <security-domain name="my-sec-domain" cache-type="default"/>
      
      
      
      

       

      Can anybody help me please? What am I missing?

      I am not sure if it's important but in our application we don't use form-based authentication. Instead we implemented auth via the RequestProcessor of the application.

      Is it necessary to configure form-based authentication to get the SSO-Cookie?

       

      Thank you very much in advance.