0 Replies Latest reply on Nov 3, 2017 11:56 AM by Daniel Klaus

    SSO Cookie configuration

    Daniel Klaus Newbie

      I am migrating two webapps from an older JBOSS server to Wildfly 10.1.0. In the past they shared the same JSESSIONID. As it's recommended not to share the JSESSIONID I would like to use the JSESSIONIDSSO cookie which should then be available to both web applications.

      Unfortunately I am not getting the right config to deliver the SSO cookie. I get a JSESSIONID but no additional SSO cookie.

      I configured the following:

      In standalone.xml I added single-sign-on path:

      <server name="default-server">
                      <host name="default-host" alias="localhost">
                          <location name="/" handler="welcome-content"/>
                          <filter-ref name="server-header"/>
                          <filter-ref name="x-powered-by-header"/>
                          <single-sign-on path="/"/>


      I also tried to add the following to the web application's jboss-web.xml:



      and again in standalone.xml added a security-domain:

      <security-domain name="my-sec-domain" cache-type="default"/>


      Can anybody help me please? What am I missing?

      I am not sure if it's important but in our application we don't use form-based authentication. Instead we implemented auth via the RequestProcessor of the application.

      Is it necessary to configure form-based authentication to get the SSO-Cookie?


      Thank you very much in advance.