I have an application that is not using JAAS as security. It is using my own login and database check against usernames and passwords.
The application also uses virtual hosts for sub domains eg:
Main application - www.whatever.com Forums - forums.whatever.com other sub app - other.whatever.com
When I log in on the main login page in "www.whatever.com" I store some values in the httpsession object to say I'm logged in. However these don't seem to be picked up in the sub-domains. So in the other.whatever.com it seems that I'm logged out still. Any ideas? Help?