This content has been marked as final. Show 2 replies
The comment is just wrong :(
SSO relies on a cookie, and the cookie's domain is "/" meaning it will only be presented to the host that issued it. Changing this will require a change in Tomcat.
Thanks again for the quick reply!