Forgeops: setting the iPlanetDirectoryPro cookie’s domain

Tagged: ,

This topic has 0 replies, 1 voice, and was last updated 2 weeks ago by ssd.

  • Author
    Posts
  • #27325
     ssd
    Participant

    I’m trying to determine the correct way to tell OpenAM to set a domain= for the iPlanetDirectoryPro cookie after login. I login to login.fr.example.com with a goto=example.fr.example.com parameter. After authenticating, it redirects me successfully, but in viewing the network traffic in the browser’s developer console, I see that the iPlanetDirectoryPro cookie only has a path=/ annotation, not a domain= annotation. This means it is not sent to example.fr.example.com. In viewing the doco, this appears to be the new default for openam.

    I want to use a route and filter on my example.fr.example.com domain to look for (and validate) the cookie, but only for certain paths. I can see how to set the domain via the OpenAM admin console (Configure -> Global Services -> Platform -> Cookie Domains) but I want to set it via helm when I deploy into each environment.

    Can anyone point me at the config to set?

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

©2020 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?