Ivan Levashew <i.levas...@...> writes: > > Set-Cookie: username="GpCybk1DvZRGHYktowzcuA__"; Version=1; > Max-Age=1296000; Expires=Fri, 09-Jul-2010 17:54:46 GMT; Path=/; HttpOnly > > I can see no domain here despite I have set > xwiki.authentication.cookiedomains=.metrolace.ru > I seem to have found the cause. XWiki doesn't put Domain in cookie when domain matches exactly. I. e. when request is done for metrolace.ru, XWiki doesn't put domain in cookie. Squid redirector naturally was programmed to redirect almost everything to http://metrolace.ru/...
When I change this to http://www.metrolace.ru/, this www makes XWiki ner^Wput "Domain=.metrolace.ru" in cookies as it supposed to do. Do you think this strategy of non-putting Domain= in exact domains makes sense? Those ones who have just 1 domain are not likely to edit cookiedomains in xwiki.cfg and those ones like me using reverse proxies for balancing or URL rewriting just meet yet another unwanted obstacle. The piece of code is here: xwiki-core/src/main/java/com/xpn/xwiki/user/impl/xwiki/ MyPersistentLoginManager.java private String getCookieDomain(HttpServletRequest request) String servername = request.getServerName(); should be changed to String servername = "." + request.getServerName(); -- If you want to get to the top, you have to start at the bottom _______________________________________________ users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users
