RES: Cookie problem max age problem - Best practice to solve it

[sr...@g88.net]

> Assunto: Re: RES: Cookie problem max age problem - Best practice to solve it

> the authentication app's plugin wasnt created by me, its only stored on
> TomCat to be used by my Java app. This plugin runs together with another app
> server, which completes the authentication process. After this process is
> completed ok, a cookie is created. So, when the user asks for logout, the
> plugin tries to delete the cookie, probably setting 0 to max age. If i work
> with OC4J, this steps runs fine and the user becomes abled to make another
> login request on the same browser instance, without needing to close it.
> But, if i work with TomCat, i need to close the browser instance and open
> another one to be sucessful.
> Needing help still.
> Regards, Euclides.


This does not change any of the previous discussion.  The problem
hinges on the answers to two questions:

>> What are the values used for domain, path, and name when the cookie
>> is set?

>> What are the values used for domain, path, and name when the cookie
>> is deleted?

If you can demonstrate that the same set of values are used in both
cases, then this sounds like it would be a tomcat problem.  You can
examine the Set-Cookie headers sent by the server to see whether this
is the case.

Otherwise, this is an issue that should be raised with the vendor who
provided the authentication plugin.

-- 
Steve