Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-14378

'Set Persistent Cookie' node sets domain cookies in only one domain despite multiple Cookie Domains set

    Details

    • Sprint:
      AM Sustaining Sprint 59
    • Story Points:
      1
    • Needs backport:
      No
    • Support Ticket IDs:
    • Verified Version/s:
    • Needs QA verification:
      No
    • Functional tests:
      No
    • Are the reproduction steps defined?:
      Yes and I used the same an in the description

      Description

      Bug description

      The 'Set Persistent Cookie' node sets domain cookies in only one domain despite multiple Cookie Domains being set.  This is different to how the Persistent Cookie authentication module worked where it would set a cookie in each configured domain.

      How to reproduce the issue

      1). Setup AM 6.5 and configure Global Services > Platform > Cookie Domains and add some example domains:

      example.net    example.co.uk    example.com

      2). For verification set up the Persistent Cookie authentication module and verify the cookies that are set with a successful authentication:

      Set-Cookie:
      
      session-jwt=ey...MY; Domain=example.co.uk; Expires=Tue, 05-Feb-2019 17:59:30 GMT; Path=/; Secure; HttpOnly
      session-jwt=ey...MY; Domain=example.net; Expires=Tue, 05-Feb-2019 17:59:30 GMT; Path=/; Secure; HttpOnly
      session-jwt=ey...MY; Domain=example.com; Expires=Tue, 05-Feb-2019 17:59:30 GMT; Path=/; Secure; HttpOnly

      3). Configure an authentication tree and add the 'Set Persistent Cookie' node and verify the cookie that is set on a successful authentication:

      Set-Cookie:
      
      session-jwt=ey...xLY; Expires=Tue, 05 Feb 2019 18:02:32 GMT; Path=/; Domain=example.com; Secure; HttpOnly

      ...note that the cookie is now only set in one domain and not the three as occurs with the Persistent Cookie auth module.

      Expected behaviour
      In this test case 3 domain cookies
      
      Current behaviour
      1 domain cookie
      

       

        Attachments

          Activity

            People

            • Assignee:
              joe.starling Joe Starling
              Reporter:
              andy.itter Andy Itter
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: