Details

    • Branch Version/s:
      6.1.x, 6.0.x
    • Backported to Branch:
      Committed
    • Fix Priority:
      5
    • Similar Issues:
      Show 4 results 

      Description

      We have 2 Liferay instances on our server.
      Both of them are reachable via their own subdomain.

      Instance 1: de.sample.com
      Instance 2: test.sample.com

      We have the problem, that Liferay cookies aren't saved with fully qualified domain name, but they are saved such as "sample.com" instead of "de.sample.com".
      We do not want cookie sharing across domains.
      Instances should be completely independent from each other.

      We've located this problem:
      In class portal-impl/src/com/liferay/portal/util/CookieKeys their is a method, called getDomain(String host), which cuts off everything before the first ".":

      public static String getDomain(String host) {

      // See LEP-4602 and LEP-4645.
      if (host == null)

      { return null; }
      // See LEP-5595.
      if (Validator.isIPAddress(host)) { return host; }
      int x = host.lastIndexOf(StringPool.PERIOD);
      if (x <= 0) { return null; }

      int y = host.lastIndexOf(StringPool.PERIOD, x - 1);

      if (y <= 0)

      { return StringPool.PERIOD + host; }

      int z = host.lastIndexOf(StringPool.PERIOD, y - 1);
      String domain = null;
      if (z <= 0)

      { domain = host.substring(y); }

      else

      { domain = host.substring(z); }

      return domain;
      }

      Is there a way to disable this "feature"?

        Activity

        Hide
        Mika Koivisto added a comment -

        Issue verified in 6.1.1 and 6.2.x.

        Show
        Mika Koivisto added a comment - Issue verified in 6.1.1 and 6.2.x.
        Hide
        Raymond Auge added a comment -

        We're leaving the default behavior for backward compatibility.

        Use the property:

        session.cookie.use.full.hostname=true
        

        to change it.

        Show
        Raymond Auge added a comment - We're leaving the default behavior for backward compatibility. Use the property: session.cookie.use.full.hostname= true to change it.
        Hide
        Michael Saechang added a comment -

        Committed on:
        Portal 6.2.x GIT ID: 0e3b8e8042c817f66f1ca6709e710b3c7f338f65.

        Show
        Michael Saechang added a comment - Committed on: Portal 6.2.x GIT ID: 0e3b8e8042c817f66f1ca6709e710b3c7f338f65.

          People

          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:
              Days since last comment:
              2 years, 7 weeks, 3 days ago

              Development

                Structure Helper Panel