Default Cookie Domain may be empty String and prevent cookies from working in Chrome and Opera ----------------------------------------------------------------------------------------------
Key: SLING-1721 URL: https://issues.apache.org/jira/browse/SLING-1721 Project: Sling Issue Type: Bug Components: Authentication Affects Versions: Form Based Authentication 1.0.0 Reporter: Felix Meschberger Assignee: Felix Meschberger Fix For: Form Based Authentication 1.0.2 If configuration exists for the form based authentication handler, the default cookie domain may be set to the empty string thus causing the cookies to be created with an empty string domain attribute. This does not seem to be a problem for Firefox but both Chrome and Opera don't accept these cookies thus failing subsequent authentication through the Form Authentication Handler. The fix probably is to (a) make sure an empty domain is "converted" to a null domain and (b) to not send the form.cookiedomain cookie if the domain is not set. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.