Win a copy of Java EE 8 High Performance this week in the Java/Jakarta EE forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

cookies scoped to web-application within a domain  RSS feed

Ranch Hand
Posts: 96
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have a secure and insecure web application. The secure one deals with payment/billing services for a user while the other deals with browsing catalogs etc. The user experience should be seamless as he browses non-secure and secure parts of the application. Both applications are served from the same domain and need to use cookies.

In order to ensure security the cookies (from each application) should not be scoped just at the domain level but rather scoped to an application level within a domain. How do I do this? Do I need to check with my container if it offers anything on this? Thoughts..?
How did others here deal when they had secure and insecure parts of application using cookies?
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!