Specifying the domain of the PF.PERSISTENT cookie
PingFederate identifies persistent authentication sessions by their respective PF.PERSISTENT cookie. You can specify the domain of this cookie.
About this task
By default, the PF.PERSISTENT cookie is set without domain information in the HTTP header.
Set-Cookie: PF.PERSISTENT=UoBlPlf16V2oYAEPot2DnpUOXxitK7au;Path=/;Expires=Sat,
06-Nov-2021 00:48:08 GMT;Max-Age=94608000;Secure;HttpOnly
You can configure PingFederate to return the Set-Cookie HTTP header with domain information, as needed.
Steps
-
Edit the
<pf_install>/pingfederate/server/default/data/config-store/persistent-session-cookie-config.xml
file. -
Modify the
cookie-domain
element.Example:
[.codeph]``<c:item name="cookie-domain">.example.com</c:item>``
-
Save the change.
-
Restart PingFederate.
For a clustered PingFederate environment, perform these steps on the console node, and then click Replicate Configuration on System → Server → Cluster Management.