Specifying the domain of the PF cookie - PingFederate

Specifying the domain of the PF cookie - PingFederate - 10.0

PingFederate Server

bundle

pingfederate-100

ft:publication_title

PingFederate Server

Product_Version_ce

PingFederate 10.0

category

Product

pf-100

pingfederate

ContentType_ce

Page created: 12 Sep 2019 |

Page updated: 19 Mar 2020

| 1 min read

PingFederate 10.0 Product Software Deployment Method Product documentation Content Type Administrator Audience Configuration User task

PingFederate identifies sessions by their respective PF cookie. By default, the PF cookie is set without domain information in the HTTP header; for example:

Set-Cookie: PF=zOv4xxmzDI2rx1TFBFy78X;Path=/;Secure;HttpOnly

As needed, you may configure PingFederate to return the Set-Cookie HTTP header with domain information.

Edit the session-cookie-config.xml file, located in the <pf_install>/pingfederate/server/default/data/config-store directory.
Modify the cookie-domain element; for example:

<c:item name="cookie-domain">.example.com</c:item>
Save the change.
Restart PingFederate.

For a clustered PingFederate environment, perform these steps on the console node, and then click Replicate Configuration on the System > Cluster Management screen. It is not necessary to restart PingFederate on any running engine node.

Once this change is activated, PingFederate includes domain information in its Set-Cookie HTTP header; for example:

Set-Cookie: PF=aDfPx6uwbbWGFhwE6zEhEG;Path=/;Domain=.example.com;Secure;HttpOnly