I have created an application (JSP) which will rely on the cookie set by a separate application's login cookie for authentication. The login was created in ASP on a separate server and, for all intents and purposes, a separate domain. Can I access that cookie if I know the name and value set by the original login script? If so, how? Thanks.
Joined: Jan 30, 2000
For security's sake, I hope you can't! But if you know the name and value, why do you need to read it?
Tony Alicea Senior Java Web Application Developer, SCPJ2, SCWCD
Joined: Sep 07, 2001
Let me clarify just a bit. I know the name of the cookie. I know what parameters are being passed to the cookie as the value(s), but I won't know the exact value for the cookie as it will be different for every user. It's generated dynamically. This obviously isn't the most secure thing in the world. It's running on an Intranet, so I'm not too concerned about security breach internally. It's an application that shouldn't be accessed without logging in to the Intranet. Does that clarify some? If so, any ideas?