I have created an application (JSP) which will rely on the cookie set by a separate application's login cookie for authentication. The login was created in ASP on a separate server and, for all intents and purposes, a separate domain. Can I access that cookie if I know the name and value set by the original login script? If so, how? Thanks.
Tony Alicea
Desperado
Sheriff
Joined: Jan 30, 2000
Posts: 3219
posted
0
For security's sake, I hope you can't! But if you know the name and value, why do you need to read it?
Tony Alicea Senior Java Web Application Developer, SCPJ2, SCWCD
Brian E
Greenhorn
Joined: Sep 07, 2001
Posts: 12
posted
0
Let me clarify just a bit. I know the name of the cookie. I know what parameters are being passed to the cookie as the value(s), but I won't know the exact value for the cookie as it will be different for every user. It's generated dynamically. This obviously isn't the most secure thing in the world. It's running on an Intranet, so I'm not too concerned about security breach internally. It's an application that shouldn't be accessed without logging in to the Intranet. Does that clarify some? If so, any ideas?
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to
run our stuff on 16 servers instead of 3.
subject: Detecting a cookie from another application.
0
