Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

cookies scoped to web-application within a domain

 
Sathvathsan Sampath
Ranch Hand
Posts: 96
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have a secure and insecure web application. The secure one deals with payment/billing services for a user while the other deals with browsing catalogs etc. The user experience should be seamless as he browses non-secure and secure parts of the application. Both applications are served from the same domain and need to use cookies.

In order to ensure security the cookies (from each application) should not be scoped just at the domain level but rather scoped to an application level within a domain. How do I do this? Do I need to check with my container if it offers anything on this? Thoughts..?
How did others here deal when they had secure and insecure parts of application using cookies?
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic