I'm still pretty green when it comes to cookies so forgive me if I'm asking some pretty dumb questions ;)
I've got a web application that I've written in JSF 2.0 (Apache). This application extends the functionality of another web application written in JSP. I didn't write the other web application, nor do I want to modify it, save for a bit of JQuery here and there.
The problem I'm facing is that I have no way of ensuring users of my application (the one in JSF) are properly authenticated by the larger application (the one in JSP). The way I got around that was to create a quick meaningless cookie in my JQuery code.
What I would like to do for each request is pull the cookie from the client's system into my JSF application, validate it and allow access to my application. The problem is, for some reason JSF is not "seeing" the cookie. Currently my code is this:
Here are the properties of the cookie:
Send For: Any Type Of Connection
Http Only: No
Expires: <2 minutes from creation>