[jira] [Updated] (COUCHDB-1831) Clearing AutoSession cookie doesn't respect domain value, fails to clear domain = '.example.com' values

[Pauli Price (JIRA)]

     [ 
https://issues.apache.org/jira/browse/COUCHDB-1831?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Pauli Price updated COUCHDB-1831:
---------------------------------

    Summary: Clearing AutoSession cookie doesn't respect domain value, fails to 
clear domain = '.example.com' values  (was: Clearing AutoSession cooking 
doesn't respect domain value, fails to clear domain = '.example.com' values)
    
> Clearing AutoSession cookie doesn't respect domain value, fails to clear 
> domain = '.example.com' values
> -------------------------------------------------------------------------------------------------------
>
>                 Key: COUCHDB-1831
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-1831
>             Project: CouchDB
>          Issue Type: Bug
>            Reporter: Pauli Price
>
> Working on a remote authentication server.  Setting AuthSession cookie at the 
> domain level - i.e. couchdb running at db.example.com & auth server running 
> at auth.example.com -- set cookie with domain='.example.com' & visit 
> db.example.com/_utils --- session is logged in.  Click 'logout' in futon, 
> user remains logged in.  Examine cookies -- two AuthSession cookies exist -- 
> one with domain = 'db.example.com' with blank value, and the original one 
> with domain='.example.com' -- unchanged.
> Fix is to pass the original cookie's domain value into the set cookie 
> statement that clears the session.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira