Cookie domain does not respect Crowd setting #5
Description
The SSO cookie contains the sub-domain of the requesting server even when the Crowd setting is set to include all sub-domains (domain.com or .domain.com)
For example:
Apache is on sub1.domain.com
Crowd is on sub2.domain.com
Set the Crowd SSO domain setting for the entire domain (domain.com or .domain.com). If the setting is left blank, Crowd will default by setting the cookies to use the entire domain from wherever the request came from (sub*.domain.com).
Login to Crowd, and it will generate a cookie with .domain - which accepts all sub-domains.
Login through cwdapache, and it ignores the cookie generated by Crowd, and creates a new cookie with sub1.domain.com. This new cookie, does not get seem by sub2.domain.com.
Been looking through the code to try and figure it out, but my C isn't great...