Index: api/src/main/java/org/sakaiproject/util/RequestFilter.java =================================================================== --- api/src/main/java/org/sakaiproject/util/RequestFilter.java (revision 5495) +++ api/src/main/java/org/sakaiproject/util/RequestFilter.java (revision 5496) @@ -244,6 +244,8 @@ protected String cookieDomain = null; + private String serverId; + /** Set the HttpOnly attribute on the cookie */ protected boolean m_cookieHttpOnly = true; @@ -373,7 +375,8 @@ // as well so folks can log in on this node. // 2) any GET URL's from contentPaths (POST's any other methods not // allowed. - if (useContentHostingDomain) { + // exempt this if user is going to the hostname (serverid) directly + if (useContentHostingDomain && !(req.getServerName().startsWith(serverId))) { String requestURI = req.getRequestURI(); if (startsWithAny(requestURI, contentPaths) && "GET".equalsIgnoreCase(req.getMethod())) { if (!req.getServerName().equals(chsDomain) && !(startsWithAny(requestURI, contentExceptions))) { @@ -493,7 +496,7 @@ c = new Cookie(cookieName, sessionId); c.setPath("/"); c.setMaxAge(-1); - if (cookieDomain != null) + if (cookieDomain != null && !(req.getServerName().startsWith(serverId))) { c.setDomain(cookieDomain); } @@ -583,6 +586,7 @@ // knl-640 appUrl = configService.getString("serverUrl", null); + serverId = configService.getServerId(); chsDomain = configService.getString("content.chs.serverName", null); chsUrl = configService.getString("content.chs.serverUrl", null); useContentHostingDomain = configService.getBoolean("content.separateDomains", false); @@ -1121,7 +1125,7 @@ c = new Cookie(cookieName, ""); c.setPath("/"); c.setMaxAge(0); - if (cookieDomain != null) + if (cookieDomain != null && !(req.getServerName().startsWith(serverId))) { c.setDomain(cookieDomain); } @@ -1141,7 +1145,7 @@ c = new Cookie(cookieName, sessionId); c.setPath("/"); c.setMaxAge(-1); - if (cookieDomain != null) + if (cookieDomain != null && !(req.getServerName().startsWith(serverId))) { c.setDomain(cookieDomain); }