When I read the user’s LtpaToken cookie from Apache Tomcat server, it reports the value of this cookie as:
instead of the actual cookie value, which is:
==
Notice the trailing == characters.
I believe this is because Domino generates the LtpaToken cookie as a default “version 0” cookie.
I read that the = character is not valid for a v0 cookie, according to the HTTP and Servlet specs.
Is there any way to force Domino to generate the LtpaToken cookie as a “version 1” cookie, instead of the older/unspecificed “version 0” format?
Here are discussions in the Apache Tomcat bug database:
https://issues.apache.org/bugzilla/show_bug.cgi?id=45191
https://issues.apache.org/bugzilla/show_bug.cgi?id=44927
https://issues.apache.org/bugzilla/show_bug.cgi?id=44679
The problem appears to be with how Domino creates the cookie. Apache is following their specification, and not returning “==” as part of the cookie value.
http://www.openntf.org/Projects/pmt.nsf/ProjectLookup/DominoTomcatSSO
