The new com.sun.identity.appendSessionCookieInURL property determines whether OpenSSO Enterprise 8.0 Update 1 ppends the session cookie to the URL for zero page authentication.
Set this property to false to prevent OpenSSO Enterprise 8.0 Update 1 from appending the session cookie to the URL. For example, if an application is filtering incoming URLs for special characters for security reasons and a cookie contains a special character, then access is denied. The default value is true (cookie is appended).
To set the new com.sun.identity.appendSessionCookieInURL property:
Log in to the OpenSSO Enterprise 8.0 Update 1 Admin Console.
Click Configuration, Servers and Sites, Default Server Settings, and then Advanced.
Add the property with a value of true.
The com.sun.identity.appendSessionCookieInURL property is hotswappable, which means that you don't have to restart the OpenSSO Enterprise 8.0 web container for a new value to take effect.