After you deploy OpenSSO Enterprise on Tomcat, use the ssoadm utility to set the cookie encoding property to true. For example:
# ./ssoadm update-server-cfg \ -s http://openssohost.example.com:8080/opensso -u amadmin -f pwfile \ -a com.iplanet.am.cookie.encode=true
In this example, pwfile contains the password for amadmin.