We are using Custom login page (FTL) where by, on Post call of the Custom login form, we are validating the same on Server, once that is correct, we are making a POST request to custom fcc (custom.fcc) to authenticate the User.
Once we get the response, we check for SMSESSION over there and add this into the servlet response, if we get, we redirect the user to the target, else we show the user error.
But somehow, we are unable to retain Cookie during the transaction i.e when the Post Call is made to custom.fcc
Also, with this approach, we are getting more than 1 SMSESSION Cookie during the journey i.e one SMSESSION gets created when we make a post to custom.fcc with FQDN (a.domain.com), where else for the subsequent protected request, another one gets created (*.domain.com)
Can any one help us with a sample code, where by cookies can be handled efficiently?