4 files changed, 13 insertions, 4 deletions

diff --git a/sca-cpp/trunk/modules/http/htdocs/login/index.html b/sca-cpp/trunk/modules/http/htdocs/login/index.html
index f4bdcd7f42..8b0ad48bd6 100644
--- a/sca-cpp/trunk/modules/http/htdocs/login/index.html
+++ b/sca-cpp/trunk/modules/http/htdocs/login/index.html
@@ -31,7 +31,8 @@
 
 <script type="text/javascript">
 function submitFormSignin() {
-    document.cookie = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';path=/;secure=TRUE';
+    var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
+    document.cookie = reset;
     document.formSignin.httpd_location.value = '/';
     document.formSignin.submit();
 }
diff --git a/sca-cpp/trunk/modules/http/htdocs/logout/index.html b/sca-cpp/trunk/modules/http/htdocs/logout/index.html
index bdff9a441e..0365af36a1 100644
--- a/sca-cpp/trunk/modules/http/htdocs/logout/index.html
+++ b/sca-cpp/trunk/modules/http/htdocs/logout/index.html
@@ -32,7 +32,8 @@
 <form name="signout" action="/login" method="GET">
 <script type="text/javascript">
 function submitSignout() {
-    document.cookie = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';path=/;secure=TRUE';
+    var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
+    document.cookie = reset;
     document.signout.submit();
     return true;
 }
diff --git a/sca-cpp/trunk/modules/http/httpd-conf b/sca-cpp/trunk/modules/http/httpd-conf
index 1fac0d56e2..ada4e0a713 100755
--- a/sca-cpp/trunk/modules/http/httpd-conf
+++ b/sca-cpp/trunk/modules/http/httpd-conf
@@ -82,6 +82,8 @@ LogFormat "[%{%a %b %d %H:%M:%S %Y}t] [access] %h %l %u \"%r\" %>s %b \"%{Refere
 CustomLog $root/logs/access_log combined
 CookieTracking on
 CookieName TuscanyVisitorId
+CookieStyle Cookie
+CookieExpires 31556926
 
 # Configure Mime types and default charsets
 TypesConfig $here/conf/mime.types
@@ -90,7 +92,7 @@ AddCharset utf-8 .js .css
 
 # Configure cache control
 SetEnvIf Request_URI "^/app.html$" must-revalidate
-Header onsuccess set Cache-Control "max-age=86400" env=!must-revalidate
+Header onsuccess set Cache-Control "max-age=604800" env=!must-revalidate
 Header set Cache-Control "must-revalidate, max-age=0" env=must-revalidate
 Header set Expires "Tue, 01 Jan 1980 00:00:00 GMT" env=must-revalidate
 
diff --git a/sca-cpp/trunk/modules/http/open-auth-conf b/sca-cpp/trunk/modules/http/open-auth-conf
index cde0c6b05f..bed20d75a9 100755
--- a/sca-cpp/trunk/modules/http/open-auth-conf
+++ b/sca-cpp/trunk/modules/http/open-auth-conf
@@ -35,7 +35,7 @@ cat >>$root/conf/auth.conf <<EOF
 AuthType Open
 AuthName "$host"
 Session On
-SessionCookieName TuscanyOpenAuth domain=.$host;path=/;secure=TRUE
+SessionCookieName TuscanyOpenAuth domain=.$host; path=/; max-age=31556926
 SessionCryptoPassphrase $pw
 AuthOpenAuth On
 AuthOpenAuthLoginPage /login
@@ -53,5 +53,10 @@ Require valid-user
 SetHandler form-login-handler
 </Location>
 
+# Mark login page with a header
+<Location /login>
+Header set X-Login open-auth
+</Location>
+
 EOF