Set the cookie path for a claims-aware application
Updated: September 13, 2007
Applies To: Windows Server 2003 R2
The cookie path specifies the location within an Internet Information Services (IIS) Web site virtual directory for which cookies will be sent in response to an application request by an Active Directory Federation Service (ADFS) client. If no cookie path is set, the path defaults to a location that depends on whether a cookie domain is set, as follows:
Cookie domain is set: / below the domain that applies for the requested address on the basis of the cookie domain.
No cookie domain is set: / below the domain specified in the Federation Service Uniform Resource Identifier (URI).
If you specify a cookie path (for example, /test01), the cookie is sent for requests under that path (for example, /test01, /test01/index.html, /test01/test05/, and so on).
The cookie path setting is configured in the ADFS Web Agent for an application. For a claims-aware application, configure the ADFS Web Agent in the Web.config file.
To complete this procedure, you must have read-write access to the Web.config file.
To set the cookie path for a claims-aware application using the Web.config file
In Notepad or other text editor, open the Web.config file that is in the Web application directory (typically \Inetpub\wwwroot\ApplicationName) on the Web server.
Search for the opening tag string <cookies.
In the current entry for <path>, select the existing path and replace it by typing the new path. If the path entry does not exist, type a new one (for example: <path>https://).
Save and close the Web.config file.