Flash uploader does not work with reverse proxies where 3rd party authentication is implemented
Our setup is;
- alfresco 220.127.116.11 running on Tomcat
- apache frontend performing reverse proxy for backend Tomcat
- Siteminder authentication implemented at the apache frontend
We've found that Share's Flash uploader does not forward any session cookies on the upload traffic as documented by Yahoo. http://developer.yahoo.com/yui/uploader/
We do see that the code surrounding the Flash uploader in Share appends the URL with the JSESSIONID so that Tomcat/Alfresco authentication can be passed.
But since no other session cookies are being passed in the upload traffic, the upload fails on scenarios like ours where there is a frontend reverse proxy with 3rd party authentication (Siteminder) as Siteminder session cookies are not being passed.
Is there a method to modify the Flash uploader scripts so that it passes specific session cookies on the upload traffic?