FIX: Cookie names pass through host address translation when the cookie domain attribute is the same domain as the portal public host name

Applies to: Microsoft Forefront Unified Access Gateway 2010 Service Pack 1

Symptoms

Consider the following scenario:

You have a server that is running Microsoft Forefront Unified Access Gateway (UAG) 2010 Service Pack 1 (SP1) Update 1.
You publish a web application through UAG 2010 by using the Other Web Application (portal host name) template.
When you browse to this web application, it sets a domain cookie. The domain that is specified for this cookie is the same as the domain of the UAG portal public host name, as in the following example:
- UAG portal public host name: portal.contoso.com
- Cookie domain, in the domain attribute of the Set-Cookie header: domain=.contoso.com

In this scenario, when UAG forwards the HTTP response of the back-end web server to the client, UAG changes the name of cookie by using host address translation (HAT).

Resolution

To resolve this issue, install the rollup package that is described in the following Microsoft Knowledge Base article:

2647899 Rollup 1 for Forefront Unified Access Gateway (UAG) 2010 Service Pack 1 Update 1

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

References

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:

824684 Description of the standard terminology that is used to describe Microsoft software updates

Last Updated: Jan 11, 2012