we have detected with IBM experts a cookie conflict between BNPP applications and Bluemix Login UAA application (Ltpatoken2 cookie).
It is not simple to change the cookie behavior on our side : the cookie is set at xxx.xxxxx level in order to share authentication between different hosts so we cannot "lower" the level from domain to host. Furthermore, we have pointed out one application, which does not mean that it is the only one that will use this cookie (we have somewhat 2000 WebSphere applications so an impact analysis is not practicable).
Does your UAA login component uses in any way this Ltpatoken2 cookie ?
If yes, could you rename it (this is just a config parameter) ; this should not impact any client using Bluemix local as you hopefully don't share this cookie with other domains or hosts.
If no, can you modify the Liberty config to ignore this cookie which should not disturb other client either, or if not possible, rename it anyway so that your Liberty component is not disturbed by this cookie presence. We will also provide directives to application developers on our side so that they rename this cookie if they use Liberty core runtime.
An incident ticket has also been posted (Ticket #5377-13483209)
Thank you in advance.
Do not place IBM confidential, company confidential, or personal information into any field.