In v4.2.x, as part of security tightening, some fixes were done in the area of cookie handling. Unfortunately, these security fixes have the potential to break existing proxy rules/settings. If this is the case, then users will notice there will be no app cookies stored in browser.
To resolve this issue please follow below steps
Step 1: Update the front end server (Apache) proxy setting as below. The example given below is for Apache web server.
ProxyPass /<instance-name1>/ "ajp://<tomcat-ip-addr>:8009/<instance-name1>/" ProxyPassReverse /<instance-name1>/ "ajp://<tomcat-ip-addr>:8009/<instance-name1>/" ProxyPass /<instance-name2>/ "ajp://<tomcat-ip-addr>:8009/<instance-name2>/" ProxyPassReverse /<instance-name2>/ "ajp://<tomcat-ip-addr>:8009/<instance-name2>/" Example: ProxyPass /openspecimen-test/ "ajp://127.0.0.1:8009/openspecimen-test/" ProxyPassReverse /openspecimen-test/ "ajp://127.0.0.1:8009/openspecimen-test/" ProxyPass /openspecimen-prod/ "ajp://127.0.0.1:8009/openspecimen-prod/" ProxyPassReverse /openspecimen-prod/ "ajp://127.0.0.1:8009/openspecimen-prod/"
Step 2: Restart the web server (Apache).
Step 3: Change the "Application URL" in settings as below:
https://<domain-name>/ => https://<domain-name>/<instance-name>/
Ex: https://test.openspecimen.org/ => https://test.openspecimen.org/openspecimen-test