When the gateway accepts a cookie with non-standard characters, ie: a colon, the below exception is generated

The following error message is logged when this failure occurs:

com.l7tech.server.SoapMessageProcessingServlet: Cookie name ""_bc_aa.*"" is a reserved token
java.lang.IllegalArgumentException: Cookie name ""_bc_aa.*"" is a reserved token

025-11-12T02:03:57.935+0000 SEVERE  975 com.l7tech.server.SoapMessageProcessingServlet: Cookie name ""_bc_aa.*"" is a reserved token
java.lang.IllegalArgumentException: Cookie name ""_bc_aa.*"" is a reserved token
        at javax.servlet.http.Cookie.<init>(Cookie.java:151)
        at com.l7tech.common.http.CookieUtils.toServletCookie(Unknown Source)
        at com.l7tech.server.policy.assertion.ServerCustomAssertionHolder.a(Unknown Source)

2020-02-17T14:55:37.289-0600 SEVERE  657 com.l7tech.server.SoapMessageProcessingServlet: Cookie name ""L7APIM"" is a reserved token

java.lang.IllegalArgumentException: Cookie name ""L7APIM"" is a reserved token

        at javax.servlet.http.Cookie.<init>(Cookie.java:192)

        at com.l7tech.common.http.CookieUtils.toServletCookie(Unknown Source)

        at com.l7tech.server.policy.assertion.ServerCustomAssertionHolder.a(Unknown Source)

        at com.l7tech.server.policy.assertion.ServerCustomAssertionHolder.access$600(Unknown Source)

        .....

Release : 9.x 10.x 11.x 

Component : Gateway

To allow these cookies to be accepted you will need to add the below parameter to the system.properties file and restart the Gateway  (/opt/SecureSpan/Gateway/node/default/etc/conf/system.properties)

org.glassfish.web.rfc2109_cookie_names_enforced=false

This allows the Gateway to bypass strict RFC 2109 compliance for cookie content.