Scratch my ASIDE... I was thinking about the fact that the App server sits on Tier #2 of an N-tier architecture w/ a Private IP... with the RP tier being the one incoming requests come to... but in such a case the IP could be set to the RP tier which is fine to set as a cookie domain value...
... again all this is moot in our case because we have one web app on multiple physical servers i.e. multiple IP address... .
[Message sent by forum member 'ngsunw']
http://forums.java.net/jive/thread.jspa?messageID=477313