Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-8956

Ability to rename the authId cookie

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 13.0.0, 13.5.0, 13.5.1, 14.0.0, 14.1.0, 14.1.1, 14.5.0, 14.5.1, 5.5.1
    • Fix Version/s: None
    • Component/s: authentication, XUI
    • Labels:
    • Environment:
      OpenAM 13
    • Support Ticket IDs:

      Description

      There should be a parameter to change the default "authId" cookie name. One reason for that is that in a federation scenario with a couple of OpenAM instances in the same DNS domain, one instance acting as IdP and the other one as SP, SP initiated SSO fails because the authId cookie issued by the SP will be sent to the IdP, which will confuse it and make authentication fails.
      Another reason would be security: for the same reason it's recommended to change the default SSO cookie name.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                cgrosjean Cyril Grosjean
              • Votes:
                1 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated: