Uploaded image for project: 'Identity Gateway'
  1. Identity Gateway
  2. OPENIG-3104

OPENIG-3104 Provide secure and httpOnly options to the config of the CrossDomainSingleSignOnFilter and set httpOnly for JWTCookieSession

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 6.0.0, 6.1.0
    • Fix Version/s: 6.5.0
    • Component/s: OpenAM
    • Labels:
    • Environment:
      IG doing CDSSO with AM
    • Support Ticket IDs:
    • Story Points:
      3

      Description

      For additional security, it would be good to be able to specify in configuration that the authCookie generated by the CrossDomainSingleSignOnFilter and the JWTCookieSession cookie be able to have the secure and/or httpOnly options set.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              markdr Mark de Reeper
              Reporter:
              markdr Mark de Reeper
              Votes:
              1 Vote for this issue
              Watchers:
              6 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: