Allow drupalauth4ssp Cookie on subdomains

Created on 19 June 2020, over 4 years ago

Updated 7 November 2023, about 1 year ago

If you set up the SimpleSAMLphp instance on a subdomain of the Drupal instance, the integration via drupalauth4ssp fails, because the cookie set by the module is not accessible by the SimpleSAMLphp instance.

Are there any security issues with making the cookie accessible to subdomains of the Drupal instance? I could think of none.

The attached patch introduces a new option in the module's configuration, which makes the cookie accessible from subdomains of the Drupal instance. This way, if the SimpleSAMLphp instance runs on a subdomain, the integration still succeeds.

✨ Feature request

Status

Closed: outdated

Version

1.1

Component

Code

Created by

🇩🇪Germany lukas_w

Live updates comments and jobs are added and updated live.

Incomplete comments

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Comment about 1 year ago →
🇳🇿New Zealand RoSk0 Wellington
Cookie is no longer used in this module.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024