SSO login after disabling shared sessions on sub-domains

Project:RUcore dlr/EDIT
Version:8.1
Component:Code
Category:bug report
Priority:normal
Assigned:triggs
Status:closed
Description

After disabling shared sessions on sub domains logging into dlr/EDIT is not working. Move to different solution for authenticating and authorizing using SSO that doesn't depend on session_id() to return a valid SSO session identifier.

Comments

#1

Version:7.7.2» 8.1

#2

Assigned to:triggs» ananthan
Status:active» test

This is fixed on rep-dev and should be ready to test on rep-test when the 8.1 code moves there.

#3

Assigned to:ananthan» chadmills

Need your help with testing this one.

#4

Assigned to:chadmills» dhoover

We we will need the cookie sharing between rep-test and rucore-test to be reconfigured so they are not shared. Bumping to Dave.

#5

Assigned to:dhoover» chadmills

Commented out the following in php.ini
;session.cookie_domain = .libraries.rutgers.edu

and restarted Apache on rep-test

#6

I notice just now that I'm getting redirected to rep-dev when I try to log into rep-test. ??

#7

Dave, thanks.

Jeffery, I am not seeing that behavior on rep-test.

#8

I got in by starting at the RUcore account page on rep-test. It seemed to be working.

#9

Tested by clearing all cookies. Logged into SSO. Noted the PHPSESSID value. I then went to dlr/EDIT and noted the PHPSESSID. They values are not the same anymore.

#10

Status:test» fixed

Confirmed rep-dev also is issuing separate PHPSESSID values. Marking fixed.

#11

Assigned to:chadmills» triggs

Jeffery, please make a note to have Dave change the cookie configuration during installation/rollout on rep-staging and rep-prod as part of the dlr/EDIT installation since dlr/EDIT has been dependent on this configuration in the past. Thanks.

#12

Commented out the following in php.ini
;session.cookie_domain = .libraries.rutgers.edu

and restarted Apache on rep-staging

#13

Status:fixed» closed

Back to top