New special values for "domain" parameter (!469) · Merge requests · LemonLDAP NG / lemonldap-ng

Maxime Besson requested to merge fix-cookiedomain-3040 into v2.0 Mar 18, 2024

This MR is preliminary work for #3040 (closed)

it introduces new options for "domain":

empty string: means cookies are only valid for the portal itself. This might be used in some extremely specific situations (SAML/OIDC/CAS only + no manager)
#PORTAL#: use the same domain as the portal such as auth.example.com including subdomains
#PORTALDOMAIN#: use the parent domain of the portal, such as example.com

Once #3040 (closed) is complete, this work will allow the cookie domain to be completely derived from $req

We could even already make #PORTALDOMAIN# the default in new installs ? This way users will only have to change the "portal" variable in most situations.

New special values for "domain" parameter

Merge request reports