You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It is currently not possible to set the SessionCookie to a specific path.
While trying to implement the Multi Tenancy functionality for a cloud based system I encountered the following problem.
Let's assume the application is to manage multiple tenants through one or more IDPs. In the service the individual tenants/customers are configured, for each tenant an own SAML middleware is created, which contains information regarding cookie, singnrequest, IDMetadata, certificate URL and others.
After a successful login, the cookie containing information about the SAML session should not be managed on domain level, but on path level.
It is currently not possible to set the SessionCookie to a specific path.
While trying to implement the Multi Tenancy functionality for a cloud based system I encountered the following problem.
Let's assume the application is to manage multiple tenants through one or more IDPs. In the service the individual tenants/customers are configured, for each tenant an own SAML middleware is created, which contains information regarding cookie, singnrequest, IDMetadata, certificate URL and others.
After a successful login, the cookie containing information about the SAML session should not be managed on domain level, but on path level.
Problem explained by URLs:
The cookie is created at "https://test-cloud.com:9090". Means the property path of the HttpCookie has the value "/".
A possible solution
The cookie is created under "https://test-cloud.com:9090/tenant-1" or "https://test-cloud.com:9090/tenant-2". That means the property path of the HttpCookie has the value "/tenant-1" or "/tenant-2".
Is there a possibility to define the path of the cookie dynamically, similar as it is possible with cookie name?
The text was updated successfully, but these errors were encountered: