Uploaded image for project: 'Identity Provider'
  1. Identity Provider
  2. IDP-1058

Make HTMLLocalStorage key configurable

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.2.1
    • Fix Version/s: 3.3.0
    • Component/s: Clustering, Session
    • Labels:
      None
    • Operating System:
      Multiple

      Description

      Session cookies can be scoped on both domain and path.
      The HTML localstorage is accessible from every application hosted within the same domain. It is not possible to scope this on a path.

      If you host multiple IdP instances on the same domain, you must use different keys in the HTML localstorage. The key values are now hardcoded into /system/conf/global-system.xml:

      <bean id="shibboleth.ClientSessionStorageService"
      class="org.opensaml.storage.impl.client.ClientStorageService"
      p:httpServletRequest-ref="shibboleth.HttpServletRequest"
      p:cookieManager-ref="shibboleth.CookieManager"
      p:storageName="shib_idp_session_ss"
      p:dataSealer-ref="shibboleth.DataSealer" />

      <bean id="shibboleth.ClientPersistentStorageService"
      class="org.opensaml.storage.impl.client.ClientStorageService"
      p:httpServletRequest-ref="shibboleth.HttpServletRequest"
      p:cookieManager-ref="shibboleth.PersistentCookieManager"
      p:storageName="shib_idp_persistent_ss"
      p:dataSealer-ref="shibboleth.DataSealer"
      p:keyStrategy-ref="shibboleth.DataSealerKeyStrategy" />

      Is it possible to expose those keys as properties in idp.properties so you can use different keys per instance?

        Attachments

          Activity

            People

            Assignee:
            cantor.2@osu.edu Scott Cantor
            Reporter:
            u0049933@kuleuven.be u0049933@kuleuven.be
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 1 hour
                1h
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 10 minutes Time Not Required
                10m