Loading...

Log In
Closed

XML

Word

Printable

Type: Suggestion
Resolution: Fixed
Fix Version/s: 1.5.1
Component/s: Integration/Connectors
Labels:
None

It would be good to have the option of setting the secure flag on the SSO cookie.

I understand about the requesting IP address being checked against an existing token, thats good but not bullet proof. Making the cookie secure will also help.

relates to

CWD-1040 Crowd session tokens need to be random and unique to avoid Session Hijacking!!!

Closed

Assignee:: Unassigned
Reporter:: Matthew Leather
Votes:: 1 Vote for this issue
Watchers:: 1 Start watching this issue

Created:: 03/Mar/2008 4:53 AM
Updated:: 19/Sep/2019 5:51 AM
Resolved:: 05/Sep/2008 7:05 AM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates