-
Suggestion
-
Resolution: Fixed
-
None
It would be good to have the option of setting the secure flag on the SSO cookie.
I understand about the requesting IP address being checked against an existing token, thats good but not bullet proof. Making the cookie secure will also help.
- relates to
-
CWD-1040 Crowd session tokens need to be random and unique to avoid Session Hijacking!!!
-
- Closed
-
[CWD-893] Option to set secure flag on SSO cookie
| Workflow | Original: JAC Suggestion Workflow [ 3389238 ] | New: JAC Suggestion Workflow 3 [ 3629663 ] |
| Status | Original: RESOLVED [ 5 ] | New: Closed [ 6 ] |
| Workflow | Original: Simplified Crowd Development Workflow v2 [ 1391214 ] | New: JAC Suggestion Workflow [ 3389238 ] |
| Assignee | Original: David O'Flynn [Atlassian] [ doflynn ] | |
| Issue Type | Original: Improvement [ 4 ] | New: Suggestion [ 10000 ] |
| Workflow | Original: Crowd Development Workflow v2 [ 272394 ] | New: Simplified Crowd Development Workflow v2 [ 1391214 ] |
| Workflow | Original: Feature Request Workflow [ 173608 ] | New: Crowd Development Workflow v2 [ 272394 ] |
Justin Koke
made changes -
| Workflow | Original: jira [ 123229 ] | New: Feature Request Workflow [ 173608 ] |
David O'Flynn [Atlassian]
made changes -
David O'Flynn [Atlassian]
made changes -
| Resolution | New: Fixed [ 1 ] | |
| Status | Original: Open [ 1 ] | New: Resolved [ 5 ] |
| Fix Version/s | New: 1.5.1 [ 14210 ] |
Matthew Leather
created issue -