<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="fr" xml:lang="fr"> <head> <meta name="generator" content= "HTML Tidy for Linux/x86 (vers 7 December 2008), see www.w3.org" /> <title>Lemonldap::NG documentation: 4.9-Cross-domain-authentication.html</title> <meta http-equiv="Content-Type" content="text/html; charset=us-ascii" /> <style type="text/css"> /*<![CDATA[*/ body{ background: #ddd; font-family: sans-serif; font-size: 11pt; padding: 0 50px; } div.main-content{ padding: 10px; background: #fff; border: 2px #ccc solid; } a{ text-decoration: none; } p.footer{ text-align: center; margin: 5px 0 0 0; } .heading-1{ text-align: center; color: orange; font-variant: small-caps; font-size: 20pt; } .heading-1-1{ color: orange; font-size: 14pt; border-bottom: 2px #ccc solid; } pre{ background: #eee; border: 2px #ccc solid; padding: 5px; border-left: 10px #ccc solid; } ul.star li{ list-style-type: square; } /*]]>*/ </style> </head> <body> <div class="main-content"> <h2 class="heading-1"><span id="HCrossdomainauthentication">Cross-domain authentication</span></h2> <p class="paragraph"></p> <ul> <li><a href="#HPresentation">Presentation</a></li> <li><a href="#HConfigureLemonLDAP3A3ANG">Configure LemonLDAP::NG</a></li> </ul> <h3 class="heading-1-1"><span id="HPresentation">Presentation</span></h3> <p class="paragraph"></p>Cookies are only sent to sites within the same domain. So if "auth.example.com " is your portal, it would have created a cookie only for ".example.com": the SSO will work for test.example.com but not for test.acme.com. <p class="paragraph"></p>To bypass this, LemonLDAP::NG propose CDA: Cross-Domain Authentication. It will create cookies on all protected domains. <h3 class="heading-1-1"><span id="HConfigureLemonLDAP3A3ANG">Configure LemonLDAP::NG</span></h3> <p class="paragraph"></p>In Manager, go in General Parameters > Cookies > Multiple domain and active the functionality. <p class="paragraph"></p>To use this feature only locally, edit <strong class="strong">lemonldap-ng.ini</strong> and in section [all] add the cda parameter: <div class="code"> <pre> [all] cda = 1 </pre> </div> </div> <p class="footer"><a href="index.html">Index</a></p> </body> </html>