Cross-domain authentication

Presentation

Cookies are only sent to sites within the same domain. So if "auth.example.com " is your portal, it would have created a cookie only for ".example.com": the SSO will work for test.example.com but not for test.acme.com.

To bypass this, LemonLDAP::NG propose CDA: Cross-Domain Authentication. It will create cookies on all protected domains.

Configure Handler

Just add "cda => 1" in constructor, in handler/MyHandler.pm:

package My::Package;
use Lemonldap::NG::Handler::SharedConf;
@ISA = qw(Lemonldap::NG::Handler::SharedConf);

PACKAGE->init( { cda => 1, } ); 1;

Configure Portal

Just add "cda => 1" in constructor, in portal/index.pl:

my $portal = Lemonldap::NG::Portal::SharedConf->new(
    {
     cda => 1,
    });