Closed Faryshta closed 8 years ago
Faryshta
commented
8 years ago how to reproduce.
access frontend.example.com and login. then go to backend.example.com it should log you in automatically. finally log out from any of those subdomains. it won't log you out from the other
samdark
commented
8 years ago Backend and frontend were meant to have separate logins.
samdark
commented
8 years ago It still could be mentioned... need thing about how exactly.
Faryshta
commented
8 years ago it was just an example, you can try it with any other word replacing backend and frontend.
access section1.example.com and login. then go to section2.example.com it should log you in automatically. finally log out from any of those subdomains. it won't log you out from the other
samdark
commented
8 years ago In general it should not. If these are separated, there's often a reason. Extra security measures etc.
Faryshta
commented
8 years ago i know but that part of the cookbook is about logging in on a subdmain and automatically getting logged on another part of the system.
you can add a disclaimer that there are security reasons not to do that but that part is about exactly that
samdark
commented
8 years ago Merged. Thank you!
the documented example doesn't allow properly login/logout between submains, the session must be organized so that it works the same among the subdomains where the user identity cookie is active.