Hi Nicke,you are right, the implementation does not distinguish between different hosts or different directories.I guess the best would be, to distinguish per directory. Kind regardsCornelius
Cornelius KölbelCornelius.firstname.lastname@example.org+49 151 2960 1417
NetKnights GmbHhttp://netknights.itLandgraf-Karl-Str. 19, 34131 Kassel, GermanyTel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405Geschäftsführer: Cornelius Kölbel-------- Ursprüngliche Nachricht --------
Von: Nicke email@example.com
Datum: 12.06.2015 10:03 (GMT+01:00)
Betreff: Apache2 authentication module with many website and one redis cache
HiAm trying out the new apache2 authentication module. I have a case where it does not really work the way I want and need suggestions how to solve it.Am having a webserver with many sites that has basic apache2 authentication with the privacyidea apache2 client attached. Because the same redis server is running on this ubuntu 14.04 host it creates problem.
Privacyidea: aaa.example.comWebsite 1: subdomain1.example.comWebsite 2: subdomain2.example.com
When authenticating against subdomain1.example.com everything works as expected. redis is caching the authentication, “SETEX” “nicke” “300” “1234801509”.As probably expected, problems comes up when I now authenticate with the same username against subdomain2.example.com, my browser is asking for username and password and I supply a new one, redis is setting this new values in cache, “SETEX” “nicke” “300” “1234453288”.I now need to login again against subdomain1.example.com because the password has been changed in the cache. And login again at subdomain2.example.com after that, and so on…
I can use both subdomain1.example.com and subdomain2.example.com at the same time if I use different usernames, but that is not a good way.So any suggestion how to solve this? Some kind of prefixing depending on website in the redis cache?
You received this message because you are subscribed to the Google Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send an email to firstname.lastname@example.org.
To post to this group, send email to email@example.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/privacyidea/f8e9cd88-1a38-407a-8f89-f39f42304954%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.