The Session ID of the Broker and ajax-Broker is different
xiaojunlu opened this issue · comments
broker: a.com
ajax-broker: b.com
When I set above,I find their session id is different!when I Have logged in a.com, b.com can not gets the logged in status。
you can help me figure out why?
The session id of the brokers are not relevant. Only the session id of the SSO server matter. You don't need to start a session on the broker. Each broker generates creates an sso_token
and sso_verify
cookie.
For questions that aren't (reproducible) bugs, please use stackoverflow. If you're question isn't answered by the community in a couple of days, I'll surely pick it up (just put Jasny in the title).
Hello there @jasny , I'm running into the same issue.
I got my SSO server setup in a.com
, which also has a broker setup and I've got another broker in b.com
When using only browser redirect, I can see in the sso server logs
Broker request with session {"broker":"brokerAName","token":"a","session":"a"}
Broker request with session {"broker":"brokerBName","token":"b","session":"a"}
And everything is fine.
But when I do an ajax call for the attach from broker b , I see the following log in the SSO server
Broker request with session {"broker":"brokerBName","token":"b","session":"c"}
I followed the implementation of the demo/ajax-broker and I'm really wondering what I did wrong.
I think that's what @xiaojunlu meant by different session Id, it's the SSO Server session that is different.
Any help would be appreciated !
Thanks !
Same problem here - every broker gets their own server session.