mod_auth_tkt
mod_auth_tkt copied to clipboard
gavincarr
Lightweight single-signon authentication module for Apache
Hi, do you plan to add SameSite=[Lax|Strict] for authentication cookies?
As far as I was able to tell, the cookie only has 4 bytes for the client IP address, meaning that IPv6 could be an issue. I propose an update...
For an additional layer of security the cookie hash could include the User-Agent, so to have a bit more confidence, it's the same browser using the cookie, that has been...
Would you/your employer please consider re-releasing this code under the Apache License 2.0 (https://www.apache.org/licenses/LICENSE-2.0.html) The current license (Apache License 1.0) with the 'advertising clause' is incompatible with the BSD 3-clause...
The configure script doesn't correctly handle locating the mandir directory, and uses the MANPATH environment variable directly - which breaks if MANPATH is a true path with multiple path entries....
At the moment get_domain() will strip the port number from the original Host header, meaning that subsequent functions that use the header will find it missing the port number. For...
This addresses https://rt.cpan.org/Public/Bug/Display.html?id=98991
Hi, It would be nice to have reversal of encode function in mod_auth_tkt / contrib / auth_ticket.inc.php.
Hi, I am using python here, whenever I create the cookie with the userid (UID) with the email it breaks, it works fine with other strings but with the @...
this would be to complete the patch Charlie Brady did submit to you years ago for X-Forward-Host. please find attached a patch that allow to add X-Forward-Proto directive in order...
