[FOLIO-3921] Make snapshot environments run in "enhanced security mode" and remove LOGIN_COOKIE_SAMESITE Created: 01/Nov/23  Updated: 12/Nov/23

Status: Open
Project: FOLIO
Components: None
Affects versions: None
Fix versions: None

Type: Task Priority: TBD
Reporter: Steve Ellis Assignee: Steve Ellis
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Blocks
is blocked by FOLIO-3890 Implement RTR in folio-ansible Open
Defines
defines FOLIO-3926 Can't yet disable legacy token endpoi... Open
Sprint:
Development Team: None
RCA Group: TBD

 Description   

This might be a good idea because it is eventually what all of FOLIO will do once we fully depreciate the old authn/login endpoint.

Running in enhanced security mode means setting LEGACY_TOKEN_TENANTS in mod-authtoken to an empty string which means no tenant is a legacy token tenant.

We also need to change LOGIN_COOKIE_SAMESITE to None now that we have verified that Lax is working as expected.



 Comments   
Comment by Steve Ellis [ 10/Nov/23 ]

It was pointed out by Wayne Schneider that we can't yet disable the legacy endpoints. I'm reopening this and opening another PR to remove LOGIN_COOKIE_SAMESITE.

Generated at Thu Feb 08 23:31:45 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.