[FOLIO-3921] Make snapshot environments run in "enhanced security mode" and remove LOGIN_COOKIE_SAMESITE Created: 01/Nov/23 Updated: 12/Nov/23 |
|
| Status: | Open |
| Project: | FOLIO |
| Components: | None |
| Affects versions: | None |
| Fix versions: | None |
| Type: | Task | Priority: | TBD |
| Reporter: | Steve Ellis | Assignee: | Steve Ellis |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original estimate: | Not Specified | ||
| Issue links: |
|
||||||||||||||||
| Sprint: | |||||||||||||||||
| Development Team: | None | ||||||||||||||||
| RCA Group: | TBD | ||||||||||||||||
| Description |
|
This might be a good idea because it is eventually what all of FOLIO will do once we fully depreciate the old authn/login endpoint. Running in enhanced security mode means setting LEGACY_TOKEN_TENANTS in mod-authtoken to an empty string which means no tenant is a legacy token tenant. We also need to change LOGIN_COOKIE_SAMESITE to None now that we have verified that Lax is working as expected. |
| Comments |
| Comment by Steve Ellis [ 10/Nov/23 ] |
|
It was pointed out by Wayne Schneider that we can't yet disable the legacy endpoints. I'm reopening this and opening another PR to remove LOGIN_COOKIE_SAMESITE. |