Hi, Thanks for the info. This is what I assumed.
I would just like to have this kind of flesh to the bones in the JIRA issues for later reference, why something has been done like is has been done - if it looks too obvious today. Thanks. Regards Felix On 25.08.2010 16:59, Justin Edelson wrote: > I suspect my use case is very specific and is intertwined with a few > other things, but basically... > > I make heavy use of workspaces in my CMS for content branches. > Subdomains of a parent domain are used to identify which workspace > should be used. Setting the auth cookie on the parent domain allows for > users to view content in different branches (workspaces) without > re-authenticating. > > Another use case (just thinking out loud here), would be to use Sling as > an SSO provider, again by setting the cookie on a parent domain and then > having a ServletFilter on each client application which check the cookie > against the Sling instance. It's no SAML, but would work. > > Justin > > > On 8/25/10 9:55 AM, Felix Meschberger wrote: >> Hi, >> >> Just for documentation and completeness sake: Can you please elaborate a >> bit on the use case etc. Thanks alot. >> >> (By no means questioning the request at all ;-) ). >> >> Regards >> Felix >> >> On 25.08.2010 15:11, Justin Edelson (JIRA) wrote: >>> form auth should be able to set the auth cookie on a specific domain >>> -------------------------------------------------------------------- >>> >>> Key: SLING-1695 >>> URL: https://issues.apache.org/jira/browse/SLING-1695 >>> Project: Sling >>> Issue Type: Improvement >>> Components: Authentication >>> Reporter: Justin Edelson >>> >>> >>> >>> > >
