Werk #16126: Ignore invalid session cookie for header-auth
Component | Setup | ||||||
Title | Ignore invalid session cookie for header-auth | ||||||
Date | Sep 19, 2023 | ||||||
Level | Trivial Change | ||||||
Class | Bug Fix | ||||||
Compatibility | Compatible - no manual interaction needed | ||||||
Checkmk versions & editions |
|
When an user logged in via HTTP header authentication (e.g. the legacy SAML method with mod_auth_mellon) and that user had a session cookie from a previous session which is now invalid the creation of a new session was aborted. This Werk fixes this so previous session cookies are ignored if they are invalid and a new session will be created.