Werk #16126: Ignore invalid session cookie for header-auth
| Component | Setup | ||||
| Title | Ignore invalid session cookie for header-auth | ||||
| Date | Sep 19, 2023 | ||||
| Level | Trivial Change | ||||
| Class | Bug Fix | ||||
| Compatibility | Compatible - no manual interaction needed | ||||
| Checkmk versions & editions |
|
When an user logged in via HTTP header authentication (e.g. the legacy SAML method with mod_auth_mellon) and that user had a session cookie from a previous session which is now invalid the creation of a new session was aborted. This Werk fixes this so previous session cookies are ignored if they are invalid and a new session will be created.