Le 21 mai 2019 21:40:35 GMT+02:00, Guilhem Moulin <guil...@debian.org> a écrit :
>Hi Xavier,
>
> # Load session data into object
> if ($data) {
>+ if ( $self->kind ) {
>+ unless ( $data->{_session_kind} eq $self->kind ) {
>+ $self->error("Session kind mistmatch");
>+ return undef;
>+ }
>+ }
>
>Doesn't that break CDA in 1.9.7-3+deb9u1? At least I'm no longer able
>to access a protected application under domains other than the portal.
>
>Error output shows occurrences of “Session kind mistmatch” instead, and
>further debugging suggests that $data->{_session_kind} is "CDA" while
>$self->kind is "SSO" in the execution flow that yields access denial.
Hello,
It seems that Clément has fixed something related to that feature. Could you
try
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/commit/deff50f072c64898d1204daa28c01fdcc7275ea4
?
If it's OK, I'll propose a stretch update
--
Send with my EELO / K-9 Mail
