surreal
5 months ago

Empty session(s) after (external) redirect?

Posted 5 months ago by surreal

Hi guys, currently I'm writing a silentauth SSO-check. 1st - Writing Session: session()->put('redirecturl',$_SERVER['REQUEST_URI']) 2nd - Redirect to external subdomain (SSO-Server) 3rd - Callback from SSO to /callback (POST-Route) So far last step (which doesnt work): redirect to sessionvalue "redirecturl". Just in general: Are sessions cleared or does the user get a new session-id when he gets redirected from server-A to server-B and back again from server-B to server-a? Whilst writing this there came another possible issue: Maybe the missing csrf token from the sso-response could be the reason?

Please sign in or create an account to participate in this conversation.