From 2d20f539ec587b2e774976a23fef53438a934580 Mon Sep 17 00:00:00 2001 From: Chris Moore <107723039+cwillum@users.noreply.github.com> Date: Wed, 3 May 2023 10:05:29 -0700 Subject: [PATCH] Fix cookie-splitting setting example for SAML backend documentation (#3949) * fix#3947 cookie splitting fix Signed-off-by: cwillum * fix#3947 cookie splitting fix Signed-off-by: cwillum --------- Signed-off-by: cwillum --- _security/authentication-backends/openid-connect.md | 2 +- _security/authentication-backends/saml.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/_security/authentication-backends/openid-connect.md b/_security/authentication-backends/openid-connect.md index 093dcdad..63d8da50 100755 --- a/_security/authentication-backends/openid-connect.md +++ b/_security/authentication-backends/openid-connect.md @@ -337,7 +337,7 @@ To include OpenID Connect with other authentication types in the Dashboards sign #### Session management with additional cookies -To improve session management—especially for users who have multiple roles assigned to them—Dashboards provides an option to split cookie payloads into multiple cookies and then recombine the payloads when receiving them. This can help prevent larger OpenID Connect assertions from exceeding size limits for each cookie. The two settings in the following example allow you to set a prefix name for additional cookies and specify the number of them. The default number of additional cookies is three: +To improve session management---especially for users who have multiple roles assigned to them---Dashboards provides an option to split cookie payloads into multiple cookies and then recombine the payloads when receiving them. This can help prevent larger OpenID Connect assertions from exceeding size limits for each cookie. The two settings in the following example allow you to set a prefix name for additional cookies and specify the number of them. They are added to the `opensearch_dashboards.yml` file. The default number of additional cookies is three: ```yml opensearch_security.openid.extra_storage.cookie_prefix: security_authentication_oidc diff --git a/_security/authentication-backends/saml.md b/_security/authentication-backends/saml.md index 93c50ed2..e3406a0c 100755 --- a/_security/authentication-backends/saml.md +++ b/_security/authentication-backends/saml.md @@ -337,10 +337,10 @@ To include SAML with other authentication types in the Dashboards sign-in window #### Session management with additional cookies -To improve session management—especially for users who have multiple roles assigned to them—Dashboards provides an option to split cookie payloads into multiple cookies and then recombine the payloads when receiving them. This can help prevent larger SAML assertions from exceeding size limits for each cookie. The two settings in the following example allow you to set a prefix name for additional cookies and specify the number of them. The default number of additional cookies is three: +To improve session management---especially for users who have multiple roles assigned to them---Dashboards provides an option to split cookie payloads into multiple cookies and then recombine the payloads when receiving them. This can help prevent larger SAML assertions from exceeding size limits for each cookie. The two settings in the following example allow you to set a prefix name for additional cookies and specify the number of them. They are added to the `opensearch_dashboards.yml` file. The default number of additional cookies is three: ```yml -opensearch_security.saml.extra_storage.cookie_prefix: security_authentication_oidc +opensearch_security.saml.extra_storage.cookie_prefix: security_authentication_saml opensearch_security.saml.extra_storage.additional_cookies: 3 ```