Blob Blame History Raw
From 7f81371f55a4a28000675023ad949e217d22bea3 Mon Sep 17 00:00:00 2001
From: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
Date: Wed, 12 Sep 2018 20:05:34 +0200
Subject: [PATCH 11/11] oops: document OIDCStateMaxNumberOfCookies for release
 2.3.8

Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
(cherry picked from commit 406a4915d3747d4cfdc2283f287a99ba1c7b446a)
---
 auth_openidc.conf | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/auth_openidc.conf b/auth_openidc.conf
index eb83c24..48dd027 100644
--- a/auth_openidc.conf
+++ b/auth_openidc.conf
@@ -446,6 +446,13 @@
 # When not defined, no cookies are stripped.
 #OIDCStripCookies [<cookie-name>]+
 
+# Specify the maximum number of state cookies i.e. the maximum number of parallel outstanding
+# authentication requests. See: https://github.com/zmartzone/mod_auth_openidc/issues/331
+# Setting this to 0 means unlimited, until the browser or server gives up which is the
+# behavior of mod_auth_openidc < 2.3.8, which did not have this configuration option. 
+# When not defined, the default is 7.
+#OIDCStateMaxNumberOfCookies <number>
+
 ########################################################################################
 #
 # Session Settings (only relevant in an OpenID Connect Relying Party setup)
-- 
2.26.2