[keycloak-dev] Configurable cookie names
Martin Hardselius
martin.hardselius at gmail.com
Mon Oct 3 09:05:22 EDT 2016
It's certainly not needed, more of a nice-to-have that came up during
discussions about our deployment. As for #2, it might be more of a
security-by-obscurity thing. Wanting to make it a bit harder to figure out
what kind of stack you are running seems like a legitimate wish.
On Mon, 3 Oct 2016 at 13:29 Stian Thorgersen <sthorger at redhat.com> wrote:
> Not sure I see the need for this. What "product branding" are you
> referring to? Not sure about #2 either. Are you talking from a security
> perspective?
>
> On 30 September 2016 at 14:07, Martin Hardselius <
> martin.hardselius at gmail.com> wrote:
>
> What are your thoughts on configurable cookie names (or other visible
> references to Keycloak)? I.e a way to override e.g "KEYCLOAK_SESSION" with
> "MYCOMPANY_SESSION". The use case being
>
> 1. Product branding
> 2. Making it harder to figure out exactly which technology that's used
> behind the scenes
>
> Regards,
> Martin
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>
>
More information about the keycloak-dev
mailing list