When I logout in cms, the system will redirect to lms. But I type the cms url in my browser, the user doesn’t logout.
@guangyaw, a change was introduced in the Ironwood release to use the LMS login authentication for Studio. However, for that to work properly, LMS and Studio have to be on cookie-compatible domains. Is that the case in your setup? If they aren’t, you can set the DISABLE_STUDIO_SSO_OVER_LMS feature flag to True to disable the LMS SSO and use the Studio login and logout pages.
2 Likes
If I would like to meet the request: ‘LMS and Studio have to be on cookie-compatible domains’,
Could you please give me some advice ?
(My lms url: xhome.mydomain.com ,
My cms url: xstudio.mydomain.com )
@guangyaw, here is an example of obviously cookie-compatible domains.
- LMS - mydomain.com
- Studio - studio.mydomain.com
(My lms url: xhome.mydomain.com ,
My cms url: xstudio.mydomain.com )
Since these domains share a common sub-domain, you can make them cookie-compatible by configuring LMS (via EDXAPP_SESSION_COOKIE_DOMAIN) to set the cookie for the .mydomain.com domain.
However, if there are other sub-domains, sites using the mydomain.com domain in some form, this could potentially lead to issues or security issues. So you will have to be careful with doing so in this case.