ScadaBridge

Files

T

Joseph Doherty 15752f8c2d fix(security): make auth cookie name configurable, override per env

The auth cookie name was hardcoded to ZB.MOM.WW.ScadaBridge.Auth. Because
browser cookies are scoped by host+path but NOT by port, two ScadaBridge
clusters on the same host (the local docker stack on localhost:9000 and
docker-env2 on localhost:9100) shared one cookie jar: signing into one
overwrote the other's cookie, and since the clusters use different JWT
signing keys + separate Data Protection key rings, the overwritten side
could no longer validate its cookie and the session died.

Add SecurityOptions.CookieName (default = canonical ZB.MOM.WW.ScadaBridge.Auth,
blank falls back to the default) applied via the SecurityOptions-bound cookie
PostConfigure. Override it to ...Auth.env2 in both docker-env2 Central nodes so
the two local clusters no longer collide; the primary cluster keeps the default
so its live sessions and production are unaffected. Adds 3 Security.Tests cases.

2026-06-03 13:11:29 -04:00

AuthorizationPolicies.cs

docs: complete XML doc coverage (returns, summaries, inheritdoc)

2026-06-03 11:39:32 -04:00

HttpAuditActorAccessor.cs

feat(audit): ScadaBridge IAuditActorAccessor + wire audit Actor from Auth principal at authenticated emit sites (Phase 3)

2026-06-02 15:33:01 -04:00

JwtTokenService.cs

docs: complete XML doc coverage (returns, summaries, inheritdoc)

2026-06-03 11:39:32 -04:00

LdapAuthFailureMessages.cs

feat(auth): cut ScadaBridge over to ZB.MOM.WW.Auth.Ldap; nest+rename Ldap config; roles+sitescope via IGroupRoleMapper (Task 1.2/1.4)