It's obviously more secure and therefore better as a default.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3275 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3274 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3273 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3271 44740490-163a-0410-bde0-09ae8108e29a

Thanks to Synacor, Inc. for providing this patch!

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3025 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2888 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2497 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2494 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2416 44740490-163a-0410-bde0-09ae8108e29a

Adds options to control the various session cookie parameters, and
changes users of setcookie to use those options instead.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2381 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2190 44740490-163a-0410-bde0-09ae8108e29a

This patch removes the autodetection of the secure flag for the cookie
based on whether the user is accessing simpleSAMLphp through https. The
reason for this is that the user can often access an SP through both
https and http. If the user starts with http, everything will work, but
if the user starts with https, the user will get two separate cookies,
one for https and one for http.

This patch introduces a new configuration option in config.php:

    /*
     * Set the secure flag in the cookie.
     *
     * Set this to TRUE if the user only accesses your service
     * through https. If the user can access the service through
     * both http and https, this must be set to FALSE.
     */
    'session.cookie.secure' => FALSE,

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2180 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2014 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1788 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1665 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@610 44740490-163a-0410-bde0-09ae8108e29a

Allow session_save_path to be overridden by setting the session.phpsession.savepath option in config.php.


git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@556 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@552 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@403 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@222 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@124 44740490-163a-0410-bde0-09ae8108e29a

SessionHandlerPHP: Check if a key exists in the session before trying to access it (in order to avoid notice-messages in the log).


git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@88 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@85 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@84 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@81 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@76 44740490-163a-0410-bde0-09ae8108e29a