Hi, the scenario is that we host 3 different CI apps that uses ion_auth for authentication module, and all 3 are hosted on the same server. The 3 has its own database where ion_auth should look for matching credentials
for example we have
app1's admin is : 'admin@app.com', with db : 'app1_db', url : '192.168.1.100/app1'
app2's admin is : 'admin@app.com', with db : 'app2_db', url : '192.168.1.100/app2'
app1's admin password is : 'monkey' while app2's admin password is different, say : 'horse'
If app1's admin login succesfully to the app1 system, the current behaviour is that if he types url to app2, he app1's admin can also access app2 system too
I don't think this is the intended behaviour. Problem is, maybe I don't know how to make separation among these 3 CI apps correctly. I'd thought by having separate databases for credentials is sufficient. Maybe there's something with sessions that can be done ?
for example we have
app1's admin is : 'admin@app.com', with db : 'app1_db', url : '192.168.1.100/app1'
app2's admin is : 'admin@app.com', with db : 'app2_db', url : '192.168.1.100/app2'
app1's admin password is : 'monkey' while app2's admin password is different, say : 'horse'
If app1's admin login succesfully to the app1 system, the current behaviour is that if he types url to app2, he app1's admin can also access app2 system too
I don't think this is the intended behaviour. Problem is, maybe I don't know how to make separation among these 3 CI apps correctly. I'd thought by having separate databases for credentials is sufficient. Maybe there's something with sessions that can be done ?