Apache2 authentication module with many website and one redis cache

[Nicke]

Hi

Am trying out the new apache2 authentication module. I have a case where it does not really work the way I want and need suggestions how to solve it.

Am having a webserver with many sites that has basic apache2 authentication with the privacyidea apache2 client attached. Because the same redis server is running on this ubuntu 14.04 host it creates problem.

Privacyidea: aaa.example.com

Website 1: subdomain1.example.com

Website 2: subdomain2.example.com

When authenticating against subdomain1.example.com everything works as expected. redis is caching the authentication, "SETEX" "nicke" "300" "1234801509".

As probably expected, problems comes up when I now authenticate with the same username against subdomain2.example.com, my browser is asking for username and password and I supply a new one, redis is setting this new values in cache,  "SETEX" "nicke" "300" "1234453288".

I now need to login again against subdomain1.example.com because the password has been changed in the cache. And login again at subdomain2.example.com after that, and so on...

I can use both subdomain1.example.com and subdomain2.example.com at the same time if I use different usernames, but that is not a good way.

So any suggestion how to solve this? Some kind of prefixing depending on website in the redis cache?