Option LoginReplaceGroups specifies that if a user authenticates a second time against an existing session, the group memberships assigned for the second authentication should replace any existing group memberships of the first instead of being merged with the existing group memberships.
When users authenticate to EZproxy for the first time, new sessions are created and the users are assigned EZproxy group memberships. If users try to access resources outside of their group memberships, they may be challenged to log in again. Normally, if users are able to authenticate to other accounts that are authorized for the previously unauthorized resources, EZproxy will merge the group memberships of their original session and their group memberships. When this option is active, EZproxy changes its behavior so that it will replace the old group memberships with the new group memberships instead of merging the two group memberships.
Option LoginReplaceGroups is a non-repeatable position-independent config.txt directive.
- Direct EZproxy to replace group memberships for users who authenticate twice in the same session.