Differences

This shows you the differences between two versions of the page.

--- general:saml-note-samesite [2020/10/15 08:48] – [Chrome SameSite Cookie Changes] sngr
+++ general:saml-note-samesite [2021/01/05 13:08] – [Stages impact] sngr
@@ Line 1: / Line 1: @@
 ====== Chrome SameSite Cookie Changes ======
-On July 14th 2020, Chrome rolled out a new behavior for all cookies (https://www.chromestatus.com/feature/5088147346030592).
+On July 14th 2020, Chrome rolled out a new behavior for all cookies: [[https://www.chromestatus.com/feature/5088147346030592|https://www.chromestatus.com/feature/5088147346030592]] This new mechanism has an effect on all web applications that use an SSO mechanism.
-This new mechanism has an effect on all web applications that use an SSO mechanism.
 ===== Stages impact =====
 Regarding Stages the change has an impact on the SAML login:
 If Stages is used with an SAML IDP and the user session was timed out, a browser refresh will lead into a redirect loop between the IDP and Stages.
 As a result the connection to the SAML IDP has to be secure (SSL) otherwise a login of the user is not possible. In any way this is the recommended configuration to connect with the IDP.
+__Configuration__
+In addition to the configuration of the SAML-Authentification in the //authentication// section of the config.xml, ensure that in the //config.properties// file ''saml.enabled = true'' is set. If not done after that, execute //update.bat / update.sh.//
+===== Summary =====
+It is obligatory to use a **secure** connection via HTTPS to the IDP when using SAML.
 ===== Fixed in Versions =====
 Newer than:
   * 7.4.6.1
   * 7.5.3.0
-  * future Releases
+  * future releases