Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
general:saml-note-samesite [2020/10/15 07:12] – created sngr | general:saml-note-samesite [2024/02/15 00:00] (current) – external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== | + | ====== |
+ | On July 14th 2020, Chrome rolled out a new behavior for all cookies: [[https:// | ||
+ | |||
+ | ===== Stages impact ===== | ||
- | On July 14th 2020, Chrome rolled out a new behavior for all cookies (https:// | ||
- | This new mechanism has an effect on all web applications that use an SSO mechanism. | ||
Regarding Stages the change has an impact on the SAML login: | Regarding Stages the change has an impact on the SAML login: | ||
+ | |||
If Stages is used with an SAML IDP and the user session was timed out, a browser refresh will lead into a redirect loop between the IDP and Stages. | If Stages is used with an SAML IDP and the user session was timed out, a browser refresh will lead into a redirect loop between the IDP and Stages. | ||
+ | |||
As a result the connection to the SAML IDP has to be secure (SSL) otherwise a login of the user is not possible. In any way this is the recommended configuration to connect with the IDP. | As a result the connection to the SAML IDP has to be secure (SSL) otherwise a login of the user is not possible. In any way this is the recommended configuration to connect with the IDP. | ||
+ | |||
+ | __Configuration__ | ||
+ | |||
+ | In addition to the configuration of the SAML-Authentification in the // | ||
+ | |||
+ | |||
+ | ===== Summary ===== | ||
+ | |||
+ | It is obligatory to use a **secure** connection via HTTPS to the IDP when using SAML. | ||
+ | ===== Fixed in Versions ===== | ||
+ | |||
+ | Newer than: | ||
+ | |||
+ | * 7.4.6.1 | ||
+ | * 7.5.3.0 | ||
+ | * future releases | ||
+ | |||
+ |