Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
| general:saml-note-samesite [2020/10/15 07:12] – created sngr | general:saml-note-samesite [2024/02/15 00:00] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== | + | ====== |
| + | On July 14th 2020, Chrome rolled out a new behavior for all cookies: [[https:// | ||
| + | |||
| + | ===== Stages impact ===== | ||
| - | On July 14th 2020, Chrome rolled out a new behavior for all cookies (https:// | ||
| - | This new mechanism has an effect on all web applications that use an SSO mechanism. | ||
| Regarding Stages the change has an impact on the SAML login: | Regarding Stages the change has an impact on the SAML login: | ||
| + | |||
| If Stages is used with an SAML IDP and the user session was timed out, a browser refresh will lead into a redirect loop between the IDP and Stages. | If Stages is used with an SAML IDP and the user session was timed out, a browser refresh will lead into a redirect loop between the IDP and Stages. | ||
| + | |||
| As a result the connection to the SAML IDP has to be secure (SSL) otherwise a login of the user is not possible. In any way this is the recommended configuration to connect with the IDP. | As a result the connection to the SAML IDP has to be secure (SSL) otherwise a login of the user is not possible. In any way this is the recommended configuration to connect with the IDP. | ||
| + | |||
| + | __Configuration__ | ||
| + | |||
| + | In addition to the configuration of the SAML-Authentification in the // | ||
| + | |||
| + | |||
| + | ===== Summary ===== | ||
| + | |||
| + | It is obligatory to use a **secure** connection via HTTPS to the IDP when using SAML. | ||
| + | ===== Fixed in Versions ===== | ||
| + | |||
| + | Newer than: | ||
| + | |||
| + | * 7.4.6.1 | ||
| + | * 7.5.3.0 | ||
| + | * future releases | ||
| + | |||
| + | |||