Single Signon does not work with SameSite=Strict cookies #20038
Labels
Comments
wezell
added a commit
that referenced
this issue
Mar 5, 2021
dsilvam
pushed a commit
that referenced
this issue
Mar 5, 2021
dsilvam
added a commit
that referenced
this issue
Mar 18, 2021
* Fixing Task201014UpdateColumnsValueInIdentifierTableTest (#20026) * Fixing test * run-all * Refactoring validations after code review suggestion * run-all Co-authored-by: Nollymar Longa <> * Updating core-web version * new core-web artifact * 19992 rebuild es client on illegal state exception (#20014) * #1992 Rebuild REST High Level Client if Reactor stopped * #1992 remove not-needed code * #1992 remove not-needed code * #19992 Default impl for rebuildClient. Move rebuilding to seperate catch * #19992 Rebuild client on IllegalState Reactor wrapped and unwrapped * #19992 null-check Co-authored-by: Daniel Silva <daniel.silva@dotcms.com> * Update coreWebReleaseVersion * Issue 20038 samesite strict (#20051) * #20038 redirect using html form * #20038 html based redirect * Updating starter version to 20210305 * new core-web version * Update coreWebReleaseVersion * #19772 Avoid Login when a logout request is sent (#20037) * #19772 Avoid Login when a logout request is sent * #19772 Add test to the MainSuite * #20058 turn on security options (#20061) * Upgrade saml to 21.03 (#20070) * #20063 sending cookies httponly and secure (#20065) * Issue 19934 adding folder to root throws a jsp error (#20073) * If folder is newly not show the permission tab * #19934 Format * Fix tests oracle (#20054) * Fix ContentletWebAPIImplIntegrationTest * replace null with empty string * Remove extra folder extension * run-all * Upgrade saml 21.03 (#20076) * Upgrade saml to 21.03 * upgrade saml to 21.03.1 * Change order of Mapping test. Decrease time in other tests. Move IT t… (#20072) * Change order of Mapping test. Decrease time in other tests. Move IT to Unit * Attempt removing getting-started-layout by id and name * Missing changes * #19683 Create endpoint to get the create content url * Fixing test (#20086) * Fixing test * Fixing test * Update .gitmodules * Find getting started layout by name instead of id (#20092) * Changing the logic to get the Getting Starter portlet layout. Now, it searches by name instead of id * Updating starter version Co-authored-by: Nollymar Longa <> * Updte image api url in gs portlet * Issue 20098 send page mimetype if is page (#20099) * #20058 turn on security options * #20098 this sets the mime type to a page if the url is a page in dotCMS * Remove same height container fix * Update .gitmodules * Update gradle.properties * Update gradle.properties Co-authored-by: Nollymar Longa <nollymar.longa@dotcms.com> Co-authored-by: Nollymar Longa <> Co-authored-by: Will Ezell <will@dotcms.com> Co-authored-by: Freddy Montes <freddymontes@gmail.com> Co-authored-by: dotcmsbuild <dotcmsbuild@dotcms.com> Co-authored-by: Freddy Rodriguez <freddy0309@gmail.com> Co-authored-by: Jonathan <jonathan.sanchez@dotcms.com> Co-authored-by: erickgonzalez <erick.gonzalez@dotcms.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
If you set your cookie policy in tomcat to
SameSite=Strictand try to use our single sign on tools such as saml or oauth, they do not function as you'd expect - this is because on the initial redirect, the browser is not storing the session cookie as it is just a redirect. In these cases, we need to replace the redirect with a HTML Meta redirect.The text was updated successfully, but these errors were encountered: