SSO Issues with OpenID / Azure
From Magnolia 6.2.10
, in your Tomcat configuration, make sure that the CookieProcessor
component does not have the sameSiteCookies
property set to strict
. Instead, set the property to Lax
:
Tomcat
<CookieProcessor sameSiteCookies="Lax" /> (1)
1 | sameSiteCookies set to Lax instead of strict . |
If the CookieProcessor with sameSiteCookies set to strict , you will likely encounter issues while trying to log into Magnolia. If you decide to continue using the SSO Module, you need to know that setting this cookie to Lax has the potential to impact site security.
|