Reputation: 759
Siteminder and SameSite Cookie attribute
We are using CA Siteminder as our IdP and for SSO, which creates the SMSESSION cookie. It is also setting SameSite=None and Secure attributes.
All browsers are cooperating except older versions of Safari (like 12.x). This seems to be a known issue. And CA has a documented fix for this with one of their patches.
We applied the samesiteincompatibleuseragents setting with the value of "browser=Safari|MajorVersion=[1-13]", which was the fix Broadcom (CA) is recommending.
But this fix doesn't seem to work.
Any ideas are welcome.
Upvotes: 0
Views: 910
Answers (1)
Reputation: 759
Well, after a couple back and forth discussion with Broadcom, they told us that Version number specified for Safari is WebKit version and not the browser version. We changed the setting to "browser=Safari|MajorVersion=[538-605]" to find the sweet spot.
This setting worked for us.
Upvotes: 0
Related Questions
- How to enable samesite for jsessionid cookie
- Condtionally set ASP.NET session and authentication cookies samesite value based on browsers
- Samesite cookie flag and ASP 2.1
- Set SameSite for Cookie in Apex
- SameSite Cookie attribute ommited by ASP.NET Core
- Samesite attribute of cookies set in response are not getting modifed by tomcat's cookieprocessor
- Polyfill SameSite cookie attribute
- SameSite attribute in cookies
- Post to Siteminder login.fcc to retrieve a cookie using java
- Setting cross-site cookie on Safari