Closed DonaldChung-HK closed 2 weeks ago
Thank you very much for the detailed issue! We will look soon into this.
Hi INDIGO IAM team,
I am closing this issue. I discovered that this is caused by my organisation's test SAML IDP enforcing SameSite=Strict
cookie which caused it to go wrong.
Thanks.
Description
When using
redis
as storageHttpSession
InResponseto
checkTo Reproduce
This doesn't happen when using internal session storage. Set up IAM SAML with Redis as HttpSession Store and nginx reverse proxy using
native
forward header strategy and running on host network mode. Try to use SAML login. See the above description.Possible reason for the issue
SAMLContextProviderLB
Task or fixes
EmptyStorageFactory
forSAMLContextProvider
/SAMLContextProviderLB
to disable theInResponseTo
check https://github.com/DonaldChung-HK/iam/commit/59559a354ecc951cd9a081287e377920f06b0898