1. Problem with invalid SameSite configuration

The problem is that the SameSite cookie attribute is not set, while the correct configuration would be SameSite=None. In certain situations, some browsers will discard such cookie when switching between different domains, as is the case in SSO authentication. We believe that this causes problems for some of users when they are trying to connect to UNIC SP.

Figure 1. Example of well set SameSite cookies

More on SameSite cookie atribute can be found at: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite

2. Make sure that your IdP delivers the following mandatory eduGain attributes to the UNIC SP:

  • schacHomeOrganization
  • eduPersonScopedAffiliation
  • schacPersonalUniqueCode

Problem with login due to undelivered atributes

Figure 2. Problem with login due to undelivered atributes

In order to access UNIC Virtual Campus some attributes must be delivered by Identity Provider. If a person can't access UNIC Virtual Campus due to message shown in Figure 2.,  it is necessary to contact the administrator of the Identity provider at home institution to check whether the specified attributes are delivered.

  • No labels