Page History

1. Problem with invalid SameSite configuration

The problem is that the SameSite cookie attribute is not set, while the correct configuration would be SameSite=None. In certain situations, some browsers will discard such cookie when switching between different domains, as is the case in SSO authentication. We believe that this causes problems for some of users when they are trying to connect to UNIC SP.

Figure 1. Example of well set SameSite cookies

More on SameSite cookie atribute can be found at: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite

2. Make sure that your IdP delivers the following mandatory eduGain attributes to the UNIC SP:

• schacHomeOrganization
• eduPersonScopedAffiliation
• schacPersonalUniqueCode