Hi Andy thanks for your reply. This issue occurs even with the latest Chrome version (89) so I guess the reason is not the one related to the "samesite".
El miércoles, 24 de marzo de 2021 a las 22:44:03 UTC-3, Andy Ng escribió: > Hi all, > > On our side we are using 6.2.x and in production, no such problem observed. > > We did implemented a customization multiple customization regarding > cookies, which are: > > - Samesite = None > - 3rd party cookie > > Since I cannot reproduce the issue now, if anybody is free please help try > the following verification method to identify the issue: > > *Note: Just throwing some idea out here, it might not work but I think > worth some testing* > > *For Samesite=None:* > I made a post a while ago regarding this and the code needed for the fix, > so not reposting again. > > For some additional reading what is samesite=None, and code to fix the > issue, see this: > https://www.chromium.org/updates/same-site/incompatible-clients > > For checking if this is indeed the issue, try the following (After enabled > only visit trusted website, and rollback immediately is recommended): > > 1. Open Chrome: > 2. Go to chrome://flags/ > 3. Search "samesite" > 4. Set all 3 items to "Disabled" > 5. Restarts > 6. Try to login again, see if issue is solve > 7. Rememeber to go back to chrome://flags/ and restore setting after > testing > > *For 3rd party cookie:* > This is unlikely the issue but let's also try verify it: > > 1. Open Chrome > 2. Go to Setting > Privacy and Security > Cookie and Site Data > 3. Set All cookie > 4. Restarts > 5. Try to login again, see if issue is solve > 6. Remember to rollback if want to > > > If issue indeed is one of them, can work on implementing a patch to CAS to > fix the issue. If not then, well I am currently out of idea... > > Regards, > Andy > > > > On Tuesday, 23 March 2021 at 22:19:39 UTC+8 [email protected] wrote: > >> Unfortunately it did not solve the issue. But it seems to be a very old >> problem https://bugs.chromium.org/p/chromium/issues/detail?id=533625 >> Anybody else experiencing the same behaviour? >> >> >> El jueves, 18 de marzo de 2021 a las 11:47:34 UTC-3, Nicolás López >> escribió: >> >>> We are goint to try it and then will share the results. >>> Thanks! >>> >>> El jueves, 18 de marzo de 2021 a las 4:31:40 UTC-3, jrautureau escribió: >>> >>>> Hello >>>> >>>> Have you tried to set cas.tgc.pin-to-session to false ? >>>> >>>> We had issues on tgc cookie witch were invalidated due to network >>>> changes. For instance, when we switch to a new http proxy or when we >>>> connect to a VPN. >>>> >>>> Since the property set to false the tgc remains valid. >>>> >>>> We are using the remember me feature. >>>> >>>> Le jeu. 18 mars 2021 à 03:32, Nicolás López <[email protected]> a >>>> écrit : >>>> >>>>> Same issue here. Did anybody find a solution or workaround? >>>>> >>>>> El viernes, 5 de febrero de 2021 a las 7:35:18 UTC-3, >>>>> [email protected] escribió: >>>>> >>>>>> Same issue : >>>>>> https://groups.google.com/a/apereo.org/g/cas-user/c/2CVCGqJOhgE/m/OlV7o8UoAgAJ >>>>>> >>>>>> >>>>>> Any idea ? >>>>>> >>>>>> Le mardi 2 février 2021 à 14:33:21 UTC+1, Florent Vallée a écrit : >>>>>> >>>>>>> Hello, >>>>>>> >>>>>>> I installed a CAS server in version 6.2.7. No worries for the >>>>>>> connection and the connection to the different services. >>>>>>> We are only having a weird problem. On a computer, with Firefox no >>>>>>> worries, on the other hand with Chrome, Edge, etc. and even on a >>>>>>> smartphone with any browser, the CAS connection page loops permanently >>>>>>> and does not connect to the service. It sometimes happens that by >>>>>>> trying again 4-5 times in a row it will work but it is very random. If >>>>>>> we simply connect to the login page we can connect well. >>>>>>> Can it be a problem with cookies management, redirects or other? >>>>>>> I can't find what options added in the cas.properties >>>>>>> Does anyone have any configuration examples? >>>>>>> >>>>>>> >>>>>>> Thank you for your help. >>>>>>> >>>>>>> >>>>>>> *Florent * >>>>>>> >>>>>>> >>>>>>> >>>>>>> ------------------------------ >>>>>>> *De: *"Ray Bon" <[email protected]> >>>>>>> *À: *"CAS Community" <[email protected]> >>>>>>> *Envoyé: *Lundi 1 Février 2021 18:24:29 >>>>>>> *Objet: *Re: [cas-user] Problem with CAS 6.2.6 >>>>>>> >>>>>>> Florent, >>>>>>> >>>>>>> Once you have authenticated, cas will return a TGC (ticket granting >>>>>>> cookie) to the browser. As long as this cookie is active, you should >>>>>>> not >>>>>>> see the log in page. >>>>>>> Those browsers my have some security settings that affect the TGC. >>>>>>> Use you developer tools to see if the TGC is being deleted or not sent >>>>>>> to >>>>>>> cas. There are some cookie setting, >>>>>>> https://apereo.github.io/cas/6.3.x/configuration/Configuration-Properties-Common.html#cookie-properties >>>>>>> and >>>>>>> https://apereo.github.io/cas/6.3.x/configuration/Configuration-Properties.html#ticket-granting-cookie >>>>>>> . >>>>>>> >>>>>>> Ray >>>>>>> >>>>>>> On Mon, 2021-02-01 at 14:19 +0100, Florent Vallée wrote: >>>>>>> >>>>>>> Notice: This message was sent from outside the University of >>>>>>> Victoria email system. Please be cautious with links and sensitive >>>>>>> information. >>>>>>> >>>>>>> Hello, >>>>>>> >>>>>>> >>>>>>> I have a problem with CAS, I have access on any browser to the >>>>>>> authentication page and it returns me the requested attributes. >>>>>>> >>>>>>> However, when I want to connect to an authorized service, it only works >>>>>>> on Firefox. On Edge, Chrome this constantly returns me to the >>>>>>> authentication page. Anyone have any idea what the problem is? >>>>>>> >>>>>>> >>>>>>> Florent >>>>>>> >>>>>>> -- >>>>>>> >>>>>>> Ray Bon >>>>>>> Programmer Analyst >>>>>>> Development Services, University Systems >>>>>>> 2507218831 <(250)%20721-8831> | CLE 019 | [email protected] >>>>>>> >>>>>>> I respectfully acknowledge that my place of work is located within >>>>>>> the ancestral, traditional and unceded territory of the Songhees, >>>>>>> Esquimalt >>>>>>> and WSÁNEĆ Nations. >>>>>>> >>>>>>> -- >>>>>>> - Website: https://apereo.github.io/cas >>>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>>>>> - List Guidelines: https://goo.gl/1VRrw7 >>>>>>> - Contributions: https://goo.gl/mh7qDG >>>>>>> --- >>>>>>> You received this message because you are subscribed to the Google >>>>>>> Groups "CAS Community" group. >>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>> send an email to [email protected]. >>>>>>> To view this discussion on the web visit >>>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/c65f808fc4b75ed31cf4582b3fe872b87b9894b1.camel%40uvic.ca >>>>>>> >>>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/c65f808fc4b75ed31cf4582b3fe872b87b9894b1.camel%40uvic.ca?utm_medium=email&utm_source=footer> >>>>>>> . >>>>>>> >>>>>> -- >>>>> - Website: https://apereo.github.io/cas >>>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>>> - List Guidelines: https://goo.gl/1VRrw7 >>>>> - Contributions: https://goo.gl/mh7qDG >>>>> --- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "CAS Community" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to [email protected]. >>>>> >>>> To view this discussion on the web visit >>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/22230b33-e79d-4efc-83b6-97e4969e5ef9n%40apereo.org >>>>> >>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/22230b33-e79d-4efc-83b6-97e4969e5ef9n%40apereo.org?utm_medium=email&utm_source=footer> >>>>> . >>>>> >>>> -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/3988a1e2-0a0e-4268-8e36-fcf722977c07n%40apereo.org.
