[
https://issues.apache.org/jira/browse/KNOX-2567?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17312811#comment-17312811
]
cdmikechen commented on KNOX-2567:
----------------------------------
I've change codes like this, and it works:
{code:java}
if (secureOnly) {
setCookie.append("; Secure; SameSite=None");
} else {
setCookie.append("; SameSite=Lax");
}
if (maxAge != -1) {
setCookie.append("; Max-Age=").append(maxAge);
}
response.setHeader("Set-Cookie", setCookie.toString());
{code}
> KNOX 1.5.0 cookie samesite param error
> --------------------------------------
>
> Key: KNOX-2567
> URL: https://issues.apache.org/jira/browse/KNOX-2567
> Project: Apache Knox
> Issue Type: Bug
> Components: KnoxSSO
> Affects Versions: 1.5.0
> Reporter: cdmikechen
> Priority: Critical
>
> In new chrome samesite update ( https://www.chromium.org/updates/same-site),
> if we set *knoxsso.cookie.secure.only* false and *ssl.enabled* false , we
> must replace *SameSite* from *None* to *Lax* or remove it. Otherwise, knox
> can not set *hadoop-jwt* cookie and knox will jump indefinitely on home page
> and SSO page.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
