GitHub user DerekHarter added a comment to the discussion: Upgrade from
4.19.1.0 to 4.19.1.2 login issues "Unauthorized Session expired"
Hi thanks, yes I hadn't seen that.
Just checked and looks like that setting is already false for me:
```
(tlc) 🐱 > list configurations name=enable.secure.session.cookie
{
"configuration": [
{
"category": "Advanced",
"component": "ApiServer",
"defaultvalue": "false",
"description": "Session cookie is marked as secure if this is enabled.
Secure cookies only work when HTTPS is used.",
"displaytext": "Enable secure session cookie",
"group": "Management Server",
"isdynamic": false,
"name": "enable.secure.session.cookie",
"subgroup": "Security",
"type": "Boolean",
"value": "false"
}
],
"count": 1
}
```
But I tried anyway
```
(tlc) 🐱 > update configuration set value='false' where
name='enable.secure.session.cookie'
{
"configuration": {
"category": "Advanced",
"component": "ApiServer",
"defaultvalue": "false",
"description": "Session cookie is marked as secure if this is enabled.
Secure cookies only work when HTTPS is used.",
"displaytext": "Enable secure session cookie",
"group": "Management Server",
"isdynamic": false,
"name": "enable.secure.session.cookie",
"subgroup": "Security",
"type": "Boolean",
"value": "false"
}
}
```
and restarted `cloudstack-management` service, and that did solve my issue as
well. So thanks, though not sure what changed there, but we do have access
again.
GitHub link:
https://github.com/apache/cloudstack/discussions/9876#discussioncomment-11105752
----
This is an automatically sent email for users@cloudstack.apache.org.
To unsubscribe, please send an email to: users-unsubscr...@cloudstack.apache.org
