GitHub user OlegChuev added a comment to the discussion: SAML Auth is broken after the 4.19.2 upgrade
> > Is this considered a blocker cc [@Pearl1594](https://github.com/Pearl1594) > > [@DaanHoogland](https://github.com/DaanHoogland) ? > > [@OlegChuev](https://github.com/OlegChuev) our [QA > > server](https://qa.cloudstack.cloud/simulator/#/user/login?redirect=/) uses > > [mocksaml.com](https://mocksaml.com/) for testing purposes, is that good > > enough or should we look at keycloak or some other IdP server? What IdP > > server are you using? > > [@rohityadavcloud](https://github.com/rohityadavcloud) let's try to reproduce > it > > [@OlegChuev](https://github.com/OlegChuev) the old behaviour is same as > > * api.sessionkey.check.locations=CookieOrParameter > * api.sessionkey.cookie.samesite=Null > > can you re-test ? > > for your information, below are configurations on qa cloud > >  I’ve tested with both `CookieOrParameter` and `Null` and can confirm that neither resolves the issue. I’m starting to suspect that the root cause might lie in an insufficient Nginx configuration. However, what’s most puzzling is that everything seems to work fine when the `HttpOnly` header is removed... GitHub link: https://github.com/apache/cloudstack/discussions/11147#discussioncomment-13680142 ---- This is an automatically sent email for users@cloudstack.apache.org. To unsubscribe, please send an email to: users-unsubscr...@cloudstack.apache.org
