login-token Cookie is not getting added into subsequent requests by browser

nishantg8362837 26-12-2018

I am trying to integrate AEM with SAML. We are currently using a different IDP ( Call it IDP-OLD)  and moving to a new IDP ( IDP-New).

While integrating with IDP-OLD, the SAML Assertion Consumption URL was /content/saml_login. This Servlet created a cookie which was login-token which is httponly secure;. This cookie was sent back in all the remaining request by browser and AEM identified the token and considered the user as logged in.

While testing with IDP-NEW System, when IDP sends SAML Assertion to /saml_login, same login-token cookie is generated which is httponly and secure

Unfortunately this login-token cookie is not sent back by browser in the subsequent requests, which makes AEM thinks that the user is not logged in.

Both servers are HTTPS and secure.

Can anyone help me what could be the issue here?

Mark Solution

Are these answers useful?
Help other community members by marking useful answers as accepted.

Accepted Solutions (0)

Answers (2)

Answers (2)

nishantg8362837 07-01-2019

Unfortunately it was a very silly mistake. the assertion consumption URL was for a different domain while the cookie was required on a different domain.

edubey 06-01-2019

If it works in idp-old and doesn work in idp-new, there may be some difference btw idp-old and new

Do you have any details on this?