Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
Read More & Register today!

Browser is not adding login-token Cookie (Session Cookie) into subsequent requests

Avatar

Level 2
Level 2
12/27/18 5:18:09 AM

I am trying to integrate AEM with SAML. We are currently using a different IDP ( Call it IDP-OLD) and moving to a new IDP ( IDP-New).

While integrating with IDP-OLD, the SAML Assertion Consumption URL was /content/saml_login. This Servlet created a cookie which was login-token which is httponly secure;. This cookie was sent back in all the remaining request by browser and AEM identified the token and considered the user as logged in.

While testing with IDP-NEW System, when IDP sends SAML Assertion to /saml_login, same login-token cookie is generated which is httponly and secure

Unfortunately this login-token cookie is not sent back by browser in the subsequent requests, which makes AEM thinks that the user is not logged in.

Both servers are HTTPS and secure.

Can anyone help me what could be the issue here?

Views

1.9K

Replies

5
Sign in to like this content

Total Likes

Translate
Translate
5 Replies

Avatar

Employee Advisor
Employee Advisor
12/27/18 5:32:48 AM

Few items to look for :

- As per assertion, cookie is invalidated.

- It might be permission issue either for the path or user. Check 'Apache Sling Authentication Service' and SAML Authentication Handler configuration having the default group.

- Check permissions for 'authentication-service' user

Thanks,

Wasil

[1] SAML 2.0 Authentication Handler

Views

1.5K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
12/27/18 6:32:04 AM

The issue is not with assertion or handler. AEM is working fine with generating the login-token. It is set in response header. Since token is set in response header, browser should attached that in subsequent requests. which is not happening. I am not sure why Browser is doing this for one IDP and not for another.

Views

1.5K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 10
Level 10
12/27/18 11:23:09 AM

IS this behavior observed in all browsers?

Views

1.4K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
12/27/18 11:27:26 AM

Yes Scott. This is happening in both chrome and Firefox. These are only two I tried.

I'm my understanding the AEM is behaving as expected but due to some security issue, the browser does not add the cookie in session and neither in subsequent requests.

Views

1.5K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 1
Level 1
1/16/23 5:14:35 AM
In response to nishantg8362837

Hi @nishantg8362837 we are also facing similar type of issue. How did you solved this issue

Views

775

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Richtext data type not working in Content Fragment Model

Views

9

Likes

0

Replies

1
Getting 406 Not Acceptable error code for below API request

Views

40

Likes

0

Replies

2
Minifying not working for Cloud environments

Views

48

Likes

0

Replies

1
Google Tag Manager is not being found

Views

145

Likes

0

Replies

3
Getting 406 error code Not Acceptable when hitting API Asset API

Views

78

Likes

0

Replies

1