Yes Scott. This is happening in both chrome and Firefox. These are only two I tried. I'm my understanding the AEM is behaving as expected but due to some security issue, the browser does not add the cookie in session and neither in subsequent requests.

The issue is not with assertion or handler. AEM is working fine with generating the login-token. It is set in response header. Since token is set in response header, browser should attached that in subsequent requests. which is not happening. I am not sure why Browser is doing this for one IDP and n...

I am trying to integrate AEM with SAML. We are currently using a different IDP ( Call it IDP-OLD) and moving to a new IDP ( IDP-New).While integrating with IDP-OLD, the SAML Assertion Consumption URL was /content/saml_login. This Servlet created a cookie which was login-token which is httponly secur...