apm SAML SameSite
1 Topicsamesite cookie for SAML authentication
Hi I'm using https://techdocs.f5.com/en-us/bigip-15-0-0/big-ip-access-policy-manager-per-request-policies/implementing-seamless-sso-azure-saml-mfa/azure-ad-creating-local-service-provider-main-authentication.html to setup and test F5 SP MS Azure iDP and I am using F5 script for setting cookies (F5 APM / ASM) samesite attributes, basically https://community.f5.com/t5/technical-articles/irule-to-set-samesite-for-compatible-clients-and-remove-it-for/ta-p/278650 My issue is the return call from MS Azure is a 302 redirect back to the F5. the browser (Edge / Firefox) is not sending any of the F5 cookies. I presume because MRHSession is not being sent a new session is being created which breacks the SAML auth. I have samesite for this and all F5 to secure / http only / samesite => lax it looks like i need to set samesite to none for MRHsession are other facing this problem if so how are you dealing with it - I am thinking of making this change just for my SP VS/domain is there another solution ?999Views0likes1Comment