institutions using Shibboleth to authenticate Peoplesoft
Cantor, Scott
cantor.2 at osu.edu
Tue Jul 28 18:57:12 UTC 2020
On 7/28/20, 2:50 PM, "users on behalf of Liam Hoekenga" <users-bounces at shibboleth.net on behalf of liamr at umich.edu> wrote:
> The vendor did adjust the SameSite cookies in their app, and if accessed directly, it seems to work.
What did they adjust them to? If it's a POST handoff from Peoplesoft to the app, then Lax ain't gonna work.
> The issue occurs when the app is launched from "peoplesoft direct connect", during which the checkout procedure
> only works during that magic 2 minute interval. Afterwards, it breaks.
Then they did not in fact change the cookies, or they changed them to the wrong value.
> Our PS people opened a support case with Oracle, and Oracle of course says that it's the Shibboleth SP that is breaking
> the functionality.
It is literally impossible for software on site A to have any influence over the cookie behavior on site B. Web servers don't experience quantum entanglement.
-- Scott
More information about the users
mailing list