No such flow exception help
kwessel at illinois.edu
Tue Aug 9 18:31:03 UTC 2022
Ugh. I suspected it might be something like this. I'm confused why we aren't seeing it consistently. For instance, it usually doesn't happen on the first authentication request of an IdP session, and sometimes not on the second authn request, either. I often have to hit the IdP with two or three authn requests before I get a stale request error.
If, given that, it still sounds like samesite, I can try setting the condition for the samesite filter to True to see if it works and, if it does and the need arises for the sake of older clients, work up a more sane condition. If I do this, would I set the idp.sameSite.cookiie to Lax or Strict or leave it at None? Still trying to get my head around the meaning of the settings for that parameter.
From: Cantor, Scott <cantor.2 at osu.edu>
Sent: Tuesday, August 9, 2022 11:51 AM
To: Shib Users <users at shibboleth.net>
Cc: Wessel, Keith <kwessel at illinois.edu>
Subject: Re: No such flow exception help
More information about the users