JSESSIONID issues, Stale Session. (SameSite issue?)

[Cantor, Scott]

The SameSite page contains this text that needs to be more prominent:

"It is also likely that SAML proxying will be affected by this issue, because the POST back to the IdP from the proxied IdP will omit the necessary cookies to resume the flow, resulting in the "stale request" message."

It's not "likely", it's fact. The IdP will not function unless the original JSESSIONID is delivered back with the SAML POST intact.

-- Scott