Previous Topic: Authentication URL Open to Malicious Attacks (74278, 76976, 83114, 83117)Next Topic: Web Agent Option Pack Fails when TRANSIENTIP Checking is Enabled (75240, 83125)

Release NotesFederation Security Services Release NotesFixes in r12 SP1 and SP2Session Cookie not Marked Secure by the Assertion Consumer Service (74449, 83124)

Session Cookie not Marked Secure by the Assertion Consumer Service (74449, 83124)

Symptom:

When an SMSESSION cookie is being set in the browser for a SAML 2.0 federation, it is marked as Secure if the UseSecureCookies parameter is set in the AgentConfigObject corresponding to Federation Web Services.

Solution:

The SMSESSION cookie is now marked as secure.