Release NotesFederation Security Services Release NotesDefects Fixed in the Web Agent 6.x QMR 5 Option PackFixes for Web Agent 6.x QMR 5 Option Pack › SMSESSION Cookie Not Marked as Secure when UseSecureCookies Enabled (74449)

Previous Topic: SAML 2.0 Autopost Forms Required JavaScript (73858)

Next Topic: Transient IP Checking Was Not Operating Properly (75240)
SMSESSION Cookie Not Marked as Secure when UseSecureCookies Enabled (74449)

Symptom:

During SAML 2.0 federation transaction, the SMSESSION cookie is not marked as "secure" by the Assertion Consumer URL response.

Solution:

Ensure that when an SMSESSION cookie is being set in the user's browser for a SAML 2.0 federation, it is marked as Secure if the UseSecureCookies setting is enabled in the AgentConfigObject corresponding to Federation Web Services.