kohrar commented on issue #11078: URL: https://github.com/apache/cloudstack/issues/11078#issuecomment-3033229443
After looking into this issue a bit more, I see that the problem is that after doing a SAML SSO auth, the cookies have an inappropriate domain set. After initiating the SAML SSO auth, I am redirected to /client/api?command=samlSSO:  This step works fine and the cookies are set with the correct domain. This then redirects me to /client. This next request has the cookie's domains set to '.cloudstack...' with a leading `.`. I don't see any server headers being sent that would make this change, so I think there's some client-side javascript doing this?  Because of this, the log out step isn't clearing these cookies properly. After logging out, the cookies with the '.cloudstack...' domain persists and we end up in this broken state. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
