Apologies, but got this resolved. the httpOly attribute was missing from one of the apps. I have now set it globally for all my apps.
Thanks, On Tue, 22 Oct 2019 at 15:34, M. Manna <manme...@gmail.com> wrote: > Hello, > > As per the official documentation, I setup my same site cookie using > Rfc62665CookieProcessor and set everything in "strict" mode. > > However, when I restarted my server, I only see httpOnly, secure - but not > SameSite checked under browser's developer console. > > Could someone please help me understand whether something has been missed > at my side? And yes, I am using tomcat 8.5.45 (as I read that it's been > since 8.5.42). Otherwise, cataina bootstrapping would simply say that > there's no samesitecookies attribute. > > Regards, >