Version Affected: 22.12 onwards
Description:
Some SP setups require the Password to be added to the cookie. If this needs to be done, we recommend making sure you use the B64 option to encode them.
In cases where the Password is added to the cookie, contains a comma and isn't encoded, it can break logins.
Cause:
Our Cookies in modern versions of SecureAuth contain several comma separated values in order to prevent unauthorized re-use. If the value you add to the cookie contains a comma, it changes the placement of each value and invalidates the cookie.
Resolution:
A fix exists in 23.07 HF2 onwards. This fix allows you to change the delimiter that we use so that it does not conflict with special characters in your passwords.
1. Decrypt the Web.config
2. Search for "Delimiter"
3. Add the delimiter of your choice. Eg
<add key="Delimiter" value=":" />
4. Save the web.config and test
Special Considerations:
We don't recommend having passwords in cookies.
SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.
Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.
Comments
Article is closed for comments.