Product Area: Server  Technical Area: Security Platform: Cross Platform
SPR# RJTOBLWNAE - Server - Security - This fix allows customers to configure same site cookie attribute on Domino auth session cookies (LPTA and/or Domino Single Server auth cookies). In V12 this can be done either via the nab (web sso doc for LPTA cookies). For Domino Single server authorization cookies via internet site doc or main Domino Server doc if using the legacy Web Configuration view.
For 11.0.1 FP8 (or 12x), the following notes.ini settings can be used:
DOMINO_SAMESITE_MULTISERVERSSO - for lpta cookies, values are 0 (default) - disabled, 1 - strict, 2 - lax, 3 - none
For Domino single server the notes.ini is
DOMINO_SAMESITE_SINGLESERVER - values 0 - disabled (default), 1 - strict, 2 - lax, 3 - none
Last Modified on 08/04/2023 |  |
|
|
|
|
|