NTLM - Catalog needs login after upgrade Chrome blocks cross-domain cookies
Article ID: 211344
Updated On:
Products
CA Service Management - Service Desk Manager
Issue/Introduction
After upgrading from 17.3.0 to 17.3.04 Service point no longer contacts to catalog via NTLM.
After switching to Service Point requestor opens which requests a login to Catalog.
Catalog-NTLM login itself works correctly
Allow the cross-domain cookies to be sent along with HTTP
Cause
Chrome v84 has introduced a new restriction on cookies, where it blocks cross-domain cookies. So if Catalog and SP are installed on different machines, all the Catalog requests originating from Service point don't send the cookie information.
Resolution
In order to fix this issue, we should enable SSL across the solution so cookies can be transferred across HTTPS (as they are secure) and set the same site flag to none.
If it is not something accepted by the customer.
The other workaround available is to disable the following chrome flags:
chrome://flags/#network-service
1) SameSite by default cookies
2) Cookies without the same site must be secure
This will allow the cross-domain cookies to be sent along with HTTP.
Feedback
Yes
No
Powered by
