search cancel

NTLM - Catalog needs login after upgrade Chrome blocks cross-domain cookies


Article ID: 211344


Updated On:


CA Service Management - Service Desk Manager


After upgrading from 17.3.0 to 17.3.04 Service point no longer contacts to catalog via NTLM.

After switching to Service Point requestor opens which requests a login to Catalog.

Catalog-NTLM login itself works correctly

Allow the cross-domain cookies to be sent along with HTTP


Chrome v84 has introduced a new restriction on cookies, where it blocks cross-domain cookies. So if Catalog and SP are installed on different machines, all the Catalog requests originating from Service point don't send the cookie information.


In order to fix this issue, we should enable SSL across the solution so cookies can be transferred across HTTPS (as they are secure) and set the same site flag to none.
If it is not something accepted by the customer.
The other workaround available is to disable the following chrome flags:
1) SameSite by default cookies
2) Cookies without the same site must be secure
This will allow the cross-domain cookies to be sent along with HTTP.