bq. Setting the cookie configuration (https://stackoverflow.com/questions/57505939/how-to-set-samesite-cookie-in-tomcats-cookie-processor) to "lax" via the init script solved the problem.
Thanks for the debug [~michael-schroeder-lave]. I indeed imagine it's not possible to do OpenID Connect with SameSite=Strict session cookie since 90% of the time OpenID Connect is a ping/pong between two different domains). I feel like this is related to the help helm chart in some way, as you are the first one to report this problem. XWiki does not set samesite, and Tomcat documentation seems to suggest it does not it either by default.
Thomas Mortagne on 03/Sep/25 10:42
bq. Setting the cookie configuration (https://stackoverflow.com/questions/57505939/how-to-set-samesite-cookie-in-tomcats-cookie-processor) to "lax" via the init script solved the problem.
Thanks for the debug [~michael-schroeder-lave]. I indeed imagine it's not possible to do OpenID Connect with SameSite=Strict session cookie since 90% of the time OpenID Connect is a ping/pong between two different domains). I feel like this is related to the helm chart in some way, as you are the first one to report this problem. XWiki does not set samesite, and Tomcat documentation seems to suggest it does not it either by default.
This message was sent by Atlassian Jira (v9.3.0#930000-sha1:287aeb6)
If image attachments aren't displayed, see this article.
