KB486875: SameSite Cookie Setting for MSTR Mobile and Library iOS SAML Authentication

Product Owner, Principal • MicroStrategy

When certifying against iOS 18 Beta2, MicroStrategy found that WKWebView adopts the SameSite cookie attribute which effects the MicroStrategy Mobile app and Library iOS app SAML authentication.

See the following solution using the Mobile and Library servers for Strategy Mobile and Library iOS app SAML authentication on iOS 18 devices.

Mobile iOS App Using SAML

The configuration update must performed on the StrategyMobile server configuration setting.

Tomcat Mobile Server

Edit the

sys_defaults.properties

file under

StrategyMobile/WEB-INF/xml/

and add the following lines:

sameSite=None	secure=1

Save the file and restart Tomcat.

JBoss Mobile Server

Edit the

sys_defaults.properties

file under

StrategyMobile/WEB-INF/xml/

and add the following lines:

sameSite=None	secure=1

Save the file.

In JBoss, go to

jboss/standalone/configuration/standalone.xml.

Edit

standalone.xml

and add

<session-cookie http-only="true" secure="true"/>

to the existing code, as shown below:

<subsystem xmlns="urn:jboss:domain:undertow:10.0" default-server="default-server" default-virtual-host="default-host" default-servlet-container="default" default-security-domain="other" statistics-enabled="${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}}">	            <buffer-cache name="default"/>	            <server name="default-server">	                <http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true"/>	                <https-listener name="https" socket-binding="https" security-realm="ApplicationRealm" enable-http2="true"/>	                <host name="default-host" alias="localhost">	                    <location name="/" handler="welcome-content"/>	                    <http-invoker security-realm="ApplicationRealm"/>	                </host>	            </server>	            <servlet-container name="default">	                <jsp-config/>	                <session-cookie http-only="true" secure="true"/>	                <websockets/>	            </servlet-container>	            <handlers>	                <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>	            </handlers>	        </subsystem>

Create a new file named
```
undertow-handlers.conf
```
using the following code and save it to the
```
WEB-INF
```
folder of the Strategy Mobile deployment:
```
samesite-cookie(mode=NONE)
```
Restart the JBoss server.

Library iOS App Using SAML

The configuration update must be performed on the StrategyLibrary web server configuration setting.

Tomcat Mobile Server

See Configure SameSite Cookies for Library for more information.

JBoss Mobile Server

See Configure SameSite Cookies for Library for more information.

Comment

0 comments

Details

Knowledge Article

Published:

July 5, 2024

Last Updated:

August 14, 2024

Mobile iOS App Using SAML

The configuration update must performed on the StrategyMobile server configuration setting.

Tomcat Mobile Server

Edit the

sys_defaults.properties

file under

StrategyMobile/WEB-INF/xml/

and add the following lines:

sameSite=None	secure=1

Save the file and restart Tomcat.

JBoss Mobile Server

Edit the

sys_defaults.properties

file under

StrategyMobile/WEB-INF/xml/

and add the following lines:

sameSite=None	secure=1

Save the file.

In JBoss, go to

jboss/standalone/configuration/standalone.xml.

Edit

standalone.xml

and add

<session-cookie http-only="true" secure="true"/>

to the existing code, as shown below:

<subsystem xmlns="urn:jboss:domain:undertow:10.0" default-server="default-server" default-virtual-host="default-host" default-servlet-container="default" default-security-domain="other" statistics-enabled="${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}}">	            <buffer-cache name="default"/>	            <server name="default-server">	                <http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true"/>	                <https-listener name="https" socket-binding="https" security-realm="ApplicationRealm" enable-http2="true"/>	                <host name="default-host" alias="localhost">	                    <location name="/" handler="welcome-content"/>	                    <http-invoker security-realm="ApplicationRealm"/>	                </host>	            </server>	            <servlet-container name="default">	                <jsp-config/>	                <session-cookie http-only="true" secure="true"/>	                <websockets/>	            </servlet-container>	            <handlers>	                <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>	            </handlers>	        </subsystem>

Create a new file named

undertow-handlers.conf

using the following code and save it to the

WEB-INF

folder of the Strategy Mobile deployment:

samesite-cookie(mode=NONE)

Restart the JBoss server.