In v4.2.x, as part of security tightening, some fixes were done in the area of cookie handling. Unfortunately, these security fixes have the potential to break existing proxy rules/settings. If this is the case, then users will notice there will be no app cookies stored in the browser.
To resolve this issue please follow below steps
Way 1: When Apache is used as a proxy server.
Step 1: Update the front end server (Apache) proxy setting as below. The example given below is for Apache web server.
...
Ex: https://test.openspecimen.org/ => https> https://test.openspecimen.org/openspecimen-test
Way 2: When Tomcat is used as a front end server and Tomcat settings don't allow sending cookies to the server.
Step 1: Secure="True" does not allow the browser to store cookies. Change the Secure attribute value from "True" to "False".
Code Block | ||
---|---|---|
| ||
<Connector port="8081"
protocol="HTTP/1.1"
connectionTimeout="20000"
Secure="True"
redirectPort="8443" /> |
Step 2: Restart the Tomcat.
Note: Make sure Application URL = Access URL.