Continuous Delivery Automation

IMPORTANT Impact of .Net Framework updates on CDA Configuration

By Kaj Wierda posted 02-18-2020 08:55 AM

Problem / Symptoms:
The login is possible but CDA/ARA page stays blank. Release Automation perspective is constantly reloaded.
In the browser console log repetitive messages regarding "start sending authenticate post message" can be found.

Technical Background:
The .Net Framework roll-ups from November 2019 (and later) mark all Session and Authentication cookies that do not have a SameSite attribute present as being SameSite=Lax. With authentication cookie SameSite attribute set to Lax, CDA/ARA will only work if Release Manager URL and AWI URL are from the same domain.

How to fix it:
Use full hostname (FQHN - Fully Qualified Host Name) to configure CDA/ARA URL and AWI URL in customer.config and and ensure that CDA/ARA and AWI URL are from the same domain.

Example customer.config
<add key="UC4Deployment.ECCURL" value="http://myserver1.subdomain.mydomain:8080/awi/" />
<add key="UC4Deployment.CallbackUrl" value="http://myserver2.subdomain.mydomain:80/CDA" />


How to identify the CDA's FQHN:
The proper QFHN is displayed when opening the sub-page "/service/deploymentservice.svc" of your CDA-server in a browser from the client's workstation e.g. http://myserver2/cda/service/deploymentservice.svc

The displayed URL (without "/service/DeploymentService.svc?wsdl" at the end) gives you the correct CDA URL that must be set in the configuration files and used to access AWI.