Continuous Delivery Automation

IMPORTANT Impact of .Net Framework updates on CDA Configuration

By Kaj Wierda posted 02-18-2020 08:55 AM

  
Problem / Symptoms:
The login is possible but CDA/ARA page stays blank. Release Automation perspective is constantly reloaded.
In the browser console log repetitive messages regarding "start sending authenticate post message" can be found.

Technical Background:
The .Net Framework roll-ups from November 2019 (and later) mark all Session and Authentication cookies that do not have a SameSite attribute present as being SameSite=Lax. With authentication cookie SameSite attribute set to Lax, CDA/ARA will only work if Release Manager URL and AWI URL are from the same domain.

How to fix it:
Use full hostname (FQHN - Fully Qualified Host Name) to configure CDA/ARA URL and AWI URL in customer.config and connection.properties and ensure that CDA/ARA and AWI URL are from the same domain.

Example customer.config
<add key="UC4Deployment.ECCURL" value="http://myserver1.subdomain.mydomain:8080/awi/" />
<add key="UC4Deployment.CallbackUrl" value="http://myserver2.subdomain.mydomain:80/CDA" />

Example connections.properties
url=http://myserver2.subdomain.mydomain:80/CDA

How to identify the CDA's FQHN:
The proper QFHN is displayed when opening the sub-page "/service/deploymentservice.svc" of your CDA-server in a browser from the client's workstation e.g. http://myserver2/cda/service/deploymentservice.svc

The displayed URL (without "/service/DeploymentService.svc?wsdl" at the end) gives you the correct CDA URL that must be set in the configuration files and used to access AWI.

References:
https://techcommunity.microsoft.com/t5/iis-support-blog/samesite-cookie-updates-in-asp-net-or-how-the-net-framework-from/ba-p/1156246
https://blog.chromium.org/2019/10/developers-get-ready-for-new.html
https://techcommunity.microsoft.com/t5/iis-support-blog/samesite-lax-in-the-new-world/ba-p/1156292
0 comments
12 views

Permalink