As browsers start to adopt the SameSite cookie security, certain changes are necessary in
the Engineering Lifecycle Management IBM WebSphere Liberty configuration files.
About this task
To allow the application to work as expected with SameSite-enabled browsers, perform the
following steps in all your ELM Liberty servers:
Procedure
-
If your Liberty server is running, shut down the server.
- If the ELM server is not started, create the ELM Liberty configuration files following
the steps below:
- Go to the ELM server directory.
Windows:
cd JazzInstallDir\server
UNIX:
cd JazzInstallDir/server
- Create the configuration files.
Windows:
server.startup.bat -create
UNIX:
./server.startup -create
- Go to the ELM Liberty server directory.
Windows:
cd JazzInstallDir\server\liberty\servers\clm
UNIX:
cd JazzInstallDir/server/liberty/servers/clm
- Edit the JazzInstallDir\server\liberty\servers\clm\server.xml file
and insert the samesite tag. The following is an example:
- Before the server.xml is
edited:
<httpEndpoint id="defaultHttpEndpoint"
host="*"
httpPort="9080"
httpsPort="9443"/>
- After the server.xml is
edited:
<httpEndpoint id="defaultHttpEndpoint"
host="*"
httpPort="9080"
httpsPort="9443">
<samesite none="JAZZ_AUTH_TOKEN,JSESSIONID,JazzFormAuth,LtpaToken2,X-com-ibm-team-foundation-auth-loop-avoidance,jfs-oauth-access-token*,
jfs-oauth-access_token-secret*,jfs-request-token-*,JSA_AUTH_COMPLETE,JSA_SESSION_IDENTITY,JSA_CSRF*"/>
</httpEndpoint>
- Save the changes to the server.xml file and start the IBM WebSphere
Liberty server.
Customize the IBM WebSphere Liberty server for
SameSite