The rollout of Chromium update 80 has changes the requirements of the same-site authorization. Some changes will need to be made in order to prevent interruptions to your iDashboards.
Will I be affected?
This change will only affect users that are embedding iDashboards via iFrame from a different domain example: idashboards.com/idashboards to mywebsite.com/idashbords. The symptoms will be the page not loading, or getting stuck on a loop trying to login. Or the iDashboards frame loading but no dashboards will be available to select.
SSL Certs for cross-domain access is mandatory.
Testing with Chrome
Open your browser and open the developer tools screen. You can do this by clicking the three dots in the top left next to your profile image. Go to More Tools and select Developer Tools. Select Application for the top menu then go to the menu on the left and expand Cookies you should see the sites your working with.
Shortcuts: Chrome and New Edge ctrl+shift+I
You may also turn off the same-site by default setting in chrome for testing. In the browser URL put the following:
Set to Disable
Set to Disable
Click the Relaunch button at the bottom of the screen.
The first thing will be to update Tomcat. Version Tomcat 9.0.28 and greater and 8.5.48 and greater contains the patch we need (This also might require an update to Java as well). You can find your Tomcat and Java versions by exporting a log from iDashboards from the Admin section of iDashboards. Open the iDashboards.log file, look for the following section logServerInfo(): Server Info: Apache Tomcat this will indicate what version of tomcat you are running. example: logServerInfo(): Server Info: Apache Tomcat/9.0.37 at the same time you can check the java version SYSTEM PROPERTY: java.version=1.8.0_275
If your Tomcat needs upgrading you can reach out to the Technical support team for assistance.
Having the correct version of Tomcat you can move forward with the Tomcat modifications. Access the Tomcat directory config files (idashboards_srv/server/config). The two files we will be editing will be web.xml and context.xml.
Note: If you are hosting other applications on your Tomcat server you might need to add the following changes to the context.xml into the idashboards/META-INF/ directory path to prevent altering the cookie handling of other applications. Please consult the iDashboards Technical Support Team before doing so.
In the context.xml add the following line between <context> </context> flags.
<CookieProcessor className="org.apache.tomcat.util.http.Rfc6265CookieProcessor" sameSiteCookies="none" />
In the web.xml we will need to scroll down and find the session-config section past the highlighted section between the <session-config> </session-config> flags. Be sure to leave the session timeout alone.
<session-config> <cookie-config> <http-only>true</http-only> <secure>true</secure> </cookie-config> <session-timeout>30</session-timeout>
After the changes are made and the SSL cert is in place you can restart the Tomcat \ iDashboards service.
Now when you go to the site you should see Secure checked and SameSite set to None.
If you are still having issues after this, please go into your Safari Privacy Settings and change the following default setting:
For Mac Users
Open Safari if it is not already open.
Click the "Safari" menu and choose "Preferences" and then "Privacy"
Depending on your version of OS:
Click prevent Cross Site Tracking to disable this setting.
For Mobile Apple Users
Go to Settings
Click on Safari
Privacy & Security
Turn the toggle 'Prevent Cross Site Tracking' to 'Off'.