Persisting SessionID Using the WebCookieSameSite Key

Print Friendly and PDF Follow

Product Ares
Version 5.0.4+
Ticket N/A
KB Permissions Public

Scope of Issue

As of Ares v4.6.1, Ares began storing the SessionID in a cookie rather than including it in the web URL. However, this change has led to some users experiencing an issue where clicking on the Ares webpages from an external system such as Canvas will send them to the glogon2.html page due to the DLL not being able to find their SessionID. This issue may occur if the user's browser does not allow cookies, or due to the SameSite cookie changes rolled out by Google Chrome.

WebCookieSameSite Customization Key

Note: Your course/learning management system (CMS) must be integrated with Ares using an LTI 1.3 connection to take advantage of this functionality. For more information on configuring an LTI 1.3 connection between your CMS and Ares, see Integrating Ares with LTI 1.3

As of Ares v5.0.4/5.0.5, the WebCookieSameSite customization key can be used to configure the SameSite value on the session cookie to allow persisting the SessionID for users navigating from an external system, such as a course/learning management system to the Ares web pages. This key is located under Web | Settings and can have three possible values:

  • None: Sets the SameSite cookie property to None allowing users to skip the Ares login screen if the external site has been configured to use HTTPS.

    Note: If the external site is configured to use HTTP, the SameSite cookie will be set to Lax even if this key is set to None.
  • Lax: Sets the SameSite cookie property to Lax allowing users to skip the Ares login screen if the external site is under the same domain as the Ares web pages.
  • Strict: Sets the SameSite cookie property to Strict forcing users to login into Ares from any external site even if it is under the same domain as the Ares web pages.

Questions?

If this article didn’t resolve your issue, please contact Atlas Support for assistance:

Contact Support