Confluence Prerequisites 1.8

Owned by Andi Muka
Sept 03, 2021
1 min read

Starting with Chrome v84 if the SameSite cookie attribute is not set the browser will default the SameSite attribute as Strict or Lax. This might cause the app to fail to log in when using the Chrome browser.

In order to fix this, the below configuration is needed.

Add the following to your server.xml if you are using a bundled Tomcat from Confluence or in your confluence.xml if you use an external Tomcat server:

  • add "secure=true" to the Connectors flag

  • add <CookieProcessor sameSiteCookies="None" /> inside the Context flag

e.g

<Connector port="8090" connectionTimeout="20000" redirectPort="8443" ... proxyPort="443" scheme="https" secure="true"/> ... <Context path="/confluence" docBase="../confluence" debug="0" reloadable="false" useHttpOnly="true"> <!-- Logging configuration for Confluence is specified in confluence/WEB-INF/classes/log4j.properties --> <Manager pathname=""/> <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60"/> <CookieProcessor sameSiteCookies="None" /> </Context>

This configuration will work only for Tomcat versions 8.5.48+ or 9.0.28+, which means that if you have lower versions you need to update Tomcat first before applying the configuration.

Apply this configuration to every node of your system if you have a Data Center version of Confluence with multiple nodes.

Note: This configuration is dependent on your environment and how you have configured Confluence to run against the Tomcat server. More info can be found on the Tomcat documentation here.