OnBase: "An unknown login error occurred." when accessing a shared Unity Form that is embedded in an iFrame

OnBase: "An unknown login error occurred." when accessing a shared Unity Form that is embedded in an iFrame

Description

  
After upgrading to OnBase Foundation 23.1 or higher, after authenticating via the Hyland Identity Service (IdS) and when accessing a shared Unity Form that is embedded in an iFrame, the following error sporadically occurs:
  
An unknown login error occurred.
 
In the Diagnostics Console, the following error is found:
 
Login Authentication Ticket invalid
 
This issue does not occur when the shared Unity Form is accessed outside of the iFrame.
 

Resolution

   
This issue occurs because the ASP.NET Session State Cookie is set with SameSite = ‘Lax’ by default, which can cause unexpected behavior for ASP.NET-based applications when embedded in an iFrame.
 
With the release of the Microsoft KB4533011 patch, the ASP.NET Session State Cookie is now set with SameSite = ‘Lax’. This controls how the cookies associated with the site creating the cookie are restricted to allow the site to determine how cookies will behave across sites. Within the OnBase Web Server, the SameSite attribute for the cookies created by the OnBase Web Server is controlled using the cookieSameSite attribute of the sessionState key in the Web Server web.config file. By default, the setting is set to Lax.
     
To resolve this issue, modify the Web Server’s web.config file and set the cookieSameSite setting  to a value of None.