RESOLVED: Blocking login.html via Azure firewall leads to not getting XAS cookie even with anonymous users turned on
0
Dear all, For a client we are struggling with XAS cookie provisioning. The client has an Azure install of Mendix, and wants to block login.html via firewall (meaning it is only accessible via a client from within the firewall). The Mendix app has anonymous users turned on. Once we block login.html it seems we are unable to get an XAS cookie, meaning the app becomes unusable. I'd like to learn why this is happening and if there are any alternatives. Thanks ahead and I look forward to your thoughts. Best regards, Wouter
asked
Wouter Penris
1 answers
1
Just giving the solution here for all those out there also working with Azure hosting:
The Azure AGW OWASP 3.2 settings on a second level ( custom rules ) was causing an issue – we needed to allow certain rules because these where blocking the call