Search Tips   |   Advanced Search

Domino: Single sign-on configuration troubleshooting tips for security


  1. In the administrative console, click Security > Global security.

  2. Under Custom properties, click New.

  3. In the Name field, enter...

  4. In the Values field, enter true.

  5. Click Apply and Save to save the changes to the configuration.

  6. Resynchronize and restart the server.

Unexpected re-authentications:

When we set custom property...

...unexpected re-authentications might occur when we are working with multiple web applications. By default, each web application has its own unique HTTP session, but the web browser has one session cookie. To address this issue, we can change the HTTP session configuration by giving each application a unique session cookie name or path setting. As a result, each application gets its own session cookie. Alternatively, we can configure multiple web applications with the same enterprise application to share the same HTTP session.

  • Possible issues when SSO is enabled and Firefox v3.6.11 is configured to accept third-party cookies.

    If we have SSO enabled, and when using Firefox v3.6.11 one of the following is true:

    • It is configured to accept third-party cookies that are kept until they expire or until Firefox is closed

    • We have one session open but are switching to different applications

    • More than one session is opened for different applications that require different users for authorization

    we might see the following error message: Error 403: AuthorizationFailed.

    To resolve, clear the third-party cookies before launching a new application by doing the following:

    1. Select Firefox Tools > Options > Privacy.

    2. Ensure that the history is set to Remember History.

    3. Click on Remove individual cookies to delete the cookies.

    We can also close other sessions if Firefox is configured to accept third-party cookies that are kept until Firefox is closed.

  • Troubleshoot security configurations
  • Assembling so that session data can be shared