Wednesday, June 19, 2013

Requiring SSL for SSO? Flick the switch!

Recently we switched our servers to use SSO and life was good.  Until someone tried to login to their mail. (Why anyone would want to use the browser to access their mail when they have a perfectly good Notes client and Traveler at their disposal is beyond me...but, alas...)

Where was I?, Oh yes, SSO.

Well being the security conscious kind of guy that I am I configured SSO to require SSL.

What that means in English is that in order to access your databases you must use SSL.  Oh sure, you can login.  And login.  And login.  You just ain't gonna' be able to actually "login" to the application.  Know what I mean?


So my friends...if you do require SSL for your SSO then either tell your users "what? just type in https:// every time" or you can flick that nifty little database property to force an SSL connection to your database.