Domino on Linux/Unix, Troubleshooting, Best Practices, Tips and more ...

alt

Daniel Nashed

Traveler HTTPS Only

Daniel Nashed – 23 January 2012 08:40:22

We ran into issues with double password dialog when accessing the Traveler homepage (servlet) in a pure HTTPS environment with only authenticated users. So this is mainly a issue with disabled anonymous access.
The server has HTTP disabled and only HTTPS running for security reasons.
Because basic authentication is required in order for mobile devices to detect wrong passwords (they cannot read the forms based login return code used by SSO configurations) no HTTPs cookie is present.

By default the realm used by the server is set to the servlet and the image on the Traveler homepage comes from the /traveler/images directory.
That's why sometimes devices prompt for another authentication.

To avoid this issue you can set a "WEB_REALM_STRING" "/" in TrueSyncServer section of NTSConfig.xml

Example:

<COMPONENT COMPONENT_TYPE="TrueSyncServer"> 
<PROPERTY NAME="WEB_REALM_STRING" VALUE="/"/> 

This will set the realm to the root instead of a sub-directory.

In our configuration this solved the double authentication issue.

-- Daniel
Comments

1Andy Brunner  25.01.2012 16:48:31  Traveler HTTPS Only

Daniel

Great tip! I had the same problem at a customer site.

Thanks a lot.

2John Willemse  03.02.2012 22:50:08  Traveler HTTPS Only

Nice to see an other dominoblog.ntf

Regards John

Links

    Archives


    • [HCL Domino]
    • [Domino on Linux]
    • [Nash!Com]
    • [Daniel Nashed]