Traveler HTTPS Only
Daniel Nashed – 23 January 2012 08:40:22
We ran into issues with double password dialog when accessing the Traveler homepage (servlet) in a pure HTTPS environment with only authenticated users. So this is mainly a issue with disabled anonymous access.
The server has HTTP disabled and only HTTPS running for security reasons.
Because basic authentication is required in order for mobile devices to detect wrong passwords (they cannot read the forms based login return code used by SSO configurations) no HTTPs cookie is present.
By default the realm used by the server is set to the servlet and the image on the Traveler homepage comes from the /traveler/images directory.
That's why sometimes devices prompt for another authentication.
To avoid this issue you can set a "WEB_REALM_STRING" "/" in TrueSyncServer section of NTSConfig.xml
Example:
<COMPONENT COMPONENT_TYPE="TrueSyncServer">
<PROPERTY NAME="WEB_REALM_STRING" VALUE="/"/>
This will set the realm to the root instead of a sub-directory.
In our configuration this solved the double authentication issue.
-- Daniel
- Comments [2]
1Andy Brunner 25.01.2012 16:48:31 Traveler HTTPS Only
Daniel
Great tip! I had the same problem at a customer site.
Thanks a lot.
2John Willemse 03.02.2012 22:50:08 Traveler HTTPS Only
Nice to see an other dominoblog.ntf
Regards John