Never asked to resubmit credentials on Google login page with SocialAccess Appliance
This document (7012101) is provided subject to the disclaimer at the end of this document.
NetIQ Social Access 1.0
Users were successfully able to access the SP pages after having authenticated with LinkedIn and Google. When the browser was shutdown, subsequent requests for the SP page would get redirected as expected to the SocialAccess login page. When the users selected to login using the LinkedIn authentication source, the linked in login page would be displayed where the users would enter their credentials.
When authenticating to the Google authentication source however, despite closing browsers after successfully logging in the first time, users would get logged in again seamlessly on next access without being asked to enter their credentials. If the user trying to login to the Google authentication source was different from the original user, the user would inherit the session information from the originally authenticated user.
It appears that Google uses several persistent cookies. As a result, if a different user attempts to access the target system from the same browser and chooses Google, then they'll gain access as the previous user.
I only get prompted to re-authenticate if I clear out the persistent cookies from the browser.
LinkedIn doesn't behave like that - if I close the browser then I am forced to re-authenticate if I choose the LinkedIn button again - which is good.
I get the same behaviour with Firefox 19 and IE9.
Checking the box next to Stay signed in on the Gmail login page will automatically log you in each time you visit mail.google.com. This makes for easier access to Gmail, but if you check your email from a computer that other people have access to, automatically logging in may not be the best option.
When you check the box and log in, Gmail sets a cookie (lasting two weeks) to remember you when you return to the site from the same computer. To disable the cookie, just click the down arrow next to your email address in the upper-right corner, and select Sign out. You'll need to re-enter your username and password when you return to Gmail.
We encourage you to log out of Gmail at the end of each session to protect the security of your email information. Logging out of Gmail is especially important if you check your email on a public computer. To end your Gmail session, just click the down arrow next to your email address in the upper-right corner, and select Sign out.
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7012101
- Creation Date:09-APR-13
- Modified Date:09-APR-13
Did this document solve your problem? Provide Feedback