Background:
My customer is running an Xpages (multiple database) site on Domino 9.0.1FP2. Due to the Poodle vulnerability, I have configured the server to run IHS and have all relevant certificates installed. For the most part, this works.
Problem:
When users first connect to the site each day, they are logged straight into the site with no issues via SSO (Single Sign On). After a period of time, or if they close their browser session and then try to re-establish a session by opening their browser and hitting the site again, they are presented with a Domino login screen. If they enter their Domino web credentials, they can proceed, but this is not the intended behaviour. They should be able to log in via SSO all the time, which is how it used to be before IHS was setup on the server.
To confuse the matter a little further, if the user waits a period of time after not being able to login via SSO, they are later authenticated via SSO. It’s like there is a session period that needs to expire before the user can reconnect. Would that be right? Sometimes, even of the user is presented with the Domino login screen, if you manually type the URL path to the Home screen, it’ll take you there without having to provide credentials (via SSO).
Other relevant information:
- Server has a FQHN set in the DNS.
- The home page path to the home database has been set in the Internet Site document
- Users are directed to the server directly, not via any load balancing device
I am assuming this is a config issue? Are there any config settings I need to make or check to have SSO work consistently with IHS?