I have a single Domino 7.0.2 server which serves multiple Internet domains (as in aaa.bbb.ccc and xxx.yyy.ccc) and want to use session authentication for web users.
Can you (or do you need to) have multiple Web SSO Configuration documents for a server in order to enable session authentication for multiple Internet domains? If not, how can you accomplish that?
I do not expect users to be able to use single web sign-in for those multiple Internet domains even though all are served by a single Domino server.
Subject: Session authentication w/ multiple domains
You can, but it’s not required. You can just keep it at single-server if you want to… however I think you can only specify an idle timeout, you don’t have the option of a fixed timeout that you can get with multi-server.
Subject: RE: Session authentication w/ multiple domains
Thank you for your reply.
My problem is that if I have, say, two Internet domains - aaa.bbb.ccc and xxx.yyy.ccc - and one SSO document covering only aaa.bbb.ccc; web users “logging in” to xxx.yyy.ccc do not get authenticated and get the login form presented back with no error indication. So, I suspect I need an SSO doc covering xxx.yyy.ccc as well. I hesitate to just try it out since it is all “alive.”
I’d like to keep multi-server option since I will add another Domino server into the mix at later point.
Subject: RE: Session authentication w/ multiple domains
Sorry - I misunderstood, I thought you were asking about single vs multi server session auth. You should probably use multiple internet sites - each with it’s own SSO config.
Or maybe try removing the domain name from the existing SSO doc (so that the cookie is set to whatever domain name the browser is using, as opposed to what is specified in the doc) I have not tried this in Domino, but it works w/WebSphere