We have an intermittent sso login problem which is as difficult to reproduce as it is to track down.
Basically, we have an ldap ticket server which accepts the users’ id & pw, authenticates with ldap directory and redirects to a domino server which has a dsapi plugin to add one of the ldap attributes (a user number) to the @usernames list. Simple.
The cookie which is set by ticket server is persistent, so that when a user opens the browser again, provided the cookie has not expired, the login happens automatically.
Sometimes however the ticket server says the user is authenticated but the domino server disagrees and bounces the user back to the ticket server, which says ‘You are already logged in’ and the process begins again.
After 5 minutes of bouncing back and forth the ticket server eventually creates a fresh cookie, re-authenticates the user and login happens ok.
I’m guessing that the cookie used for authentication is becoming invalid for the domino server before it becomes invalid for the ticket server. But how?
Has anyone else seen problems of this nature?