IBM Verify

IBM Verify

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
  • 1.  How does FSSO work

    Posted Sun January 24, 2021 05:58 AM
    I have a few questions regarding FSSO.

    When a user tries to access a backend server, serviced by a junction that is configured to use FSSO, ISVA will request the user credentials.
    To be able to use these credentials, later in another junction that uses for example Basic Authentication, it must store that information somewhere and in clear text, otherwise it will not be able to login to a different application.

    Where are the user credentials stored?

    Will the SSO work across reverse proxies? For example, if I have 2 reverse proxies RP1 and RP2, each have 2 junctions, JCT11, JCT12 for RP1, and JCT21, JCT22 for RP2, all of them have different backend servers, if I login to JCT11 can I use JCT21 without further login?

    Does this also work if I have a junction (JCT1) to access ISAM localhost, to support OIDC using pkmslogin.form to login and another junction (JCT2) for a backend web application required to login again, or will ISVA support FSSO in this situation too?

    Thanks

    ------------------------------
    Joao Goncalves
    Pyxis, Lda.
    Sintra
    +351 91 721 4994
    ------------------------------