Thread Info
  • State Verified Answer
  • Replies 2 replies
  • Subscribers 3 subscribers
  • Views 5957 views
  • Users 0 members are here
Options
Suggested

New Reverse Authentication Feature questions

Joseph Worrall

We see a new checkbox "Allow persistent sessions" and a section "Logout" to define specific logout URL's. We would like to know if persistent sessions are meant to solve the password prompt issue with Exchange 2013 switching between /owa and /ecp virtual directories and what syntax to specify in the LOGOUT URLS to allow a complete logout of Exchange 2013/2016 users.

Thank You

Joseph Worrall

Parents
  • 0
    Hello,

    thank you for your questions.
    The persistent session feature as such does not solve this issue. But we also reworked the whole Reverse Authentication session management, so with 9.4 you should not get any login prompt when switching between /owa and /ecp anymore.
    If you do, please report and we'll have a look.

    The persistent session feature solves the issue that users do not want to re-authenticate when closing the browser. So instead of session cookies which are deleted when closing the browser (exception: Chrome keeps also session cookies) 'normal' cookies with an expire field are used. This also solves issues with Sharepoint in combination with (x)doc or xsl (xlsx) files.

    The logout functionality is only limited to the WAF side, so you get logged out off Reverse Authentication. The web application on your real webserver is not aware of the logout. I'm afraid, this feature didn't make it to 9.4.
    The syntax is like a normal path: '/logout'.
    For example, if you have configured the domain 'mydomain.something' and you make a request to 'mydomain.something/logout' you get redirected to the login form.

    Please ask if something is unclear.

    Sabine
Reply
  • 0
    Hello,

    thank you for your questions.
    The persistent session feature as such does not solve this issue. But we also reworked the whole Reverse Authentication session management, so with 9.4 you should not get any login prompt when switching between /owa and /ecp anymore.
    If you do, please report and we'll have a look.

    The persistent session feature solves the issue that users do not want to re-authenticate when closing the browser. So instead of session cookies which are deleted when closing the browser (exception: Chrome keeps also session cookies) 'normal' cookies with an expire field are used. This also solves issues with Sharepoint in combination with (x)doc or xsl (xlsx) files.

    The logout functionality is only limited to the WAF side, so you get logged out off Reverse Authentication. The web application on your real webserver is not aware of the logout. I'm afraid, this feature didn't make it to 9.4.
    The syntax is like a normal path: '/logout'.
    For example, if you have configured the domain 'mydomain.something' and you make a request to 'mydomain.something/logout' you get redirected to the login form.

    Please ask if something is unclear.

    Sabine
Children
No Data
Unfiltered HTML