|Issue||SSO into Microsoft Project Server|
Microsoft Project Server prompts for authentication when creating a new document.
|Cause||Project will attempt to open a new browser session instead of using the existing session. This new session is unable to use the CTSESSION authentication cookie because it is a session cookie.|
|Resolution||A work around to this issue is to change the CTSESSION cookie to a persistant or disk based cookie by modifying the following line in the webagent.conf file to some positive value other than 0 minutes|
|Notes||There are security considerations using disk based cookies instead of session cookies. If the user does not log out of the Access Manager system, the session cookie will still be valid until the idle timeout period has expired. An attacker opening a new browser session on this physical machine during this time will have full access to the previous users identity.|
|Legacy Article ID||a46974|