000014558 - SSO into Microsoft Project Server

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000014558
IssueSSO into Microsoft Project Server
Microsoft Project Server prompts for authentication when creating a new document.
CauseProject will attempt to open a new browser session instead of using the existing session.  This new session is unable to use the CTSESSION authentication cookie because it is a session cookie.
ResolutionA work around to this issue is to change the CTSESSION cookie to a persistant or disk based cookie by modifying the following line in the webagent.conf file to some positive value other than 0 minutes

cleartrust.agent.cookie_expiration=0 Mins
NotesThere are security considerations using disk based cookies instead of session cookies.  If the user does not log out of the Access Manager system, the session cookie will still be valid until the idle timeout period has expired.  An attacker opening a new browser session on this physical machine during this time will have full access to the previous users identity.
Legacy Article IDa46974

Attachments

    Outcomes