Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

SafeNet App Gateway

Single Sign-On (SSO) Support for SafeNet App Gateway

search

Single Sign-On (SSO) Support for SafeNet App Gateway

Single Sign-On (SSO) support for SafeNet App Gateway signifies its capability to facilitate seamless SSO operations while accessing non-standard web applications (that do not support SAML 2.0 or OIDC protocol) that are protected by SafeNet Trusted Access (STA). Users are authenticated once and gain access to multiple applications without the necessity of repeated logins for each application.

The following table shows the SSO behavior when two applications with the same or different authentication schemes are hosted on the same web or application server.

Similar behavior, as enlisted below, is also expected if more than two applications are hosted on the same (single) web or application server and protected by a single SafeNet App Gateway instance.

Use Case Application Authentication Scheme Workflow Conclusion
1

Application 1


Application 2

Custom


Custom

  1. After successfully completing the STA authentication, the user gains access to application 1.

  2. In a separate tab or a new window of the same browser, the user can access application 2 without the need for re-authentication.

 Reauthentication is not required for application 2.
2

Application 1


Application 2

Basic


Custom

  1. After entering the application credentials and successfully completing the STA authentication, the user gains access to application 1.

  2. In a separate tab or a new window of the same browser, the user can access application 2 without the need for re-authentication.

 Reauthentication is not required for application 2.
3

Application 1


Application 2

Custom


Basic

  1. After successfully completing the STA authentication, the user gains access to application 1.

  2. Subsequently, when the user opens application 2 in a separate tab or a new window of the same browser, the user is prompted to enter application credentials.

  3. After entering the application credentials, the user gets access to application 2.

 Reauthentication is required for application 2 using the application credentials only and not for the STA IdP as it maintains a STA IdP session.
4

Application 1


Application 2

Basic


Basic

  1. After entering the application credentials and successfully completing the STA authentication, the user gains access to application 1.

  2. In a separate tab or a new window of the same browser, the user can access application 2 without the need for re-authentication.

 Reauthentication is not required for application 2.
5

Application 1


Application 2

Custom


Form-based

  1. After successfully completing the STA authentication, the user gains access to application 1.

  2. Subsequently, when the user opens application 2in a separate tab or a new window of the same browser, the user is prompted to enter application credentials.

  3. After entering the application credentials, the user gets access to application 2.

 Reauthentication is required for application 2 using the application credentials only and not for the STA IdP as it maintains a STA IdP session.
6

Application 1


Application 2

Form-based


Custom

  1. After entering the application credentials and successfully completing the STA authentication, the user gains access to application 1.

  2. In a separate tab or a new window of the same browser, the user can access application 2 without the need for re-authentication.

 Reauthentication is not required for application 2.
7

Application 1


Application 2

Form-based


Basic

  1. After entering the application credentials and successfully completing the STA authentication, the user gains access to application 1.

  2. In a separate tab or a new window of the same browser, the user can access application 2 without the need for re-authentication.

 Reauthentication is not required for application 2.
8 Application 1


Application 2

 Basic


Form-based

  1. After entering the application credentials and successfully completing the STA authentication the user gains access to application 1.

  2. In a separate tab or a new window of the same browser, the user accesses application 2 without the need for re-authentication, but here the user is prompted to an error screen (Something is wrong).

 This is a known issue and is mentioned in the CRN AINT-9332.

Access to multiple applications without re-authentication depends on the active SSO session, which lasts for eight hours in STA. For more information, refer to the Single sign-on session timeout section.

On this page