3 Replies Latest reply: Nov 21, 2012 12:22 PM by jgarry RSS

    SSO

    Billy~Verreynne
      Is SSO still suppose to work across Oracle servers?

      I used to be able to signon to OTN and then use support.oracle.com without having to logon again. Last few weeks, I have to logon separately to OTN and support.oracle.com.

      Another change in behaviour is OTN session expiry. When a session expires (after about 7-8 hours?), a web browser page refresh of my editwatches page authenticated and re-established the OTN session (normal forum pages default to guest in these circumstances). This is also no longer the case. Not sure if this was an unintentional feature - but it was pretty useful.
        • 1. Re: SSO
          jgarry
          I know I for one complained about the underlying assumptions of SSO as formerly implemented, I was taking these changes as a move in the right direction, and perhaps a tightening of security.

          As an example, I would want to use different logins for these fora than for MOS. MOS communications need to go to a company distribution list, my forum watches don't. I haven't tried contemporaneous logins yet, although while composing this I logged out of MOS and was still able to post.
          • 2. Re: SSO
            Billy~Verreynne
            Had a similar problem with e-mail addresses. My OTN addy (private mail) has been registered since '99 and I do all my postings why it. Access to (then) Metalink required office address and signed me out of OTN - so I asked that my private addy be added to the company CSI for access and the CSI admin guy was quite okay with that.

            But when that is not an option - yes, a separate logons for support and OTN makes sense.

            Are new OTN features and changes officially listed anywhere? Maybe my fault for asking a question that has been explained already by the OTN folk with an official notice.
            • 3. Re: SSO
              jgarry
              Since this goes beyond MOS and OTN, they probably should post it everywhere. I don't see anything about it on MOS either. I guess it's easier to just slipstream changes and let people be confused as to whether hackers are everywhere. There was even a usenet post asking about it. One has to wonder when site behavior changes more than once over a weekend.