This content has been marked as final. Show 2 replies
I have not tried this, but maybe it could work:
1. Create a new application that uses SSO as the authentication scheme. Name the cookie in the authentication scheme. Create one page in this application. Give a link to this application/page to your OID (internal) users.
2. In the Post Authentication Process of this application's authentication scheme, do this:
...where XXXXX is the application ID of the main application.
3. For the main application, leave the authentication scheme as is but also provide the same cookie name as for the SSO-authenticated application. Give a link to any page in this application to your non-internal users.
When internal users use the link to the SSO application they will first have to authenticate using the SSO login page, then they'll be taken to page 1 in application XXXXX. When the page sentry in that application checks for the existence of a suitable session cookie, it will find it, the cookie having already been set by the authentication scheme in the SSO-authenticated application, which uses the same cookie name as that expected by application XXXXX.
When non-internal users use the link you gave them, the default authentication scheme will present the application's login page and they'll authenticate there.
this is a real good idea - and the very best: it works!
I had to move the owa_util.redirect..... to page 1 of the SSO-Authentication App.
I call it in the "Before Header"-Process - and get redirected to my "real" application, where my cookie is accepted :)
Don't know why this didn't work in the Post Authentication Process. This try ended up somewhere in a wierd URL of the SSO-Server.
But this doesn't matter - it works this way.
Thanks a lot