Subscribe: Comments on: Feb 20: Access Manager and Virtual Private Networking
http://www.novell.com/feeds/openaudio/?feed=rss2&p=141
Preview: Comments on: Feb 20: Access Manager and Virtual Private Networking

Comments on: Access Manager and Virtual Private Networking



Connecting Novell users with what's going on inside and around the Novell universe.



Last Build Date: Fri, 12 Aug 2011 16:02:24 +0000

 



By: Kent Pankratz

Wed, 14 Feb 2007 20:39:24 +0000

Does Novell Access Manager have the capability of doing single sign-on for non-http apps? In class Novell folks specifically indicated that apps accessed via the SSL VPN can indeed be single-signed on (somehow in conjunction with the access gateway, I assume) From my research, the answer is no. The Access Manager Gateway will not process non-http connections. The SSL VPN is used for non-http connections therefore the Single Sign-On feature is used only for connections with the Access Gateway. Here is the link to the documentation on this topic. http://www.novell.com/documentation/novellaccessmanager/index.html?page=/documentation/novellaccessmanager/adminguide/data/b629v75.html#b629v75 "SSL VPN allows authorized access to applications and services that are behind a firewall. It also provides secure access to HTTP and non-HTTP based applications and performs single sign-on when authenticated to the Access Gateway". Here is another snip from the documentation that supports my interpretation of the previous quote: http://www.novell.com/documentation/novellaccessmanager/index.html?page=/documentation/novellaccessmanager/adminguide/data/b3trf9q.html "Access Gateway: Access Gateway uses server certificates and trusted roots to protect Web servers, provide single sign-on, and enable the products data confidentiality features, such as encryption. "SSL VPN: SSL VPN uses server certificates and trusted roots to secure access to non-HTTP applications". A couple of options: 1) The solution for non-http applications through the SSL VPN connection is the Single Sign-On solution that we offer for the client. This is a different product that installs on the workstation. I would suggest setting up another conference call to discuss its capabilty with the customer. 2) Citrix Nfuse technology can be used for these non-http applications and the Access Gateway will provide Single Sign-on for the Citrix client. http://www.novell.com/documentation/novellaccessmanager/index.html?page=/documentation/novellaccessmanager/adminguide/data/b5psj67.html Thanks