In a web application ressource policy I have remote sso enabled. I put the url and the name and password. whenn the user logs in everything works fine. He gets the webpage and the loginname and password are already filled in so that he only has to click the login button.
The onlything which is not correct is that under autopolicy i have configured that the user should not be able to change the username/password. but he can!
SA2000 6.3R1-2 (build 13619)
In your resource policy, change the Username & Password in the SSO settings from 'User CAN change value' to 'Not Modifiable'. That should fix your problem.
The actual setting is "Not Modifiable". But the user still can change the login credentials.
In the SSO details, are the 'Name' and 'Value' correct? I think that by default the values are 'login' and 'password'. Are these the correct values for the page you're posting to?
The Values are correct. The Username and the Password which we have defined is paste correctly on the webside when the user clicks to the web-ressource while log int the sa-box.
If i tick the "deny direct login for this resource" I am not able to login on the ressource anymore although the username and password are configured correctly. does it denpend on the name which the user loged in? the logon username is different from the username of the web-ressource.
Yes, Single Sign On will pass on the credentials that the user logged in with, assuming the Values are the logon details, eg <USER> & <PASSWORD>. If the web resource uses different details, why are you using SSO? Could that be what's causing your problem?