Progress
on the Web


Single Sign-on and Security Caching

When WebClient prompts the end user for authentication information to connect to a server to download the application configuration file or application components, WebClient can cache the authentication information and make it available to the application. Similarly, when the application prompts the end user for authentication information to connect to a server that contains business logic, the application can make the authentication information available to WebClient. By default, WebClient maintains a separate security cache for the application configuration-file server and the codebase server.

Security caching lets you implement single sign-on, which means the end user is not prompted multiple times for the same authentication information. Single sign-on is useful when:

NOTES: Authentication information is always stored encrypted.

Sharing the configuration file cache with the codebase cache works only if the application is launched from a shortcut, not from a Web browser — because in the latter case, the configuration file is downloaded by the Web browser, whose cache WebClient cannot access.

By default, WebClient does not maintain security caches on a particular machine across sessions. This is called the persistent cache, which the end user must specifically request.

You can tell WebClient to disable the persistent cache. If you do so, the end user does not have the option of saving authentication information across sessions, and WebClient deletes the security caches at the end of each WebClient session.

NOTE: If persistent caching is not disabled, an end user enters authentication information for particular servers, and the end user chooses to cache them persistently, a subsequent end user starting a new WebClient session at the same machine and logging in as the original end user can access those servers without having to re-enter the authentication information.


Copyright © 2004 Progress Software Corporation
www.progress.com
Voice: (781) 280-4000
Fax: (781) 280-4095