Single Sign On (SSO) removes the need to re-authenticate to an application when accessing it for a second time - either during an existing Connectra / Mobile Access session, or even between Connectra / Mobile Access sessions.
The authentication credentials used for logging in to the Connectra / Mobile Access Portal can be re-used automatically by Connectra / Mobile Access to authenticate to multiple applications, accessed through Connectra / Mobile Access. It is also possible to record other credentials for the application, and store them for future use.
When SSO user credentials for an internal application differ from their portal credentials, they are securely stored on the Mobile Access gateway, and so remain valid even if the user logs back in from a different client machine.
Most web applications respond to authentication success by redirecting to another page, and then Automatic SSO is viable.
If a redirect is not an indication of success and if you want to use SSO, you must configure an indicator of success or failure, such as a cookie.
The following table lists the Web Applications officially supported by Connectra / Mobile Access Web Form (HTML) Based SSO authentication (a Web Application, listed in the table as having Automatic Configuration, is configured by simply checking the relevant box) .
Note: There are many other applications that also work with Automatic SSO.
Note: If you want to enable the SSO, then open the involved application, go to 'Single Sign On' page, and check the box "This application uses a Web form to accept credentials from users":
Connectra NGX R66.x and Outlook Web Access - Additional Configurations
To configure SSO for OWA 2003 and 2007 on Connectra NGX R66.x, proceed as follows:
Note: Pay attention to the OWA protocol that is used in the configuration of the URL:
- If the OWA works in "http", the URL should be
- If the OWA works in "https", the URL should be
In the following examples, OWA 2007 works with "http" (in clear), and OWA 2003 works with "https".
In OWA 2003, there is no success cookie, so instead use the failure URL.
For OWA 2003 that works in "https", the following URL should be used:
The same URL can also be used for the sign-in Web form detection.
OWA 2007 should be configured to work with "cookie" success indicator. In case of success, OWA 2007 creates a cookie with the name "UserContext".
In addition, it is recommended to configure the login URL. For OWA 2007 that works with "http" (in clear), the URL is:
OWA 2013/2016 should be configured to work with "cookie" success indicator. In case of success, OWA 2013/2016 creates a cookie with the name "cadataKey".
In addition, it is recommended to configure the login URL.
If OWA 2013/2016 is working with "http" (in clear), the URL is:
If OWA 2013/2016 is working with "https", the URL is: