#dominoforever | Product Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Windows SSO (Kerberos) with Notes Federated Login

While configuring Windows SSO (Kerberos) with NFL for Notes client using F5 IdP, it has been observed that it is still showing IdP authentication popup. We don't want that users have to enter an username and password when they open the Notes Client.

Already implemented IWA for F5 IdP as IWA provides Notes/Domino users the ability to login using SAML authentication.

It has been identified that F5 IdP offers both:
WWW-Authenticate: Basic Realm=""
WWW-Authenticate: Negotiate

Setting up F5 IdP to use just Negotiated-Kerberos (and dropping basic) the Notes Clients works fine, it doesn't ask for IdP user password. If the Notes browser is given a choice, it's free it pick one so a SAMLBrowser picked the Basic since the server indicates either one is supported.

We are expecting that the Notes client browser should be able to choose Negotiated instead of Basic even if IdP offers both Basic & Negotiated.

  • Guest
  • Aug 31 2021
  • Under Consideration
  • Attach files