...
- Sometimes a logon to SSO box.net repeatedly prompts for username and password, even if the username and password is correct
- This is related to Extended Protection for ADFS and will be repealed
- Extended protection affects Firefox, Chrome and Safari browsers mostly, it is not a problem for native IE browsers
- Sometimes even after logging out of the box.net application, if you revisit https://tufts.box.com/login (even after restarting your browser) you will not be prompted for credentials again
- This is related to the Web SSO lifetime token for the Tufts ADFS server, the SSO lifetime token will be reduced to under 5 minutes to reduce the scenarios in which someone intentionally closes a session and is still left open.
- Still exists as of 10/18/2012
- m.box.com does not function with SSO credentials unless you leave the password field BLANK when logging in ( this behavior will only occur during pilot phase.)
- box.com does not function with SSO credentials unless you leave the password field BLANK when logging in ( this behavior will only occur during pilot phase.)
- Both of these are fixed as of 10/18/2012
- box.com does not function with SSO credentials unless you leave the password field BLANK when logging in ( this behavior will only occur during pilot phase.)
- tufts.box.com/login does function with SSO credentials
- SSO self-service provisioning is currently sending – "partner_user_id parameter should be set" Still working to resolve.
Applications
- Some mobile Apps cache the password persistently for an SSO credential. In order to update the cached SSO credential you need to remove and re-add the application
- The iPad "Box" application from box itself does have the ability inside accounts to prompt for password persistently or force a logout which can be used to update the password.
...