sureshj.96321 (Customer) asked a question.
Hi,
I have a windows server named, suresh.siteminderservices.com which hosts an apache web server. I have a test.html page under folder sample in htdocs of apache web server.
Under normal conditions, I access the html page such as below:
http://suresh.siteminderservices.com/sample/test.html
and it renders me the contents of the html page.
Now, I create an app integration of type SWA under OKTA applications in the OKTA admin page to protect the test.html page.
For App Login Page URL I provide http://smwwin2016.siteminderservices.com:81/sample/test.html
And I leave everything default.
OKTA automatically creates an Embed URL such as:
https://dev-9671535.okta.com/home/dev-9671535_smwwin2016_1/0oa688f05aVUm0hHx5d7/aln688qk50n8lJu5n5d7
So, I now I want to test it out.
I assign a user to the app.
Access the Embed URL and I am prompted for Okta username and password and when i provide it installs a browser plugin and lets me login.
Fine SSO worked.
But, when I once again access http://suresh.siteminderservices.com/sample/test/html it is still rendering that page.
Technically, it should not happen. How do I configure OKTA to block this from happening. It should either redirect to embed url or block it completely after swa configuration is complete or prompt for OKTA username and password.
Can someone please fill in the gaps in my configuration as to what is needed in OKTA trial edition to protect a resource without using Access Gateway.
Appreciate your kind help!
Thanks and Regards,
Suresh Jagirdar
Hi @sureshj.96321 (Customer),
Thank you for posting on the Okta community page!
I have done some research and the only action that Okta performs related to a SWA application is to insert the user credentials once it lands on the login page configured for that specific app. If you would like to use a more secure SSO method, I would recommend to take a look at the bellow articles that contain information about different types of SSO supported by Okta:
I hope the above information is useful!
On another note, the Okta Community Catalysts Program is now live. Collect online badges when you participate in the Okta Help Center Questions community. Learn more here.