When using Crowd for single sign-on (SSO), you can specify that the 'secure' flag is set on the SSO cookie. This will enforce a secured connection, such as SSL, for all SSO requests.
Unsecured connections will be rejected
If you set this flag, any applications not using a secure connection will not be able to participate in SSO and users will not be able to log in. Potentially, this may make it impossible to log in to Crowd, if your Crowd Administration Console application is not accessed via SSL.
To specify the secure flag on the SSO cookie,
Screenshot: Secure SSO Cookie in Crowd General Options
- Configuring Server Settings
- Configuring your Mail Server
- Creating an Email Notification Template
- Configuring Trusted Proxy Servers
- Viewing Crowd's System Information
- Backing Up and Restoring Data
- Logging and Profiling
- Overview of Caching
- Configuring the LDAP Connection Pool