IBFA In HTTPS Will Not Prompt Authentification
Last updated on APRIL 12, 2017
Applies to:Oracle Insurance Insbridge Rating and Underwriting - Version 184.108.40.206.0 and later
Information in this document applies to any platform.
On : Insbridge 220.127.116.11.0 version, Framework Administrator IBFA
IBFA in https will not prompt authentification
We've enabled SSL in IIS8.5 and set the IBFA authentication to enable just "Windows authentication" which should prompt users for another authentication when attempting to access IBFA in order to have audit logs recording any change and manipulation.
Although this works in HTTP, we have disabled the unsecure protocol and only left HTTPS. When a user logs in from a workstation, the user is prompted to login to the Insbridge portal and when the user logs on IBFA which is set in HTTPS the user goes straight through and is not prompted to enter credentials again like it is the case with HTTP.
User should have to enter credentials to enter IBFA
The issue has the following business impact:
Due to this issue, users are able to log into IBFA without entering credentials.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms