HTTP authentication
This section provides HTTP authentication information.
Problems connecting devices to IBM Traveler with Session Authentication enabled
It is possible for various device types to have problems connecting to IBM Traveler when Domino® Session Authentication is enabled, as many devices do not support HTML form-based authentication. In particular, some devices may provide the authentication credentials on the request whereas others may wait for the server to challenge for the credentials. When the credentials are already provided and correct, it often does not matter what type of authentication the server is configured to use. When the credentials are not already provided or are incorrect, the server will be forced to challenge the device for the credentials and the devices will not handle all forms of the challenge; the challenge must be HTTP basic authentication for the devices to correctly handle the challenge and respond with the necessary credentials
Form-based authentication is enabled by default on the Domino server if you have Session Authentication enabled. Session authentication does not have to be disabled to utilize form-based authentication, but additional configuration as described here is required.
If you are having problems connecting devices to IBM Traveler, read the remainder of this section to ensure HTML form-based authentication is disabled for the IBM Traveler server URLs.
Checking to see if form-based authentication is enabled
- http://servername/servlet/traveler
- http://servername/travelerclients
- http://servername/traveler
- http://servername/Microsoft-Server-ActiveSync
- https://servername/servlet/traveler
- https://servername/travelerclients
- https://servername/traveler
- https://servername/Microsoft-Server-ActiveSync
If form-based authentication is enabled, you will see an HTML form for authentication instead of a pop up window. If form-based authentication is enabled for any of these URLs, please read the following instructions on how to disable HTML form-based authentication for the IBM Traveler server URL paths.
Disabling form-based authentication for the IBM Traveler URL paths
- On the server document Basics tab, enable Load internet configurations from Server\Internet Sites documents and save the server document.
- From Configuration, Web, Internet Sites, select Add Internet
Site, Web and fill in the following fields:
- Descriptive name for this site: Enter any name you wish.
- Organization: The Domino® organization.
- Host names or addresses mapped to this site: host name and/or IP address of this IBM Traveler server.
- Domino® servers that host this site: The Domino® server name of this IBM Traveler server.
- On the Configuration tab, change any desired configuration parameters.
- On the Domino Web Engine tab, enable Session Authentication with the same parameters as used in the Server Document.
- On the Security tab, make any additional security configuration changes including SSL settings.
- Save and close the Internet Site document.
Note: If you restart the Domino® server at this point, the IBM Traveler server should automatically complete any remaining configuration changes. Review the remaining steps to verify proper configuration. - Open the Internet Site document created previously and select Web Site...
> Create Rule. Fill in the following fields:
- Description: Enter any description you wish.
- Type of rule: Override Session Authentication.
- Incoming URL pattern:
/traveler*.
- Restart the Domino® server if you have not already done so.
- Retry the previously listed URLs. All should now generate a 401 pop up challenge.
Reference
For additional information on using Internet Site documents please see the appropriate Domino® documentation: IBM® Domino® Information Center