SSO support for MSRD WebClient via VPN RRS feed

  • Question

  • Hi,

      We are trying to launch MSRD Web through our pulse secure VPN and support SSO for the same. But with our design and the restrictions on how MSRD web client is launching, we don’t have a direct SSO working case. Hence, we are having a javascript which will be used on the browser to fill in the credentials when the pop-up window appears. This works for us but this has a security implication that password is being sent to the browser via javascript.


    What we want to do to circumvent this is have some dummy password/one time pass code on the browser window when we are filling by script and once the request hit our VPN server, change them to proper values and send to the backend MSRD Web server for authentication and also for launching the applications.


    But we are unable to achieve this as Microsoft is computing some client side cookies(i.e ClientSideCookie, HttpOnlyCookie, WebSocket key etc) based on the values entered on the browser input boxes and those cookies have been used across the session. We are just unable to replace/recompute these cookie when we want to replace the values on our VPN server.


    Any kind of inputs/thoughts  on this how to proceed would be very much appreciated.


    Thank you.




    Wednesday, July 31, 2019 5:33 AM