clientless vpn access for web based application

Unanswered Question
Aug 18th, 2010
User Badges:


One of our customer is a healthcare company hosting two web based applications( ORacle 9g and coldfusion 8, respectively IIS and apache web based applications)

The idea is that the customer wants added security to those web based applications when accessed from the internet, additionally and for ease of use, their customers should not enter a username and password more than once.

I was thinking of a clientless vpn where I can publish the urls for those two web based applications and I noticed there is an autosignon command which uses the credentials used for the ssl vpn to authenticate for the web application as well. Did I get it right? just one time authentication to access both the web based application and the vpn?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Eric Boadu Wed, 08/18/2010 - 11:35
User Badges:

If you creating bookmark (portal) for the users then auto sign on is fine. Make sure the user is coming from the trusted site or the source instead of any any. Thx, Eric

k.abillama Wed, 08/18/2010 - 11:39
User Badges:

Thx! just one more thing, will the autosign on work if I get the ASA integrated with ACS 5.x; I was thinking of consolidating the database of usernames and password on the ACS so that we can generate reports for authentication records( integrate ACS with Active Directory)

Eric Boadu Wed, 08/18/2010 - 12:32
User Badges:

Yes, you can but know that AD doesn't support MD5 password. AD supported only MS-CHAP. Please double check before or use test account first.

Good luck!



This Discussion