9.1.02: Service Pack 2
Remedy Single Sign-On (Remedy SSO) 9.1 Service Pack 2 introduces new features and enhanced security features. The following table provides information about fixes and updates in this service pack and provides instructions for downloading and installing the service pack.
|Enhancements in Service Pack 2||For information about new features added to Remedy SSO in Service Pack 2, see Enhancements.|
|Known and corrected issues||For information about issues corrected in this Service Pack 2, see 2018-03-08_23-43-17_Known and corrected issues.|
|Downloading the service pack||For download instructions, see 2018-03-08_23-44-15_Downloading the installation files.|
|Installing the service pack||
For information about installing and upgrading the Service Pack 2, see:
The 9.1 Service Pack 2 provides the following enhancements in the Remedy SSO System:
IdP initiated login and logout
The 9.1 Service Pack 2 introduces IdP initiated login, that is, users visit the IdP site first from where they can select the required protected service. The Service Pack 2 also introduces IdP initiated single logout, that is, when a user logs out from the IdP, the user gets logged out from all other logged in applications. After logging out, if the user tries to gain access to any of the applications, the user is authenticated again. For more information, see 2018-03-08_23-43-41_IdP initiated login and logout process.
Authentication chaining and fallback mechanism
The 9.1 Service Pack 2 introduces authentication chaining and fallback mechanism that provides alternate user authentication methods when the primary authentication fails. For more information, see 2018-03-08_23-43-50_Authentication chaining.
Multi-Service Provider domain entry page
The 9.1 Service Pack 2 introduces Multi-Service Provider (MSP) domain entry page for MSP customers. MSP customers can provide the domain name through the domain entry page and will be able to access only those applications that are configured for their organization.
Single logout for SAML sessions
The 9.1 Service Pack 2 introduces single logout for a user. If a user is logged in to multiple services provided by different vendors, logging out from any one service logs out the user from all other services. For more information, see 2018-03-08_23-43-40_SP initiated SAML single logout.
Session invalidation on agent
The 9.1 Service Pack 2 introduces session validation checks on agents by caching the session tokens on application agents and implementing a timeout value to check the token validation with Remedy SSO server. When a user requests for an application, the application agent checks if the cached token is valid only if the timeout after the last check has expired. If the timeout after the last check has not expired, the user is logged in to the application.
The timeout value is specified in the token-status-cache-timeout parameter of the rsso-agent.properties file. If the timeout parameter is set to 0, the application agent checks for token validation each time the user requests for an application.