Skip to main content

Active Directory SSO Disabled for 8.1.17 & 7.9.20

Comments

4 comments

  • david wooffindin

    Is there a plan to make this safe again? SSO can be a great feature to offer...

     

    Does 2FA mitigate the risk in your opinion?

    1
  • Hunter Daves-Garrett

    I'd also like a bit more info regarding the method of compromise - specifically point 3:

    So long as you know the username of any user with privileges to access the Designer, you can log in as that user into the Designer without having to supply their password.

    How can a username only provide any access to the gateway?  This seems like the root cause (to me anyway, without having all the details)

    Must the compromised username be currently authenticated to the gateway/designer?
    Must the attack vector be through the compromised user's machine? 

    0
  • David Scott

    Having SSO Disabled has really put a sour mouth in all 6000 of my employees. So much easier with SSO (microsoft environment) 

    0
  • david wooffindin

    Does the latest release (Ignition 8.1.24 delivers a few IdP improvements to keep you calm, cool, and authenticated) help fix or mitigate the SSO vulnerability ?

    0

Article is closed for comments.

This article has 4 comments.