Non-secure Message in Chrome During SSO
In our Luminate SSO integration we use the EstablishSession endpoint to establish a session on the Luminate site, following the documentation: http://open.convio.com/api/apidoc/general/sso_convio_as_client.html
We have reports of folks getting a warning in Chome about a non-secure redirect: Screen Shot 2020-12-15 at 2.33.36 PM.png. (Screen shot attached.)
In the SSO process the user is initially sent to an https page on the Luminate site (https://secure2.convio.net). In viewing the network history we can see that once the user is on that system, there is an additional redirect to a non-secure Luminate URL. Screen Shot 2020-12-15 at 3.52.22 PM.png
Is there a way for us to avoid that additional non-secure redirect?
We have reports of folks getting a warning in Chome about a non-secure redirect: Screen Shot 2020-12-15 at 2.33.36 PM.png. (Screen shot attached.)
In the SSO process the user is initially sent to an https page on the Luminate site (https://secure2.convio.net). In viewing the network history we can see that once the user is on that system, there is an additional redirect to a non-secure Luminate URL. Screen Shot 2020-12-15 at 3.52.22 PM.png
Is there a way for us to avoid that additional non-secure redirect?
Tagged:
0
Comments
-
By default, the EstablishSession servlet is always non-secure, so if you attempt to access it over HTTPS you'll get a redirect to HTTP. With a customization, though, Blackbaud can make EstablishSession "multi-channel", meaning that if you access it over HTTPS no redirect will occur. If that's something you're interested in, you can reach out to your account representative. (If you have an existing project with Blackbaud Professional Services such as a monthly retainer, this can be changed through that project too.)0
-
Thanks, Noah - interesting. Nothing has changed on our side, so wondering if you're seeing this with other customers specifically with Chrome. We're concerned that this was a Chrome update that appears to be interfering with our donors' ability to log in. We've tested this before, but are only seeing this issue recently. Thoughts?0
Categories
- All Categories
- 6 Blackbaud Community Help
- 211 bbcon®
- 1.4K Blackbaud Altru®
- 396 Blackbaud Award Management™ and Blackbaud Stewardship Management™
- 1.1K Blackbaud CRM™ and Blackbaud Internet Solutions™
- 15 donorCentrics®
- 360 Blackbaud eTapestry®
- 2.5K Blackbaud Financial Edge NXT®
- 650 Blackbaud Grantmaking™
- 568 Blackbaud Education Management Solutions for Higher Education
- 3.2K Blackbaud Education Management Solutions for K-12 Schools
- 937 Blackbaud Luminate Online® and Blackbaud TeamRaiser®
- 84 JustGiving® from Blackbaud®
- 6.5K Blackbaud Raiser's Edge NXT®
- 3.7K SKY Developer
- 247 ResearchPoint™
- 119 Blackbaud Tuition Management™
- 165 Organizational Best Practices
- 239 The Tap (Just for Fun)
- 34 Blackbaud Community Challenges
- 31 PowerUp Challenges
- 3 (Open) PowerUp Challenge: Data Health
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Product Update Briefing
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Standard Reports+
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Email Marketing
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Gift Management
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Event Management
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Home Page
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Standard Reports
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Query
- 785 Community News
- 2.9K Jobs Board
- 53 Blackbaud SKY® Reporting Announcements
- 47 Blackbaud CRM Higher Ed Product Advisory Group (HE PAG)
- 19 Blackbaud CRM Product Advisory Group (BBCRM PAG)