UA Home
The UA NetID WebAuth service provides a single point of authentication, as well as Single Sign-on (SSO) facilities, for UA Web sites that require UA NetID authentication.
WebAuth is a service utilized by Web-based applications that require the UA NetID for authentication. It relies on a central “login server”, to which users are redirected upon their first attempt to access a WebAuth-enabled application. Upon successful WebAuth login, authentication “credentials” are carried in a temporary cookie — stored by the user's Web browser — until the browser is closed or the credentials expire. These credentials allow the user to access multiple WebAuth-enabled applications, without requiring the re-entry of “username/password” information for each. In order to utilize this Single Sign-on capability, Web browsers must be configured to accept cookies.
One security note before beginning to use WebAuth: Make sure you exit your browser session when finished, especially when using a public access computer. If you don’t exit the browser, your WebAuth session will remain active, allowing someone else to access your sensitive and personal data. When you logoff a WebAuth-enabled Web site, you will be able to logoff WebAuth, as well, by following a link on the site's logout page. (See below.)
You can login to WebAuth by going directly to the application you wish to use, such as WebMail. You will be directed by a link from the WebMail login page to the WebAuth login page. Once you login to WebAuth, you will be able to enter any other WebAuth-enabled Web site without having to re-login, as long as your WebAuth session is still active and the site allows single-sign-on (some applications may require re-authentication). See “Set Your WebAuth Timeout” below in order to set the length of your WebAuth session.
When you logout of a WebAuth-enabled Web page, your WebAuth session may still be active, meaning you’ll be able to return to that and other applications without having to re-login, depending on your WebAuth timeout setting. The best way to logout of a WebAuth session is to completely exit your browser. You can also logout of the application you are using — in this example WebMail — and receive the following or similar notice:
Attention: Webmail logout successful. WebAuth login still active. Finished accessing secure applications? Logout of WebAuth.
Click on Logout of WebAuth to end your WebAuth session.
| Web Browser | How to Completely Exit |
| Internet Explorer on PC | Close all Internet Explorer windows by clicking each window's close box or on the File menu select Close (shortcut key Ctrl+W). You must do this for each and every Internet Explorer window. |
| Netscape on PC | On the File menu select Exit (shortcut key Ctrl+Q). |
| Safari on Mac | On the File menu select Quit (shortcut key Command+Q). |
| Internet Explorer on Mac | On the File menu select Quit (shortcut key Command+Q). Also, if either Outlook Express or Entourage is open, you must quit it too. |
| Netscape on Mac | On the File menu select Quit (shortcut key Command+Q). |
| Netscape on Unix | On the File menu select Exit (shortcut key Alt+Q). |
While use of WebAuth is required to login to services such as WebMail, the ability to utilize Single Sign-on is a user preference. Single Sign-on allows you to access other UA Web services without having to re-authenticate through WebAuth.
Single Sign-on permits multiple WebAuth-enabled applications to authenticate you via your UA NetID credentials, while requiring you to login only once per browser session.
To set your Single Sign-on preference:
You have control over how long your WebAuth session will last. If you don't access many WebAuth-enabled applications on a frequent basis, you may be better off using a short timeout period (e.g., 5-10 minutes). If you frequently access several WebAuth-enabled applications within a single browser session, you may wish to specify a longer timeout interval. The default timeout interval is two hours.
To set your WebAuth Timeout preference:
NOTE: Setting a WebAuth timeout interval will also enable WebAuth Single Sign-On.
