We run a Novell setup, cluster, ichain, portal, gw, bm.

We have users that use PCs with Netware clients - these authenticate for
access by single sign on from the client trust loaded during login.

We also have users that use a variety of PCs that don't have the Netware
client or are visiting users. Some connect via a wireless network through a
Bluesocket gateway.

What we're trying to get to understand is how the SSL authentication works
when a user tries to access a web service through BM. We know that the
users credentials are checked in NDS from an SSL login page and the access
rules applied but how is the connection checked/rechecked over time or is
it a one time check and what causes a log out and loss of connection? Is
there a way to check/monitor/teardown user SSL connections from a
management point of view?

What happens if two instances of the same account are presented on two
different PCs? What checks does BM apply and would each connection result
in a unique challenge and check - also we log all access through the proxy
on BM - should seperate entries appear in that log even though the same NDS
account is in use. Also if the users are behind a gateway or other service
where the BM box sees as all users originating from a single IP address
will this affect how the authentication is managed?