Adobe has added an enhanced security option in the latest Adobe Connect hosted deployment (version 9.0.4). The option, if turned on, addresses a security issue and also forces Adobe Connect Web Services APIs to use a secure (HTTPS) connection.
This option is turned on by default for all new Adobe Connect 9.0.4 hosted accounts. However, all existing Adobe Connect hosted accounts upgraded to 9.0.4 have the option turned off by default. That way, it ensures that existing customer integrations with Adobe Connect do not break.
Adobe strongly recommends that account administrators turn ON the enhanced security option, provided no integrations are in use. If integrations are used, carefully review them. Make the following updates BEFORE turning on the enhanced security option to ensure that your integrations continue working:
- Replace all unsecure Web Services APIs with secure (HTTPS) versions.
- Replace all instances of current session identifiers with ones obtained after logging in to Adobe Connect.
Starting August 1 2013, Adobe plans to begin setting Enhanced Security ON by default across ALL hosted accounts upgraded to Adobe Connect 9.1. As such, it is very important that you update your integrations, if applicable, as soon as possible.
You can access the Enhanced Security option by choosing Adobe Connect Central > Administration Tab > More Settings.