alt Hacker NewsI work at a (government and extreme bureaucratic) organisation that builds apps used by field engineers.
I found out SSO was broken. They had to login to every app using the same account. Twice per day because the token live was 4 hours "for security".
I found out it was because they published these apps as PWAs, making them more isolated than normal apps.
I asked the product manager and he says the issue is "with Apple and Google", not his department. When asked why he chose PWAs for the apps he said this was easier to deploy, saves them developer accounts and such.
Since I can't force him to change I found a workaround: SSO works in PWAs if you use Edge on a recent Android version on a Samsung tablet. Lucky me we had bought Samsung tablets (this was not a requirement when purchasing I looked it up, just luck).
I asked the Intune manager about this and they said the field engineers should just set Edge as default in stead of Chrome.
When trying this on a company tablet it said: "Edge disabled by X group policy". That guys' department set the policy...
After they removed this I asked why it wasn't the default browser and he said this wasn't possible. I challenged him on this by Googling the Intune manual to set the default browser.
Later they said they had raised a support ticket with Microsoft for this.
On the internal Wiki I found a document describing the problem. It was dated 11 months before I joined.
Replies
This is like a perfect case study in how problems don't get solved, they just get… routed
The short of it is: no one gives a shit about anything but their own paycheck and getting off of work at 5pm.
It's the human condition (and also in part the companies' own fault since they stopped investing in employees)
The people who give a shit and are passionate eventually join the other 99.9%, because it's absolutely exhausting pulling the cart with 10 freeloaders on it who don't care.
I envy the people who can give a shit for longer than 2-3 years at any given job. I suppose being your own boss is one of the few ways to stay passionate and care about something for a long enough period of time.
Liars gonna lie.
> I challenged him on this by Googling the Intune manual to set the default browser.
I've found that LLMs really democratize debate when issues like this arise!
Can't guarantee you'll win, but when someone bets you're not willing to RTFM to call their bluff-- Oh boy!
I once worked in a government agency where 4 employees used a app that on ran on IE6. So the rest of the 2000 strong organization had to use chrome by remote desktop into a server.
Decision tree: Does any department still use IE6? Yes -> lets setup a Remote Desktop cluster so the rest can use Chrome