Configure single sign-on
Set up single sign-on integration between IBM Connections and other IBM products and third-party security products.
How single sign-on works
IBM Connections uses single sign-on (SSO) to secure the transfer of user ID and password information that is used to authenticate with the system. With SSO, users can switch to different applications without needing to authenticate again.SSO is automatically enabled when IBM Connections is installed on a single WAS profile or when different profiles are federated into the same cell.
Server-to-server authentication
SSO solutions can inadvertently block back-end server-to-server communication. IBM Connections uses a server-to-server authenticator to prevent internal communication being blocked by your SSO solution. The configuration settings for the authenticator are stored in the customAuthenticator element in the LotusConnections-config.xml file.
Setting the single sign-on domain name
Set the single sign-on (SSO) domain name for your IBM WAS environment.Enable single sign-on for Tivoli Access Manager
Configure IBM Connections to use single sign-on with IBM Tivoli Access Manager.Enable single sign-on for SiteMinder
Configure IBM Connections to use Computer Associates' SiteMinder to implement user authentication and single sign-on (SSO).Enable single sign-on between all applications
Enable single sign-on between all installed applications.Enable single sign-on for Lotus Quickr
Before installing the IBM Connections Connector for IBM Lotus Quickr , enable single sign-on (SSO) between IBM Connections and Lotus Quickr.Enable single sign-on for Domino
If your organization uses IBM Connections in a Domino environment, you can enable user authentication and single sign-on (SSO).Enable single sign-on for standalone LDAP
IBM Connections requires a federated repositories configuration, but you can enable IBM Connections applications to perform Single sign-on (SSO) for a standalone LDAP directory.Enable single sign-on for the Windows desktop
Configure IBM Connections to use the Kerberos authentication mechanism. This single sign-on configuration permits users to sign in to the Windowsâ„¢ desktop and then automatically authenticate with IBM Connections without needing to sign in again.Enable single sign-on for Tivoli Access Manager with SPNEGO
Configure IBM Connections to use single sign-on with IBM Tivoli Access Manager and SPNEGO.Enable single sign-on for SiteMinder with SPNEGO
Configure IBM Connections to use single sign-on with Computer Associates' SiteMinder and SPNEGO.The customAuthenticator element for back-end inter-service communication
The customAuthenticator element in the LotusConnections-config.xml file defines some key parameters of your single sign-on (SSO) solution.
Parent topic
Security
Related tasks
Setting up federated repositories
Configure IBM Connections for SSO
});