Configure single sign-on
IBM Connections uses single sign-on (SSO) to secure the transfer of user ID and password information. Users can switch to different applications without needing to authenticate again.
SSO is automatically enabled using WebSphere's built-in LTPA when Connections is installed on a single WAS profile or when different profiles are federated into the same cell.
Server-to-server authentication
SSO solutions can inadvertently block back-end server-to-server communication. IBM Connections uses a server-to-server authenticator to prevent internal communication being blocked by your SSO solution. The configuration settings for the authenticator are stored in the customAuthenticator element in LotusConnections-config.xml.
- Set the SSO domain name
- Enable single sign-on for Tivoli Access Manager
- Enable single sign-on for SiteMinder
- Enable single sign-on for Lotus Quickr
- Enable single sign-on for Domino
- Enable single sign-on for standalone LDAP
- Enable single sign-on for the Windows desktop
- Enable single sign-on for Tivoli Access Manager with SPNEGO
- Enable single sign-on for SiteMinder with SPNEGO
- The customAuthenticator element for back-end inter-service communication
Parent topic:
Security
Related: