Enable single sign-on for Lotus Quickr
Overview
When the Connections applications are deployed on servers in the same WAS cell, SSO is enabled by default. When applications are hosted in different cells, they use different LTPA certificates, and we enable SSO by exchanging LTPA certificates between the cells.
If all the cells use Federated Repositories, set the realm name in each cell to the same value. Ensure all cells use either...
- defaultWIMFileBasedRealm
- Custom realm name such as exampleRealmName
Set realm names before exporting the LTPA token.
If any cell uses a stand-alone LDAP instead of Federated Repositories, set the realm names of all cells to the name of the LDAP server. For example...
ldapserver.myco.com:389
Set the realm names before exporting the LTPA token.
All cells must use the same realm name..
This task applies to Quickr J, not Quickr D
For SSO between IBM Connections, and a product deployed on a pre-6.1 version of WAS, first enable single sign-on for stand-alone LDAP.
Allow SSO between connections and Quickr
- On the Connections dmgr, log into the WAS console as an administrator, go to...
Security | Global security | Web and SIP security | Single sign-on (SSO)
...and enter the domain name
To determine correct domain name to use, on the Quickr node, log into the WAS console as an administrator, go to...
Security | Global security | Web and SIP security | Single sign-on (SSO)
...and verify the domain name is present.
- On the node where Lotus Quickr is installed, log into the WAS console, go to...
Security | Secure administration, applications, and infrastructure | LTPA
...and set:
Password Need to provide later, when configuring exported. /path/to/key_file Path and name for file to hold exported keys.
- Click Export keys
- From the Connections dmgr host, log onto the WAS console, go to..
Security | Global security | LTPA | Cross-cell single sign-on
...and set...
Password Password used for the exported Quickr key file. /path/to/key_file Path and name of the exported Quickr key file.
- Click Import keys.
- Restart the dmgr.
Parent topic:
Configure single sign-on
Related:
Enable users to publish file attachments to Lotus Quickr
Enable single sign-on for standalone LDAP
IBM Connections Connector for Lotus Quickr
Enable single sign-on for Domino