Configuration of single sign-on

We can enable SSO by leveraging IBM Security Access Manager. After configuring SSO a user only has to log on to ISAM web security one time. The identity of the user is propagated to IBM Security Identity Manager, which eliminates the need for another login. This function requires ISAM to enable SSO with ISIM.

1. ISAM provides user authentication and coarse-grained authorization before it allows access to ISIM.
2. ISIM then applies fine-grained access control with its own Access Control Item (ACI).

We can configure ISAM and ISIM for SSO with either ISAM using:

• ISAM WebSEAL
• ISAM plug-in servers

Before configuring SSO with WebSEAL, configure ISAM and WebSEAL.

See:

• Configure ISIM for SSO with application server trust association interceptors and ISAM WebSEAL
  
• ISIM web services in a single sign-on environment
  
• Accessing ISIM consoles
  
• Frequently used commands to configure SSO
  

Parent topic: Security