Portal, Express Beta Version 6.1 Operating systems: i5/OS, Linux,Windows

Preparing security for remote search service in a single-signon domain

For remote search service on a single-signon installation, you need to prepare portal security. To prepare portal security for remote search service on a single portal installation, proceed by the following steps:

1. Make the key file available to all servers in the Single-SignOn (SSO) domain. To do this, perform the following steps on one of the servers that you plan to be part of the SSO domain:

   1. Open the administrative console.
   2. Select Security > Global Security > Authentication > Authentication Mechanisms > LTPA.
   3. Enter a Key File Name and click the button Export Keys. The keys are written to the file was_profile_root/Key File Name.
2. Import the key file to all other servers of the SSO domain. To do this, perform the following steps on all other servers that you plan to be part of this same SSO domain:

   1. Copy the key file that you exported in step 1 above to the server into the directory AppServer.
   2. Open the WebSphere Application Server Administrative Console.
   3. Select Security > Global Security > Authentication > Authentication Mechanisms > LTPA.
   4. Enter a Key File Name and click the button Import Keys. The keys are propagated to all servers of the SSO domain.
   5. Restart all WebSphere Application Server profiles on this server.

For more details about exporting the LTPA token, refer to the WebSphere Application Server information center under Administering > Security > Managing security > Configuring authentication mechanisms > Configuring Lightweight Third Party Authentication > Lightweight Third Party Authentication settings. You can also locate this topic by opening the search feature of the WebSphere Application Server information center and searching for ltpa key export.

If you work with EJB on a secure server, you need to set the search user ID. For details about how to do this, refer to Set the search user ID