Configuring SSO between IBM® Connections and WebSEAL
To enable single sign-on (SSO) for Tivoli® Access Manager, you first configure SSO between IBM® Connections and WebSEAL.
Procedure
To configure SSO between Connections and WebSEAL, see
Enabling single sign-on for Tivoli® Access
Manager in the IBM® Connections wiki.
Notes:
- If you are adding Active Directory after deploying IBM®
Connections, take the following actions, detailed in the IBM®
Connections wiki:
- Set up federated repositories.
- Add the Active Directory administrator as the administrator. See Changing references to administrative credentials.
- Populate the LDAP user to the profiles database. See Using the Profiles population wizard.Note: Make sure that the "sn" field in Active Directory is populated.
- To import the truststore, see Adding certificates to the WebSphere® trust store.
- For the correct .kdb file to import your IBM® HTTP Server
certificate into the Tivoli® Access Manager keystore, see
step 3c in Enabling single sign-on for Tivoli® Access
Manager in the IBM® Connections wiki.
The .kdb file is usually in the WebSphere® plug-in folder, with the host name as the file name, for example, /opt/IBM/WebSphere/Plugins/config/docs01/docs01.kdb