Configuring SSO between IBM Connections and WebSEAL
To enable single sign-on (SSO) for Tivoli® Access Manager, you first configure SSO between IBM® Connections and WebSEAL.
Procedure
To configure SSO between Connections and WebSEAL, see
Enabling single sign-on for Tivoli Access
Manager in the IBM Connections wiki.
Notes:
- If you are adding Active Directory after deploying IBM
Connections, take the following actions, detailed in the IBM
Connections wiki:
- Set up federated repositories.
- Add the Active Directory administrator as the administrator. See Changing references to administrative credentials.
- Populate the LDAP user to the profiles database. See Using the Profiles population wizard.Note: Make sure that the "sn" field in Active Directory is populated.
- To import the truststore, see Adding certificates to the WebSphere® trust store.
- For the correct .kdb file to import your IBM HTTP Server
certificate into the Tivoli Access Manager keystore, see
step 3c in Enabling single sign-on for Tivoli Access
Manager in the IBM Connections wiki.
The .kdb file is usually in the WebSphere plug-in folder, with the host name as the file name, for example, /opt/IBM/WebSphere/Plugins/config/docs01/docs01.kdb