Single signon enables users to access more than one application and multiple platforms using one user ID and password. For example, you can integrate secured WebFacing applications which are configured using single signon so that a user only needs to be authenticated once. Note that each system involved still requires a separate user ID. In addition, a WebFacing portlet application with single signon enabled does not require authentication if authentication has already been done on the Portal server.
If you want to use single signon for your applications, you need to perform the following tasks:
To perform these tasks, you should install the System i™ Navigator on a client PC. The following tasks use the System i Navigator, which is packaged with IBM® System i Access for Windows®, which can be installed from your i5/OS® server. Ensure that you install all of the networking components, including TCP/IP.
The following diagram illustrates the association between the source and target user identities on two systems. On System A, the user is authenticated by WebSphere Application Server as johnday in order to call an application on System B. On System B, the profile used to run the application on the i5/OS is jsd1. The EIM identifier that is used to map the two IDs is John Day. Refer to the following figure while configuring single signon: