InfoSphere Enterprise Records, Version 4.5.1.3+              

Optionally adding support for SSO (WebSphere)

If you are using a WebSphere application server and your Application Engine or Workplace XT has been configured for Single Sign On (SSO), perform the following procedure to enable SSO for your InfoSphere™ Enterprise Records web application by updating its web.xml file.

  1. Make a backup copy of the web.xml file. The default file location is: <RM_install_path>/FileNet/RM/ RecordsManager /WEB-INF/web.xml
  2. Edit the web.xml file.
    1. Set the parameter perimeterChallengeMode to true, as in:
      <init-param>
        <param-name>perimeterChallengeMode</param-name>
        <param-value>true</param-value>
      </init-param>
    2. As needed, set the ssoProxyContextPath, ssoProxyHost, ssoProxyPort, and ssoProxySSLPort parameters. These parameter values are used to modify one or more elements of the native URL that InfoSphere Enterprise Records sees on a request. Wherever the value of an SSO proxy host element in the URL request is different from the equivalent information for the host where the InfoSphere Enterprise Records web application is deployed, you must set the corresponding sso* parameter for that element in the URL to the value for the SSO proxy host. The default settings are:
      <init-param>
        <param-name>ssoProxyContextPath</param-name>
        <param-value></param-value>
      </init-param>
      <init-param>
        <param-name>ssoProxyHost</param-name>
        <param-value></param-value>
      </init-param>
      <init-param>
        <param-name>ssoProxyPort</param-name>
        <param-value></param-value>
      </init-param>
      <init-param>
        <param-name>ssoProxySSLPort</param-name>
        <param-value></param-value>
      </init-param>
      In general, the init parameters above should be configured as follows:
      ssoProxyContextPath
      Set the value to the context path of the SSO proxy host URL. This is the path portion of the URL that appears after the server name, which represents top-level access to the InfoSphere Enterprise Records application. For example, if the InfoSphere Enterprise Records deploy host URL is http://deploy_server:port#/RecordsManager and the SSO proxy host URL is http://sso_proxy_server.domain.com/fn/RecordsManager, then use the following:
      <param-name>ssoProxyContextPath</param-name>
      <param-value>/fn/RecordsManager</param-value>
      ssoProxyHost
      Set the value to the SSO proxy host server name. Typically, this is a full domain-qualified hostname. For example, if the host URL where InfoSphere Enterprise Records is deployed is http://deploy_server/RecordsManager and the corresponding SSO proxy host URL is http://sso_proxy_server/RecordsManager, then use the following:
      <param-name>ssoProxyHost</param-name>
      <param-value>sso_proxy_server</param-value>
      ssoProxyPort
      Set the value to the http port on the SSO proxy host. For example:
      <param-name>ssoProxyPort</param-name>
      <param-value>80</param-value>
      ssoProxySSLPort
      Set the value to the http port on the SSO proxy host. For example:
      <param-name>ssoProxyPort</param-name>
      <param-value>80</param-value>
      ssoProxySSLPort
      Set the value to the HTTPS port on the SSO proxy host, if defined and/or used to access InfoSphere Enterprise Records pages. For example:
      <param-name>ssoProxySSLPort</param-name>
      <param-value>443</param-value>
  3. Comment out the <login-config> block located at the end of the web.xml file. This block is not used in an SSO environment.
  4. Save your changes to web.xml and close the file.


Feedback

Last updated: November 2010


© Copyright IBM Corporation 2010.
This information center is powered by Eclipse technology. (http://www.eclipse.org)