|
| Problem | What are the requirements for the Single Sign On (SSO) domain field in the WebSphere security settings or the security center? | | | | Solution | Domain names must have at least one "dot" or period. This is an internet standard. See RFC 2109.- Domain names cannot contain underscore, "_", characters. This did not create a problem with earlier versions of Internet Explorer (IE) or Netscape. But IE browser versions 5.5 and 6.0 do not accept underscores in the cookie. This is an internet standard. See RFC 1123 & RFC 932.
- Do not use the server name(such as machinename.ibm.com or hostname.ibm.com) in the domain name.
Examples of valid domain names are ibm.com, tx.gov, austin.ibm.com.Examples of invalid domain names are ibmus, state_tx.gov- Some customers have experienced a problem with IE, in that IE 5 and IE 6 do not seem to accept the LTPA token when the domain defined in the SSO domain field is less than 5 characters excluding the period, such as "cn.ca".
Solution: Microsoft has a fix. Please refer to http://support.microsoft.com/default.aspx?scid=kb;en-us;310676 | | | | |
| |
|
Product categories: Software, Application Servers, Distributed Application & Web Servers, WebSphere Application Server, Security Operating system(s): Multi-Platform Software version: 3.5, 4.0, 5.0 Software edition: Edition Independent Reference #: 1112390 IBM Group: Software Group Modified date: 2003-06-25
(C) Copyright IBM Corporation 2000, 2004. All Rights Reserved.
|