Single signon settings

Use this page to set the configuration values for single signon (SSO).

To view this administrative console page, click Security > Authentication Mechanisms > LTPA > Single Signon (SSO).

Configuration tab

Requires SSL
Specifies that the single signon function is enabled only when requests are made over HTTPS Secure Sockets Layer (SSL) connections.
Data type: Boolean
Default: Disable
Range: Enable or Disable
Domain Name
Specifies a fully qualified domain name (.ibm.com, for example) for all single signon hosts.

[5.0 only][Version 5.0.1][Version 5.0.2]If no value is specified, the Web browser of the user defaults to the value of the host name where the Web application is running. This default restricts the HTTP cookie (generated for SSO purposes) only to the originating host. Restricting the HTTP cookie can be undesirable if there is more than one host is participating in the SSO domain. Leaving the domain name attribute empty is only desirable if multiple virtual hosts with different domain names are running on the same physical host. With this field empty, your Web browser can default the domain name to each different virtual host. If a domain name is explicitly specified in this field, then that value is used for all of the virtual hosts and restricts them to a single domain, which can be undesirable in some situations.

[5.0 only][Version 5.0.1][Version 5.0.2]If a domain name is explicitly specified, then all of the Web pages used to access protected Web resources contain the server domain name service (DNS) host name. For example, after global security is configured for LTPA and an explicit SSO domain name is specified, then the administrative console is accessible with the following Web address: http://yourhost.austin.ibm.com:9090/admin, where yourhost.austin.ibm.com is replaced with your server DNS host name.

Data type: String
Enabled
Specifies that the single signon function is enabled.

Web applications that use Java 2 Enterprise Edition (J2EE) FormLogin style login pages (such as the WebSphere Application Server administrative console) require single signon (SSO) enablement. Only disable SSO for certain advanced configurations where LTPA SSO-type cookies are not required.

Data type: Boolean
Default: Enabled
Range: Enabled or Disabled

Related reference
Administrative console buttons
Administrative console page features
Administrative console scope settings
Administrative console filter settings
Administrative console preference settings



Searchable topic ID:   usecsso
Last updated: Jun 21, 2007 4:55:42 PM CDT    WebSphere Application Server Network Deployment, Version 5.0.2
http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/usec_sso.html

Library | Support | Terms of Use | Feedback