Difference between revisions of "Single Sign-on"

From SDU
Jump to: navigation, search
m (Notice)
m (Notice)
Line 66: Line 66:
  
  
[[eIAM]], which [[CA Workflow]] uses for authentication, does not have single sign-on capabilities. As a result, [[CA Workflow]] is not capable of single sign-on. However, the the rumor is that [[CA Workflow]] version 1.1 which will be packaged with Service Desk r12 will have this capability.
+
[[eIAM]], which [[CA Workflow]] uses for authentication, does not have single sign-on capabilities. As a result, CA Workflow is not capable of single sign-on. However, the the rumor is that CA Workflow version 1.1 which will be packaged with Service Desk r12 will have this capability.
  
 
== See Also ==
 
== See Also ==

Revision as of 19:05, 22 July 2008

This article details the procedures for permitting users to bypass entering their login credentials.

Configure Service Desk

r11.x Screenshot - Access Type
Configure the Access Type to Allow External Authentication and set the Validation Type to OS-Use Operating System Authentication.







Option 1: Configure IIS

r11.x Screenshot - IIS
  1. Launch the IIS Manager and expand web sites and locate the CAisd virtual directory.
  2. Right-click on CAisd and select Properties
  3. Select the Directory Security tab and select the edit button under Authentication and access control.
  4. Uncheck Enable Anonymous Access and check Integrated Windows Authentication


The changes should work immediately. But is they do not, recycle the IIS.






Option 2: Configure Tomcat

  1. Download the latest jcifs.jar file from http://jcifs.samba.org/.
  2. Place the file in the $NX_ROOT\bopcfg\www\CATALINA_BASE\webapps\CAisd\WEB-INF\lib directory.
  3. Edit the web.xml located at $NX_ROOT\bopcfg\www\CATALINA_BASE\webapps\CAisd\WEB-INF\ by locating the <!-- Add filter here --> line and place the following code directly below it:

<source lang="xml"><filter> <filter-name>NtlmHttpFilter</filter-name> <filter-class>jcifs.http.NtlmHttpFilter</filter-class> <init-param> <param-name>jcifs.http.domainController</param-name> <param-value>YOUR DOMAIN</param-value> </init-param> </filter> </source>     Note: Replace YOUR DOMAIN with your domain name (servicedeskusers.com) or domain controller (dcl).

    4. Then locate <!-- Add filter-mapping here -->, and place the following code directly below it: <source lang="xml"><filter-mapping> <filter-name>NtlmHttpFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping></source>

    5. Stop and restart the Tomcat web server by running the pdm_tomcat_nxd -c stop then pdm_tomcat_nxd -c start


Additional information for configuring Tomcat using jcifs can be found at http://jcifs.samba.org/src/docs/faq.html#ukhost and http://jcifs.samba.org/src/docs/api/overview-summary.html#scp


Notice

When running the Service Desk Configuration Utility (pdm_configure), the above changes will need to be reimplemented as the configuration process will reset them.


eIAM, which CA Workflow uses for authentication, does not have single sign-on capabilities. As a result, CA Workflow is not capable of single sign-on. However, the the rumor is that CA Workflow version 1.1 which will be packaged with Service Desk r12 will have this capability.

See Also

LDAP Integration




To make corrections or additions to this article, select the edit tab above.
To discuss or ask questions about this article, select the discussion tab above.
Retrieved from "http://greggsmith.net/wiki/index.php?title=Single_Sign-on&oldid=2442"