Tip:
Highlight text to annotate it
X
The first action is to log into the web console for the JTS server which is the CLM server node 1.
Then expand Security and Global security.
Navigate to the "Web and SIP security" area.
Click "Single sign-on (SSO)".
Once you are in the panel, you will provide the domain that you define for single sign-on.
Make sure that you select "Required SSL".
Then press "OK". Save the master configuration as usual.
The next step is to go to the "LTPA" area
and then select a password for the key file.
You can use "secret" or anything else as long as you remember the password.
Also, you must put the absolute path of the file that is going to be exported
so you know the location of the export file.
Once that is done, log out of the current WebSphere console.
Navigate to the other console in which you want to setup the SSO configuration.
Expand our Security, Global security, and "LTPA".
Type in the secret password. Then provide the fully qualified path for the exported key for the JTS. Then import.
Save the master configuration.
On a fully distributed environment you would have to do this on all application servers that are supported by the JTS in question.
Now you can test the SSO configuration using the WebSphere console. As you can see, you are no longer prompted. Although the message
that the console is still active will appear, you are not being challenged anymore by the authentication process.
This means that SSO is enabled.