Configuring single sign-on

Use these instructions to establish single sign-on support and configure a federated repository.

1. Log in to the Tivoli Integrated Portal.
2. In the navigation pane, click Settings > Websphere Administrative Console and click Launch Websphere administrative console.
3. In the WebSphere Application Server administrative console navigation pane, click Security > Global security.
4. In the Authentication area, expand Web security and click Single sign-on.
5. Click the Enabled option if SSO is disabled.
6. Click Requires SSL if all of the requests are expected to use HTTPS.
7. Enter the fully-qualified domain names in the Domain name field where SSO is effective. If the domain name is not fully qualified, the Tivoli Integrated Portal Server does not set a domain name value for the LtpaToken cookie and SSO is valid only for the server that created the cookie. For SSO to work across Tivoli® applications, their application servers must be installed in same domain (use the same domain name).
8. Optional: Enable the Interoperability Mode option if you want to support SSO connections in WebSphere Application Server version 5.1.1 or later to interoperate with previous versions of the application server.
9. Optional: Enable the Web inbound security attribute propagation option if you want information added during the login at a specific Tivoli Enterprise Portal Server to propagate to other application server instances.
10. After clicking OK to save your changes, stop and restart all the Tivoli Integrated Portal Server instances.