View the steps to set up portal security
for remote search
service on a single-signon installation.
About this task
For remote search
service on a single-signon installation, you need to prepare portal
security. To prepare portal security for remote search service on
a single portal installation, proceed by the following steps:
Procedure
- Make the key file available to all servers
in the Single-Sign
On (SSO) domain. To do this, perform the following steps on one of
the servers that you plan to be part of the SSO domain:
- Open the WebSphere® Integrated Solutions Console.
- Select . Under Authentication select LTPA.
- In the field for the
fully qualified key name enter
a key file name and click the Export keys button.
The keys are written to the file was_profile_root/Key
File Name.
- Import the key file to all other servers of the SSO domain.
To do this, perform the following steps on all other servers
that you plan to be part of this same SSO domain:
- Copy the key file that you exported in step 1 to the
server into the directory wp_profile_root .
- Log in to the WebSphere Integrated Solutions Console.
- Select .
- In the field for the fully qualified key name enter
a key file name and click the Import keys button.
The keys are propagated to all servers of the SSO domain.
- Restart all WebSphere Application
Server profiles
on this server.
- Disable
automatic LTPA key generation on all servers of
the SSO domain:
- Log in to the WebSphere Integrated Solutions Console.
- Select . Under Authentication
mechanisms and expiration, click LTPA.
- Under Key generation, select Key
set groups.
- Click NodeLTPAKeySetGroup.
- Under Key generation, disable
the Automatically generate keys check box.
- Click OK.
- Click Save to save your changes
to the master configuration.
- Log out
from the WebSphere Integrated Solutions Console.
What to do next
For more details about
exporting the LTPA token, refer
to the WebSphere Application
Server information
center under . You can also locate this topic
by opening the search feature of the WebSphere Application
Server information
center and searching for ltpa
key export.
If you work with EJB on a secure
server, you need to set the search user ID. For details about how
to do this, refer to Setting the search user ID