The application supports SSO using Tivoli Access Manager with Basic authentication. The procedures in this section should be performed in the order specified.
Creating a Junction for Tivoli Access Manager
- On the Tivoli server, navigate to the .
- Log in as the Tivoli administrator.
- Enter server list.
- Press Enter.
|
NOTE:
|
This will display all entries corresponding to the WebSEAL server instances.
|
- Create a junction for the appropriate instance from Step 4 using the following command: server task <serverInstance> create -t <protocol> -h <ANCILE> -w -c iv-user -j -J trailer -k -b ignore/ANCILE where:
|
Field
|
Description
|
|
-t <protocol>
|
You can use one of the following protocols:
TCP connected over https
SSL connected over https
|
|
-h
|
Host name
|
|
-w
|
Windows compatibility
|
|
-c iv-user
|
User credential header used in conjunction with the Server
|
|
-j-J trailer
|
Adds cookie JavaScript to pages returned through the WebSEAL
|
|
-k
|
Passes the session cookie to the Server
|
|
-b
|
Defines how WebSEAL passes HTTP BA information to uPerform
|
|
NOTE:
|
A junction is the logical connector between WebSEAL and the Server. This holds information such as the web address, connection type, and headers used to connect the servers.
|
- Activate the connection using the procedures described in Enabling Anonymous Access and Working with the Configuration Wizard.
Enabling Screen Change Notifications with SSO
- On the Tivoli server, navigate to the .
- Log in as the Tivoli administrator.
- Choose from one of the following options:
|
If You Want To
|
Then
|
|
Allow anonymous access to XAPI through WebSeal
|
- Run the following command:
acl attach /WebSEAL/<instance>/<junction>/xapi anonymous_acl
- Configure the application with the Authentication Wizard.
|
|
Add the integration credentials to Tivoli
|
Create or import the integration credentials used to enable screen change notifications.
NOTE: The integration credentials must have the same user id and password in both Tivoli and uPerform.
|