IBM Support

Security in IBM Sterling B2B Integrator: Implementing authentication using Single Sign-On.

Technical Blog Post


Abstract

Security in IBM Sterling B2B Integrator: Implementing authentication using Single Sign-On.

Body

Author: Manisha Khond, IBM Cognitive Engagement, Watson Supply Chain.

 

What is Single Sign-On?

Single Sign-On is often abbreviated as SSO. It allows an individual user to access multiple systems, resources, and applications by logging in using a single set of credentials. So the user is not prompted to sign in multiple times even though they are accessing multiple resources. This simplifies identity management. One reason for this is because it uses a central database or directory to store user-identity information and credentials. It’s a single place that we would connect to, to make changes such as passwords for users. Resource systems must trust our identity provider. Consider a scenario that we have multiple web applications that we need to authorize user access to. Instead of configuring authentication on each of the applications, instead, we would go with a centralized strategy where we have one instance of the user account and a password.

Once a user has been authenticated, the system would grant them access to all of the relevant resources that they have been given permissions to. We have increased security with Single Sign-On as we have only a single set of credentials for a user to remember. This means they're less likely to write it down somewhere. Examples of Single Sign-On systems include Kerberos, federated access etc.

How is Single Sign-On can be implemented in IBM Sterling B2B Integrator?

IBM Sterling B2B Integrator allows SSO through integration with Netegrity SiteMinder, or through custom implementation classes for SSO plug-ins on other single sign on applications and servers.

Single sign on can be implemented for the following components in IBM Sterling B2B Integrator:

  • Mailboxing Interface
  • Dashboard Interface

Steps to implement Single Sign-On in IBM Sterling B2B Integrator:

  • Install Netegrity SiteMinder and configure it with a reverse proxy server
  • Configure the Properties Files for use with Netegrity SiteMinder. This step should be done in IBM Sterling B2B Integrator.
  • Configure the Netegrity Secure Proxy Server.
  • Create Netegrity Sever Secure Realms.
  • You may have to modify Single Sign-On Provider default class logic. This step should be done in IBM Sterling B2B Integrator.

Please refer to the Sterling B2B Integrator documentation on how to implement Single Sign-On through integration with Netegrity SiteMinder.

https://www-01preview.ibm.com/support/knowledgecenter/SS3JSW_5.2.0/com.ibm.help.security.doc/SI_SingleSignOn.html

 

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS3JSW","label":"IBM Sterling B2B Integrator"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]

UID

ibm11120689