Integrating SPNEGO with IBM Sametime 8.5.2 components using IBM WebSphere Application Server

This paper explains the steps to configure single sign-on (SSO) for IBM Sametime 8.5.2 Community Server, Meeting Server, Proxy Server, Media Manager, Advanced Server and the Connect client, using Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) with the Sametime System Console as the authentication server. SPNEGO enables the SSO mechanism for Microsoft Windows clients that are part of a Microsoft Active Directory Domain.

Conall O'Cofaigh (OCOFAIGH@ie.ibm.com), Software Engineer, IBM

Conall O'Cofaigh is a Software Engineer working on the Sametime Verification Test team. He's been with IBM since 2008, focusing on integration and interoperability across Lotus Sametime products.



Naveed Yousuf, Software Engineer, IBM

Naveed Yousuf is a Software Engineer working on various teams at IBM's Dublin Software Lab since 1999. He has worked with the Sametime Verification Test team for the past 4 years, focusing on integration and interoperability across Lotus Sametime products.



Pat Curtin (PCURTIN@ie.ibm.com), Software Engineer, IBM

Pat Curtin is a Software Engineer working on various teams at IBM's Dublin Software Lab since 1999. He works with Lotus System Verification Test team, focusing on integration and interoperability across Lotus products.



26 March 2012 (First published 30 June 2011)

This paper explains the steps to configure single sign-on (SSO) for IBM Sametime® 8.5.2 Community Server, Meeting Server, Proxy Server, Media Manager, Advanced Server and the Connect client, using Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) with the Sametime System Console as the authentication server. SPNEGO enables the SSO mechanism for Microsoft® Windows® clients that are part of a Microsoft Active Directory® Domain.

In this white paper

  • Overview
  • Configuring SPNEGO on Active Directory Server
  • Configuring SPNEGO for Sametime System Console
  • Enabling SSO for WebSphere Application Server
  • Enabling the Snoop servlet in WebSphere Application Server
  • Creating a unique Security Domain for the System Console
  • Configuring client machine browsers
  • Generate and export Lightweight Third-party Authentication (LTPA) token
  • Enabling Sametime Connect Client with SPNEGO
  • Enabling Sametime Meeting Server
  • Enabling SSO on Lotus Proxy Server
  • Enabling SSO on Lotus Media Manager (AV)
  • Enabling SSO on Sametime Advanced Server
  • Troubleshooting and testing
  • Conclusion
  • Resources
  • About the authors

Download

DescriptionNameSize
White paper in PDF formatIntegratingSPNEGOwithSametime8.5.2_WAS7.0.15Updated.pdf1,898 KB

Resources

static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=Lotus
ArticleID=696778
SummaryTitle=Integrating SPNEGO with IBM Sametime 8.5.2 components using IBM WebSphere Application Server
publish-date=03262012