Authenticating users by using SSO
To gain access to IBM TRIRIGA applications,
a user must be authenticated as a valid user of the system and must
be granted permission to access applications and functions in the IBM TRIRIGA suite
of applications. Many customers use single sign-on (SSO) authentication
to manage access by their users to multiple applications in their
environment.
Types of authentication
The TRIRIGA Application Platform uses its own native authentication by default.
Requirements for and limitations of SSO requests in TRIRIGA Application Platform
In an SSO environment, the user name and password that the user enters must match the user name and password that are stored in the directory server. The application server or web server then authenticates the user and inserts the user name into the HTTP request header.
How SSO works
Many possible configurations can insert the user name into the HTTP header. Configurations on a reverse proxy web server, configurations at the application server layer, or various authentication plug-ins at each of those layers can insert the user name into the HTTP header.
Configuring IBM TRIRIGA with SSO
If you have a web server that is set up with single sign-on authentication, you can determine whether those credentials can be used to sign on to IBM TRIRIGA .
SSO properties in IBM TRIRIGA
Several properties control an IBM TRIRIGA SSO configuration.
Forcing users to log in through SSO
If you want to force users to log in through SSO, you must prevent them from using the default login page. Provide an alternative login page that does not contain a user name, password, or login button.
Troubleshooting SSO
Several issues are known to occur with single sign-on (SSO), for example, if it is not configured properly.
Examples of configuring SSO
The steps that you take to set up SSO for the TRIRIGA Application Platform depend on several factors, such as the application server on which TRIRIGA Application Platform is installed, as well as the web server and directory server in the environment.