If you have a web server that is set up with single sign-on
authentication, you can determine whether those credentials can be
used to sign on to IBM TRIRIGA.
Procedure
- Configure your web server for reverse proxy access to the
application server. For configuration details, see the documentation
that is provided by your application server provider.
- After the web server and application server are communicating
by using reverse proxy, enter the following URL in your web browser: http://web_server/context_path/html/en/default/admin/requestTest.jsp.
The web page shows the HTTP headers that are passed from the
web server to the application server.
- On the application server, set the properties in the TRIRIGAWEB.properties file
based on the SSO variables that are returned at the URL. By default,
the TRIRIGAWEB.properties file is in the Tririga/config folder.
If... |
Then, set the following properties. |
The results show Remote User set with the login. |
SSO=Y
SSO_REMOTE_USER=Y
Set
all other SSO properties to N.
|
The results show UserPrincipal set with the login. |
SSO=Y
SSO_USER_PRINCIPAL=Y
Set
all other SSO properties to N.
|
If the results show user name on a header, make note of
the header name, for example, OTHER_SSO_USER_NAME. |
SSO=Y
SSO_REQUEST_ATTRIBUTE_NAME= OTHER_SSO_USER_NAME
Set
all other SSO properties to N.
|
- Restart the application server so that the changes take
effect.