Configuring Jazz for Service Management for SSO

You can configure the integration services for single sign-on, so that users can access Jazz™ for Service Management applications by logging in only once.

About this task

Jazz for Service Management uses LTPA cookies for SSO, such that a cookie is created containing the LTPA token and inserted into the HTTP response when the user logs into the first Jazz for Service Management application. This LTPA cookie is sent in the request, when the user accesses another Jazz for Service Management application in the same domain name service (DNS) domain. If the request is between different WebSphere® Application Server cells, for example, Administration Services and Registry Services applications on different computers, you must share the LTPA keys and the federated registry between the cells.

In a distributed environment, all Jazz for Service Management application servers must be synchronized to share the same LTPA keys.

Note: When single sign-on (SSO) is enabled, ensure that you use the fully qualified host name in the URL of the Jazz for Service Management reporting or UI servers. SSO requires that the browser pass LTPA cookies to the Jazz for Service Management application server, and these cookies contain the fully qualified host name.

Procedure

  1. On each Jazz for Service Management application server, configure it for SSO. See Configuring SSO on the application server.
  2. Export the LTPA keys from one of the Jazz for Service Management application servers. See Exporting LTPA keys.
  3. On the remaining Jazz for Service Management application servers, import the LTPA keys. See Importing LTPA keys.
  4. Restarting Jazz for Service Management application servers
Parent topic: Configuring Jazz for Service Management