test

Sun Java System Calendar Server 6 2005Q4 Administration Guide

ProcedureTo use SSO with Calendar Server

  1. Make sure that Access Manager and Directory Server are installed and configured. For information about installing and configuring these products, refer to the Sun Java Enterprise System 2005Q4 Installation Guide for UNIX.

  2. Configure SSO for Calendar Server by setting the parameters shown in Configuring SSO Through Access Manager and then restarting Calendar Server for the values to take effect. If necessary, remove the comment character (!) when you set each parameter.

    Note –

    When you set the local.calendar.sso.amnamingurl parameter, you must use a fully qualified name for Access Manager.

  3. To configure SSO for Messaging Server, refer to the Sun Java System Messaging Server 6 2005Q4 Administration Guide.

  4. Users log into Access Manager using their Directory Server LDAP user name and password. (A user who logs in through another server such as Calendar Server or Messaging Server will not be able to use SSO to access the other Sun Java Enterprise System servers.)

  5. After logging in, users can access Calendar Server through Communications Express using the appropriate URL. Users can also access other Sun Java Enterprise System servers such as Messaging Server, if the servers are configured properly for SSO.

    Parameter  

    Description  

    local.calendar.sso.amnamingurl 

    Specifies the URL of the Access Manager SSO naming service. 

    Default is  

    "http://AccessManager:port/amserver
  /namingservice"

    where AccessManager is the fully qualified name of Access Manager, and port is the Access Manager port number.

    local.calendar.sso.amcookiename 

    Specifies the name of the Access Manager SSO cookie. 

    Default is "iPlanetDirectoryPro".

    local.calendar.sso.amloglevel 

    Specifies the log level for Access Manager SSO. Range is from 1 (quiet) to 5 (verbose). Default is “3“. 

    local.calendar.sso.logname 

    Specifies the name of the Access Manager SSO API log file. 

    Default is: “am_sso.log”

    local.calendar.sso.singlesignoff 

    Enables (“yes“) or disables (“no“) single sign-off from Calendar Server to Access Manager. 

    If enabled, a user who logs out of Calendar Server is also logged out of Access Manager, and any other sessions the user had initiated through Access Manager (such as a Messaging Server Webmail session) are terminated. 

    Because Access Manager is the authentication gateway, single sign-off is always enabled from Access Manager to Calendar Server. 

    Default is “yes“.