test

Sun Java System Communications Express 6 2005Q4 Administration Guide

ProcedureTo Enable Single Sign-On in Communications Express With Access Manager

Steps

  1. Open the uwc-deployed-path/WEB-INF/config/ uwcauth.properties file.

  2. Modify the following Communications Express parameters in uwcauth.properties file to enable Access Manager SSO.

    Parameter 

    Purpose 

    uwcauth.identity.enabled

    Specifies whether Access Manager is enabled. 

    Initially the value is set in the configurator. 

    Set the attribute to true to enable Access Manager.

    Set the attribute to false to disable Access Manager.

    uwcauth.identity.login.url

    Specifies the parameter of Access Manager login URL. 

    For example, uwcauth.identity.login.url=http://siroe.example.com:85/amserver/UI/login

    uwcauth.identity.cookiename 

    Specifies the cookie name used by Access Manager. 

    The value of uwcauth.identity.cookiename should correspond to the value specified in Access Manager configurator.

    Default cookie name used by Access Manager is iPlanetDirectoryPro

    uwcauth.identity.binddn 

    Specifies the complete DN of the amadmin. 

    For example, 

    uid=amAdmin, ou=People, o=siroe.example.com, o=example.com

    Note: The uwcauth.identity.binddn and uwcauth.identity.bindcred values should correspond to the values entered when installing Access Manager.

    For example, uwcauth.identity.binddn=uid=amAdmin, ou=People, o=siroe.example.com, o=example.com and uwcauth.identity.bindcred=password .

    uwcauth.identity.bindcred 

    Specifies the password of the amadmin. 

    uwcauth.http.port 

    Specifies the port number that Communications Express listens to when Communications Express is configured on a non SSL port. 

    Default port number is 80.

    uwcauth.https.port 

    Specifies the https port number that Communications Express listens to when Communications Express is configured on an SSL port. 

    Default https port number is 443

    identitysso.singlesignoff 

    Specifies the single sign-off status. 

    If set to true the logout destroys the Access Manager session completely and all applications participating in this Access Manager session are signed out.

    If set to false, only the Communications Express session is destroyed and the user is taken to the url configured in identitysso.portalurl .

    Default status is true.

    identitysso.portalurl 

    Specifies the URL to which Communications Express is to be redirected. 

    If Access Manager is enabled and single sign-off is set to false, Communications Express is redirected to the URL assigned to identitysso.portalurl.

    By default Communications Express is redirected to http://www.sun.com

  3. Set the value of the parameter uwcauth.messagingsso.enable to false when setting up Communications Express for Access Manager Single Sign-On.

    Communications Express will now use the Access Manager’s Single Sign-On mechanism for obtaining valid user sessions.