Importing Users for Single Sign-On (SSO)
You can import users with an authentication source and
have them authenticated transparently through single sign-on (SSO).
Before you create an SSO authentication source, you must:
- Install the authentication
provider on the computer that hosts the portal or on another computer.
- Create a remote server that
points to the computer that hosts the authentication provider.
- Create an authentication
web service on which to base the authentication source.
- Create and configure
the default profiles you want to apply to imported users.
- Create the folders
in which you want to store the imported users.
To create an SSO authentication source you must have the following
rights and privileges:
- Access Administration
activity right
- Create Authentication
Sources activity right
- At least Edit access
to the parent folder (the folder that will store the authentication
source)
- At least Select access
to the authentication web service on which this authentication source
will be based
Run the job you associated
with this authentication source.
If you are importing
only partial users or groups or are applying different default profiles
to each group of users, after the associated job runs once, return
to the Authentication Source Editor and perform any necessary additional
tasks.
If you have not already done so, you must modify the portal configuration
to enable SSO.