Enabling Single Sign-on in Messaging Express with Access Manager
Use the configutil command provided by Messaging Server to edit the Messaging Express related parameters.
Set the following Messenger Express parameters to enable Communications Express users access Messenger Express by using Access Manager Single Sign-on.
|
Parameters |
Purpose |
|---|---|
|
Enables SSO from Access Manager. The parameter should point to the URL that Access Manager uses to run the naming service. For example: configutil -o local.webmail.sso.amnamingurl -v http://siroe.example.com:85/amserver/namingservice |
|
|
local.webmail.sso.uwcenabled |
Enables Communications Express access Messenger Express. To disable, set the parameter to 0. |
|
Specifies the URL that Messenger Express uses to invalidate the Communications Express session. If you have configured local.webmail.sso.uwclogouturl explicitly in Messenger Express, this value is used to log out. Otherwise, Messenger Express constructs the logout URL based on the HTTP host in the request header. For example: http://siroe.example.com:85/base/UWCmain?op=logout When Communications Express is not deployed under /, such as /uwc, the value of this parameter might be as follows:: http://siroe.example.com:85/uwc/base/UWCmain?op=logout |
|
|
Specifies the Communications Express port. For example, 85. |
|
|
local.webmail.sso.uwccontexturi |
Specifies the URI path in which Communications Express is deployed. Specify this parameter only when Communications Express is not deployed under /. For example, if Communications Express is deployed in /uwc, then the URI path is local.webmail.sso.uwccontexturi=uwc |
|
local.webmail.sso.amcookiename |
Specifies the Access Manager session cookie name. Ensure that in the uwcauth.properties file, the value of uwcauth.identity.cookiename is set to the value of local.webmail.sso.amcookiename. For example, iPlanetDirectoryPro |
|
local.webmail.sso.uwchome |
Specifies the URL required to access home link. |
Once Messenger Express specific parameters are set, Communications Express users can access Messenger Express by using the Access Manager Single sign-on.
If you have deployed Messenger Express as MEM, ensure that the value of the following parameters in Messaging Server are the same on the mshttpd, a component of messaging server, at the back-end and MEM in the front end:
-
local.service.http.proxy. The value of this parameter should be set to 1.
-
local.service.http.proxy.admin. The value of this parameter should be set to the administrator user id of the front end Messaging Server.
-
local.service.http.proxy.admin.<hostname-of-backend-server>. The value of this parameter should be set to the administrator user id of the back end Messaging Server.
-
local.service.http.proxy.adminpass. The value of this parameter should be set to the administration password of the front end Messaging Server.
-
local.service.http.proxy.adminpass.<hostname-of-backend-server>. The value of this parameter should be set to the administrator password of the back end Messaging Server.
After setting the above values, restart the Messaging Server and the Web Container for the changes to take effect.
- © 2010, Oracle Corporation and/or its affiliates