Sun Java System Communications Express 6 2005Q4 Administration Guide

ProcedureTo Enable Single Sign-On in Messenger Express With Access Manager

Steps
  1. Run the configutil tool.

    msg-svr_install_root /sbin/configutil

    If you have deployed Messenger Express as MEM, ensure that the value of the following parameters in Messaging Server are the same on the mshttpd, a component of messaging server, at the backend and MEM in the front end:

    • local.webmail.sso.uwclogouturl

      • local.webmail.sso.uwchome

      • local.webmail.sso.uwcenabled

      • local.webmail.sso.uwcport

      • local.webmail.sso.singlesignoff

      • local.webmail.sso.uwccontexturi

      • local.webmail.sso.amcookiename

      • local.webmail.sso.amnamingurl

  2. Set the following Messenger Express parameters to enable Communication Express users access Messenger Express using the Access Manager Single Sign-on.

    Parameters 

    Purpose 

    local.webmail.sso.amnamingurl

    This configuration enables SSO from Access Manager. 

    The parameter should point to the URL Access Manager runs the naming service. 

    For example,

    configutil -o local.webmail.sso.amnamingurl -v http://siroe.example.com:85/amserver/namingservice

    local.webmail.sso.uwcenabled

    Enables Communications Express access Messenger Express. 

    To disable, set the parameter to 0. 

    local.webmail.sso.uwclogouturl

    Specifies the URL Messenger Express uses to invalidate the Communications Express session. 

    If you have configured local.webmail.sso.uwclogouturl explicitly in Messenger Express, then this value is used to logout. Otherwise, Messenger Express constructs the logout url based on the http host in the request header.

    For example, 

    http://siroe.example.com:85/base/UWCmain?op=logout 

    When Communications Express is not deployed under /, such as /uwc, the value of this parameter may look like:

    http://siroe.example.com:85/uwc/base/UWCmain?op=logout

    local.webmail.sso.uwcport

    Specifies the Communications Express port. 

    For example, 85. 

    local.webmail.sso.uwccontexturi 

    Specifies the URI path in which Communications Express is deployed. 

    Specify this parameter only when Communications Express is not deployed under /.

    For example, if Communications Express is deployed in /uwc, local.webmail.sso.uwccontexturi=uwc

    local.webmail.sso.amcookiename 

    Specifies the Access Manager session cookie name. 

    Ensure that in the uwcauth.properties file, the value of uwcauth.identity.cookiename is set to the value of local.webmail.sso.amcookiename.

    For example, iPlanetDirectoryPro

    local.webmail.sso.uwchome 

    Specifies the url required to access the home link. 

    Once the Messenger Express specific parameters are set, Communication Express users can access Messenger Express using the Access Manager Single sign-on.