Sun OpenSSO Enterprise 8.0 Administration Guide

ProcedureTo Set Up Internet Explorer

  1. In the Tool menu, go to Internet Options > Advanced/Security > Security.

  2. Select the Integrated Windows Authentication option.

  3. Go to Security > Local Internet.

    1. Select Custom Level. In the User Authentication/Logon panel, select the Automatic Logon Only in Intranet Zone option.

    2. Go to Sites and select all of the options.

    3. Click Advanced and add the OpenSSO Enterprise to the local zone (if it is not added already).


If you are using Microsoft Internet Explorer 6.x for Windows Desktop SSO authentication and the browser does not have access to a Kerberos/SPNEGO token for the user that matches the (KDC) realm defined in the Windows Desktop SSO module, the browser will behave incorrectly for other modules after Windows Desktop SSO authentication fails. The direct cause of the problem is that after Windows Desktop SSO fails, the browser becomes incapable of passing all authentication module callbacks to OpenSSO Enterprise until the browser is restarted. Therefore all the modules coming after Windows Desktop SSO will fail due to null user credentials. See;en-us;308074 for related information.

Note –

As of this release, this restriction has been fixed by Microsoft. For more information, see