Friday, 15 January 2010

Configuring Microsoft Windows single sign-on for IBM Lotus Connections

Windows SSO support is a new feature in Lotus Connections 2.5, enabling users who are already logged on to a Windows desktop to log on to Lotus Connections automatically, without needing to re-authenticate.

The SSO is achieved by means of Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO), which is a GSSAPI "pseudo mechanism" used to negotiate one of a number of possible real mechanisms. The negotiable sub-mechanisms include Windows NT LAN Manager (NTLM) and Kerberos, both of which are supported by Microsoft Active Directory.

Windows SSO can be implemented in a variety of ways, including via WebSphere® Application Server SPNEGO Trust Association Interceptor (TAI), Tivoli® Access Manager, or other third-party access managers.

In Lotus Connections 2.5, the Windows SSO support is built on WebSphere Application Server SPNEGO TAI. Figure 1 illustrates how the SPNEGO authentication is performed with WebSphere SPNEGO TAI (excerpted from the developerWorks article titled, "Administering the SPNEGO TAI: Tips on using Kerberos service principal names").

http://www-10.lotus.com/ldd/lcwiki.nsf/dx/Configuring_Microsoft_Windows_single_sign-on_for_IBM_Lotus_Connections

Comments:
Excellent Dave. I have potential project for you if you are interested.
 
Sure, let me have your contact details, and I'll get in touch.
 
Derrick Jackson
Systems & Database Manager
MAPP Construction, LLC
djackson@mappconstruction.com
 
Post a Comment





<< Home

This page is powered by Blogger. Isn't yours?

Subscribe to Posts [Atom]