Establishing SSO authentication for HCL
OneDB™ involves
configuration of a secured Key Distribution Center computer and connectivity
files, along with generation of client and server service principals.
About this task
The overall process in deploying Kerberos SSO for HCL
OneDB is as
follows:
Procedure
- Configure the computers on the network to function with
the Kerberos 5 authentication protocol.
This involves setup
of a secured computer to host the Key Distribution Center (KDC). It
is possible that your network already is set up with a Kerberos mechanism.
- Create client user principals and the HCL
OneDB service
principal in the KDC (see Preparing the HCL OneDB DBMS for Kerberos authentication).
- Configure the sqlhosts information
and Generic Security Services communications support module (GSSCSM)
on the computer hosting the database server (see Configuring the HCL OneDB instance for SSO).
- Configure the HCL
OneDB service
principal key and ensuring it is on the computer hosting the database
server.
- Configure a database client program that functions with
GSSCSM (see Clients supporting SSO).