How to configure the Dynamic Workload Console 10.2 and a master domain manager 9.4.x for Single Sign-On
How to configure the Dynamic Workload Console 10.2 and a master domain manager 9.4.x for Single Sign-On.
Before you begin
Ensure that the master domain manager V9.4.x is configured to use a Lightweight Directory Access Protocol (LDAP). The LDAP should be the same one already configured and used by the Dynamic Workload Console 10.2. For further information about how to configure an LDAP, see Configuring a user registry.
About this task
To configure the Dynamic Workload Console 10.2 and the master domain manager V9.4.x for Single Sign-On, perform the following steps:
Procedure
- Access the WebSphere administrative console of the master domain manager V9.4.x and go to Global security in the Security section.
-
In the Global security panel, take note of the value for the Realm
name in the User account repository section. The realm name is
required later in this section.
-
In Authentication, select LTPA as the authentication
mechanism, and enter a password to export the ltpa keys.
Note: Take note of the password. The password you enter is required later during the import.
-
Before replacing the existing ltpa on the Dynamic Workload Console
10.2, create a
backup copy in a different directory. The existing ltpa keys file can be found in the
following path:
-
DWC_DATA_dir/usr/servers/dwcServer/resources/security/
-
DWC_home\usr\servers\dwcServer\resources\security\
-
- Rename the exported ltpa keys file to ltpa.keys and copy it to the same path as the existing file on the Dynamic Workload Console 10.2.
-
Open the authentication configuration file previously customized to enable the LDAP for
the Dynamic Workload Console
10.2, and
ensure that the realm name is the same as the one specified for the master domain manager V9.4.x (see Step 2). The authentication configuration file
is located in the following path:
-
DWC_DATA_dir/usr/servers/dwcServer/configDropins/overrides/
-
DWC_home\usr\servers\dwcServer\configDropins\overrides\
Where TWSREALM is the default realm name.
-
-
Add the password in XOR format in the ssl_config.xml as
follows:
- Restart the Dynamic Workload Console 10.2.
Results
You successfully configured the Dynamic Workload Console 10.2 and the master domain manager V9.4.x for Single Sign-On.