Configuring the Dynamic Workload Console for Single Sign-On
Single Sign-On (SSO) is a method of access control that allows a user to authenticate once and gain access to the resources of multiple applications sharing the same user registry.
This means that using SSO you can run queries on the plan or manage object definitions on the database accessing the engine without authenticating, automatically using the same credentials you used to log in to the Dynamic Workload Console.
The same is true when working with the Self-Service Catalog and Self-Service Dashboards apps from a mobile device. If the Dynamic Workload Console has been configured to use SSO, then these apps automatically use the same credentials used to log in to the Dynamic Workload Console.
After the installation completes, you can configure the Dynamic Workload Console and the HCL Workload Automation engine to use SSO. To do this, they must share the same LDAP user registry.
The Lightweight Directory Access Protocol (LDAP) is an application protocol for querying and modifying directory services running over TCP/IP - see Configuring a user registry for more details.
- If engine connection has the user credentials specified in its definitions
- These credentials are used. This behavior regards also engine connections that are shared along with their user credentials.
- If the user credentials are not specified in the engine connection
- The credentials you specified when logging in to Dynamic Workload Console are used. This behavior regards also shared engine connections having unshared user credentials.
usr/servers/engineServers/resources/security
For more
information about how to verify and correct this setting, see How to configure the Dynamic Workload Console and the master domain manager for Single Sign-On.