NSD1091 Enable SSO for Identity manager in an Microsoft Active Directory environment

Fact

NordicEdge identity manager Web Edition, Microsoft Active Directory, Tomcat

Situation

When having NordicEdge identity manager 3.x web edition connected to a Microsoft Active Directory one may want to have transparent login, SSO, from the current Active Directory domain.

This solution document describes how to configure Apache Tomcat 5.x and Microsoft IIS 6.

Solution

Requirements for this solution:

·         NordicEdge identity manager 3.x web edition installed on a Tomcat running in Windows box.

·         Microsoft IIS 6 is installed on the same Windows box

·         Follow NSD1072 http://www.nordicedge.se/support/kb/questions/145/

Continue by removing anonymous access from the “Default website” and enable Widows Integrated authentication” in the IIS administration tool:

In the Tomcat server.xml file make sure the ajp 13 connector block is:

<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" tomcatAuthentication="false" />

In the NordicEdge identity manager DSEditor.properties file make sure a line is present that looks like: SERVLET_AUTHENTICATION_FILTER=filter.WinSSOAuthFilter

Copy the attached file, WinSSOAuthFilter.class, to: %tomcatroot%/webapps/nordicedege/WEB-INF/classes/filter

If the directory “filter” does not exist, create it.

Attachment:

NSD1091-WinSSOAuthFilter.class

Disclaimer

The origin of this information may be internal or external to Nordic Edge™. Nordic Edge™ makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Nordic Edge™ makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners.

Nordic Edge Support – www.nordicedge.se