SECURING


Creating a Web SSO configuration document

The Web SSO configuration document is a domain-wide configuration document stored in the HCL Domino® Directory. This document, which should be replicated to all Domino servers participating in the single sign-on domain, is encrypted for participating servers and administrators, and contains a shared secret key used by servers for verifying user credentials.

Parent topic: Multi-server session-based authentication (single sign-on)

To create a Web SSO configuration document if you are using Internet Sites

Before you begin

Make sure you have created a Web Site document, and enabled the use of Internet Site documents in the Server document.

Also make sure that your client location document has the home/mail server set to a server in the same domain as the servers participating in SSO. This ensures that all public keys for participating server can be found when the SSO document is encrypted.

Procedure

1. In the Domino Administrator, click Files, and open the server's Domino Directory (usually NAMES.NSF).

2. Select the Internet Sites view.

3. Click Create Web SSO Configuration.

4. In the document, click Keys.

5. Initialize the Web SSO Configuration with the shared secret key in one of two ways:

6. Complete the rest of the document as follows:
7. Save the Web SSO Configuration document. A message on the status bar indicates the number of servers/people for whom the document was encrypted. The document(s) will appear in the Internet Sites view.

To create a Web SSO configuration document if you are using the Web Server Configurations view

About this task

Use this procedure to create a Web SSO configuration document if your server is a Release 5.0x server, or if you are using Domino 6 or higher but you do not use Web Site documents to manage your Web sites.

Procedure

1. In the Domino Administrator, click Files, and open the server's Domino Directory (usually NAMES.NSF).

2. Select the Servers view.

3. Click Create Web SSO Configuration.

4. In the Web SSO Configuration document, click Keys.

5. Initialize the Web SSO Configuration with the shared secret key in one of two ways:

6. Complete the rest of the document as follows:
7. Save the Web SSO Configuration document. A message on the status bar indicates the number of servers/people for whom the document was encrypted. The document(s) will appear in the Web Server Configurations view.
Related tasks
Configuring user name mapping in the SSO LTPA token
Multi-server session-based authentication (single sign-on)
Setting up Windows single sign-on for Web clients