Configuring IAG cross-site single sign-on

  • Article

Applies To: Intelligent Application Gateway (IAG)

In Whale Communications Intelligent Application Gateway (IAG) 2007, you can enable single sign-on (SSO) across IAG sites, so that once users log in to one IAG site, they can access additional IAG sites without having to re-authenticate. Users input credentials the first time that they access a site that is included in the single sign-on list. Users can then open a second session (by opening a New tab in Internet Explorer or typing the new site URL in the navigation bar of an existing browser instance) to another IAG trunk defined included in the single sign-on list. They can then access this trunk without providing credentials again.

Configuring cross-site single sign-on

Configure cross-site single sign-on as follows:

To configure cross-site single sign-on

  1. Access the CustomUpdate folder under the Conf folder of one of the trunks that will be part of the SSO:

    ...\Whale-Com\e-Gap\ Von\Conf\WebSites\<Trunk_Name >\ Conf\CustomUpdate

    If the CustomUpdate folder does not exist, create it.

  2. If the WFEList.xml file doesn't not already exist in the CustomUpdate folder, copy the file from the trunk's Conf folder to the CustomUpdate folder.

    If such a file already exists, use the existing file.

  3. At the end of the WFEList.xml in the CustomUpdate folder, add the following line:

    <DLL active="1" dll_name="WhlFiltSSO.dll"/>

  4. Copy the following file into the trunk's Conf\CustomUpdate folder (the folder you accessed in step 1):

    ...\Whale-Com\e-Gap\Von\Conf\WhlFiltSSO.ini

  5. Edit the file you copied in step 4, changing the Domain and Key fields to the following:

    • Domain : domain to which the trunk belongs

    • Key : free-text, used for encryption

  6. Repeat steps 1 through 5 for each of the trunks that are part of the SSO.

  7. Access the following custom folder:

    ...\Whale-Com\e-Gap\von\InternalSite\inc\CustomUpdate

    If this folder does not exist, create it.

  8. Copy the following file into the custom folder:

    ...\Whale-Com\e-Gap\von\InternalSite\samples\site_sso.inc

  9. Edit the file you copied in step 7, as follows:

    • WHL_KEY : key you entered in step 5

    • SSO_COOKIE_DOMAIN : domain you entered in step 5

  10. Rename the file you edited in step 9, as follows:

    < Trunk_Name >sso.inc

    Where <Trunk_Name>sso.inc is the name of one of the trunks that is part of the SSO.

    Note

    Regardless of the trunk type of the SSO sites (HTTP Connections or HTTPS Connections), the file is named <Trunk_Name>sso.inc.

  11. Repeat step 10 for each of the trunks that are part of the SSO, by copying and renaming the file as many times as required, so that each SSO trunk has one <Trunk_Name>sso.inc file under the custom folder ...\Whale-Com\e-Gap\von\InternalSite\inc\CustomUpdate.