Hi All,
We have our new production environment getting readied.
3 Application server and 1 Web Server (for Tomcat).
I have configured SSO, but it is not working. Below is the SPN's that I have set.
Setspn -a SAPBICentralMS/umg.boadmintulsa1.sv.GLOBAL.UMUSIC.NET
Setspn -a HTTP/ushpewsapp743 umg.boadmintulsa1.sv.GLOBAL.UMUSIC.NET ----Main CMS
Setspn -a HTTP/ushpewsapp743.GLOBAL.UMUSIC.EXT umg.boadmintulsa1.sv.GLOBAL.UMUSIC.NET
Setspn -a HTTP/ushpewsapp744 umg.boadmintulsa1.sv.GLOBAL.UMUSIC.NET
Setspn -a HTTP/ushpewsapp744.GLOBAL.UMUSIC.EXT umg.boadmintulsa1.sv.GLOBAL.UMUSIC.NET
Setspn -a HTTP/ushpewsapp745 umg.boadmintulsa1.sv.GLOBAL.UMUSIC.NET
Setspn -a HTTP/ushpewsapp745.GLOBAL.UMUSIC.EXT umg.boadmintulsa1.sv.GLOBAL.UMUSIC.NET
Setspn -a HTTP/ushpewsiis028 umg.boadmintulsa1.sv.GLOBAL.UMUSIC.NET --------This is the Web Server which hosts the Tomcat.
Setspn -a HTTP/ushpewsiis028.GLOBAL.UMUSIC.EXT umg.boadmintulsa1.sv.GLOBAL.UMUSIC.NET.
SSO to the Client tools working and Manual AD logon is also working and able to logon to CCM --> Manage servers option using WIndows AD (SSO) too.
Global.properties File:
sso.types.and.order=vintela
sso.enabled=True
siteminder.enabled=false
vintela.enabled=true
idm.realm=GLOBAL.UMUSIC.NET
idm.princ=UMG.BOADMINTULSA1.SV
idm.allowUnsecured=true
idm.allowNTLM=false
idm.logger.name=simple
idm.logger.props=error-log.properties
BILaunchpad
authentication.visible = true
authentication.default = secWinAD
sso.types.and.order=vintela
Tomcat Java:
-Djava.security.auth.login.config=C:\Windows\bscLogin.conf
-Djava.security.krb5.conf=C:\Windows\krb5.ini
-Dcom.Wedgetails.idm.sso.password=*****
-Djcsi.kerberos.debug=true
I tried to deploy the war files and nothing is happening on the SSO. Please suggest,