How to Single Sign-On?!?!

One of the advertised features of LiveCycle Rights Management ES clearly says:
(http://www.adobe.com/products/livecycle/rightsmanagement/features.html)
"Work with Microsoft® Windows® SSO to provide transparent authentication"
How exactly do I achieve this?
I've searched all over the Internet (& here) and all I found is stuff & mess about Netegrity and/or other third parties which I can't figure out...
Ain't the Windows login to domain enough for SSO??? Excatly what does the advertied feature means then?

In the adminui, under Home > Services > LiveCycle Rights Management ES > Configuration > Server Configuration, make sure the "Allow Kerberos authentication" is checked.
If User Management is setup to use Active Directory, you should be able to open the document using your Windows credentials.
Jasmin

Similar Messages

  • How to single sign off from all integrated forms with application server

    Hi!
    I deployed two forms form1 and form 2 on oracle application server 10g.
    The i created user in oid and created two data sources for these two forms to have data from database .
    I enabled single sign on on the formsweb.cfg file ,Now single sign on is working fine .
    When i try to open any form it promt me the SSO page after successful login it opens the form but problem is that now how do i log out so that when i logout from one form i should logout from other form as well using single sign off
    please can anybody help...

    Hello Anoop,
    The folowing link describes how to setup SSO between two portal.
    http://help.sap.com/saphelp_nw04s/helpdata/en/43/2232900bb93fece10000000a11466f/frameset.htm
    Regards
    Deb
    [Reward Points for helpful answers]

  • How enabled Single Sign-On with a System SAP WAS ABAP (Run application BSP)

    Hi.
    I need to run any application BSP from a System SAP WAS ABAP, without entering SAP user and password. Using the windows authentication and without SAP Enterprise Portal.
    What authentication methods I have to apply for enabled Single Sign-On with a System SAP WAS ABAP?.
    And How can I enabled this method?.
    Best regards.
    Luis Gomez.

    Hi Ticiano,
    SAP WebAS ABAP supports a number of authenticaiton mechanisms. See
    [http://help.sap.com/saphelp_nw04s/helpdata/en/02/d4d53aa8a9324de10000000a114084/frameset.htm]
    A number of these authentication mechanisms can be combined with Windows authentication (e.g. SNC, client certificates, ...).
    The decision what mechanism fits best depends on critieria like
    - SAP server platform
    - security requirements
    - extensibility (should same authentication mechanism be used for future SAP environments, which will be E-SOA based)
    - authentication from outside company domain
    - Use of SAP security library (SAPcryptolib)
    You may want to look at the SAP Software Solution Partner Catalog, if you look for certified SSO solution vendors for SAP.
    Best regards,
    Peter

  • How to single sign on with  webApplication with Basic Authenticated in IIS

    Dear Sir,
    Our server is EP6 SP14, we will link iview with BW URL which using basic authen in IIS. . Please kindly advise howto single sign on with  webApplication with Basic Authenticated in IIS
    Thank you and best regards,
    Vimol

    Are you sure the BW is using IIS? Most recent versions are using ABAP style authentication. What version are you running?
    You may want to investigate IISProxy - it's no longer supported, but it might help you out. It basically takes an SSO cookie and allows IIS to "know" who the user is.
    Cheers

  • How to pass credentials/saml token access sharepoint web service ex:lists.asmx when sharepoint has single sign on with claims based authentication

    How to pass credentials/saml token exchange to the sharepoint web service ex:lists.asmx when sharepoint has single sign on with claims based authentication 
    Identity provider here is Oracle identity provider 
    harika kakkireni

    Hi,
    The following materials for your reference:
    Consuming List.asmx on a claims based sharepoint site
    http://social.technet.microsoft.com/Forums/sharepoint/en-US/f965c1ee-4017-4066-ad0f-a4f56cd0e8da/consuming-listasmx-on-a-claims-based-sharepoint-site?forum=sharepointcustomizationprevious
    Sharepoint Claims based authentication and Single Sign on
    http://social.technet.microsoft.com/Forums/sharepoint/en-US/2dfc1fdc-abc0-4fad-a414-302f52c1178b/sharepoint-claims-based-authentication-and-single-sign-on?forum=sharepointadminprevious
    Sharepoint Claim Based Authentication Web Service issuehttp://social.msdn.microsoft.com/Forums/office/en-US/dd4cc581-863c-439f-938f-948809dd18db/sharepoint-claim-based-authentication-web-service-issue?forum=sharepointgeneralprevious
    Best Regards
    Dennis Guo
    TechNet Community Support

  • How to integrate Single Sign-On and JSF?

    Hi all,
    We are going to develop a web application using Oracle technologies, including ADF and JSF.
    But we´ll need to secure our website using Oracle Identity Manager (Single Sign-On). I am having difficulties to find any resource explaining how to do that.
    Also, the IM (SSO) will run on a Oracle AS instance and our web app (ADF+JSF) will run on a separete OC4J instance, due to ADF version. Is this a problem?
    Thanks

    We too are in the process of implementing iStore with SSO features.
    And if you believe me it seems to me as nightmare.
    In our scenerio we are intgrating this SSO with Third party access control too (AD and Siteminder). I would request you to please respond me on the following mail id , so we can share our experince which will help us in our implementation
    [email protected]
    regards and thanks in advance
    Vikas Deep

  • How to enable a partner application for Single Sign-On?

    Can someone please advise me on how to enable my existing J2EE web application for the Oracle Single Sign-On?
    My requirement is i want to provide the single sign-on authentication service to my J2EE web application. For this, I would like to make my application as a partner application similar like the OracleAS Portal.
    I am using Oracle 10g ( OralceAS, Oracle Infra, OID ...)
    I found the following service/APIs which Oracle provides. I am not sure which one is suitable for me.
    1. mod_osso ( Static)
    --- In this case, I have to make a entry in mod_osso.config file to protect the URL. should I have to register the URL again through single sign on admin page ("Administer Partner Application") after make a entry in config file?
    2. mod_osso ( Dynamic directive)
    -- in this case, I have to modify the code by providing the directives like 401, 499.. etc. So i don't prefer this as i don't want to touch my app.
    --If I go with this option, should i have to register the URL with Single sign on server through SSO admin page ( as mentioned in the above step#1) ?
    3. SSO SDK
    - Since it was deprecated and need java coding, i am prefer this option.
    -- however, if i go with this option, i will develop code by using SDK. in this case i need to register the URL in SSO server through admin page.. am i right?
    Note:- OSSO server integrated with Active Directory for the authentication.
    Thanks,
    -Senthil

    sharon38_74 wrote:
    they said that our internal application needs to send a "login request" to etran via SSL with the user's information encoded in base 64 format. etran captures the HTTP header containing user authentication and authorization information, and parses the required information from the HTTP header.
    My question is that how I set user information in HTTP header? From my understanding, once I am able to set the user information in HTTP header, it is in base 64 format?Your application need to act like a proxy. You can invoke a HTTP request programmatically using java.net.URLConnection. You can set request headers using URLConnection#setRequestProperty(). Also see the API docs: [http://java.sun.com/javase/6/docs/api/java/net/URLConnection.html]. You only need to know the header field name where to set the Base64-encoded value in. You need to Base64-encode the value yourself.

  • How to use Single sign On in CRM2007 ?

    Dear All,
    I have created a launch transaction for launching ransactions from R3 (using BOR).
    Now, the problem is when I click on the link in WebUI it gives me a popup for entering R3 User Id and only then it allows navigation to R3 transaction.
    How do I remove this popup ? I want that since user has already eneterd password for WebUI it should further not prompt him/her for the password. How to achieve this ?
    Can we use Single Sign on ? How ?
    Regards,
    Ashish

    Hi Stephen,
    I have done the settings as per the OSS notes. But, I am getting the following error while navigating to R3 from CRM (BOR Launch transaction):-
    - SSO logon not possible; browser logon ticket cannot be accepted
    - Choose "Logon" to continue A dialog box appears in which you can enter your user and password
    - No switch to HTTPS occurred, so it is not secure to send a password
    Also, after this I get the popup where I have to enter R3 User Id and Password and then it continues.
    But, the whole purpose was to remove this intermediate popup.
    What settings are missing / going wrong ?
    Regards,
    Ashish

  • How to use single sign on to authenticate

    How to use single sign on to use the MS-AD for authentication
    I have created an data source which points to the MS-AD and tested
    Next how do i add this to the policies.
    Thanks
    NS

    Hi,
    Please, specify the products and versions that you are using?
    thanks,
    Thiago Leoncio

  • How do i create a single sign on environment from scratch?

    setting up a single mac mini 10.6.6 server in a small law firm and want to create a sso environment from scratch. i have currently got everything working fine as an open directory master, but every reference to sso that i can find, talks about joining an existing sso environment, or joining ad, creating a triangle, but never a stand alone od master to create the sso. am i missing something, or is it not possible or practical to do in such a small office with just a few users?
    thanks for any help understanding this.

    i appreciate your input Rikakiah, although i am glad i don't have to pronounce your alias out loud
    anyway, that's starting to sound like something i might want to try, because so much of what i want to do is not really working the way i'm doing it. it had crossed my mind, but wasn't sure i was going to avoid problems by using network home folders instead of mobile accounts. at this point, i have only one of the four workstations bound to the server, which was purchased as a mac mini snow leopard server with the dual internal drives, and was set up as a mirrored raid with the 2 internal 500 gig drives.
    i am seeing what seems to me like some odd behavior with network accounts working with the log in screen (all the users show up in the log in screen properly as network accounts, but only one account, the one that matches exactly the local account user name and password and allows log in) and auto mounting group shares are not seeming to work at all. what seems odd, is that management of the local account seems to be working great, and has merged management with the local account. the user still has all their existing documents and settings, but i can see that the things like the control panels i locked them out of are grayed out. so to be try to be clear here, i have 4 network accounts set up in wgm, and on the log in screen, i see 3 network accounts with the typical network user icon, and what looks like the original account with the original icon. i can only log in using that account, but when i get in there, it's managed ok. i expected to see the original local account and 4 network accounts, but evidently using the same user name on the server as the local account caused this. when i try to log in with one of the other network accounts, the login screen shakes it head no.
    for the record, from another post talking about network log in issues, on the local system, setting System Preferences>Accounts>Login Options>Allow network users to log in at login window>Options>Only these network users: can mess this up, but my settings there are fine, since i had never messed with that. it says "allow all network users" or something like that.
    here's what i am trying to get to: auto mounting group shares and single sign on for afp group folders and ichat, and as you said to allow the users to move around from workstation to workstation as needed. as you know, there's a myriad of settings to make this all happen. i don't see how anyone can help me fix the 2 things that aren't working, unless i give a long winded explanation of what my settings in workgroup manager and server admin are, so here goes…
    i have dns and open directory running fine, a static map of ip addresses so that i can do authenticated directory binding, which seems great so far. in wgm, i have under preferences / computer list the one computer i have bound - computername$ and under window checked always, heading - directory status, list of users, show local users, network users, computer administrators, and other. under options checked always, enable fast user switching, computer administrators may refresh or disable management, and start screen saver after 5 minutes. under access checked always, clicked the gear button once which caused network users - allow - * to appear in the access control list, local only users may log in, local only users use available workgroup settings, and combine available workgroup settings. scripts and items have never checked.
    then for workgroup folders to auto mount, i have set afp auto mounts for each of my 2 groups, partner admin and support staff in server admin / afp. under accounts / groups / support staff / group folder, the support staff auto mount is selected, and the user i am working with is obviously a member of that group under the members tab. finally, under preferences / groups / support staff / items, always and add group is checked and the support staff volume shows up in the list. authenticate selected share point with user's login name and password is grayed out and not checked, and merge with user's items is grayed out and checked. i'm not sure what i am missing to get auto mounting group folders here. btw, the user can for sure log into the group folder with the same user name password that she logs into the workstation with, if she does so manually under the go / connect to server menu.
    oh, and ichat seems to work as expected. she gets sso there! sweet!
    if i do end up trying to go for network home folders, (i would like to see auto mounting group folders working first, before i try) i found something that looks like a no-brainer to add to the mix…
    http://tools.mconserv.net/NHR.html
    thanks everyone for your interest in helping me deploy this server.

  • How to integrate single sign on with third party system

    we are in the process of implementing istore application. we already have home grown isupport application to contact support personnal for any issues. Now we are wondering how do we integrate oracle applications single sign on with our third pary system. Is there any recommendation provided by oracle to achieve the same.

    We too are in the process of implementing iStore with SSO features.
    And if you believe me it seems to me as nightmare.
    In our scenerio we are intgrating this SSO with Third party access control too (AD and Siteminder). I would request you to please respond me on the following mail id , so we can share our experince which will help us in our implementation
    [email protected]
    regards and thanks in advance
    Vikas Deep

  • How to implement a single sign on  feature using java.

    Hi,
    I have a question like , How to implement **single sign on** feature in java without using any third party framework or tool like LDAP or any other which is available in the market.
    Actually the situation is i have all security information into the table and those information is used for single sign on . If a user logged in from a jsp loging page all the security role should be assigned to that particular user.
    We can do this using LDAP but i am not supposed to use the LDAP or any third party tool . I have to write a java class for that .
    please suggest me the method , how to implement this in a web application.
    Edited by: Rakesh_Singh on Mar 19, 2008 11:55 AM

    you could setup a token that specifies a user is authenticated. other applications that u want SSO can check for existance of this token
    if it is HTTP - you can save the token as a cookie and downstream apps look for this token
    yr code needs to validate that the token/cookie was indeed a valid one and not subject to man-in-the middle attack.

  • How to set custom HTTP header for single sign on

    Currently we just begin to use an application called "etran". This application requires user name and password to login. Now, my assignment is to integrate etran application in our internal application. This means that somewhere in our internal application, there is a link leads to the etran application.
    It is going to be single sign on, that means that once user logs into our internal application, when he/she clicks on the etran link, no sign on to etran is needed.
    I consult with the technical people in etran. they said that our internal application needs to send a "login request" to etran via SSL with the user's information encoded in base 64 format. etran captures the HTTP header containing user authentication and authorization information, and parses the required information from the HTTP header.
    My question is that how I set user information in HTTP header? From my understanding, once I am able to set the user information in HTTP header, it is in base 64 format?
    Thanks in advance for your help.

    sharon38_74 wrote:
    they said that our internal application needs to send a "login request" to etran via SSL with the user's information encoded in base 64 format. etran captures the HTTP header containing user authentication and authorization information, and parses the required information from the HTTP header.
    My question is that how I set user information in HTTP header? From my understanding, once I am able to set the user information in HTTP header, it is in base 64 format?Your application need to act like a proxy. You can invoke a HTTP request programmatically using java.net.URLConnection. You can set request headers using URLConnection#setRequestProperty(). Also see the API docs: [http://java.sun.com/javase/6/docs/api/java/net/URLConnection.html]. You only need to know the header field name where to set the Base64-encoded value in. You need to Base64-encode the value yourself.

  • How to get the user name from Single Sign On Process?

    Post Author: sasikumar
    CA Forum: Authentication
    I am loging in Single Sign On Page. Then it goes to one JSP which lists out some links including InfoView link. While clicking InfoView link, I need to pass user name with the url for authentication. How and where can I get the user name?

    Care to be more specific what you mean with single sign-on? There are numerous ways this can be done.
    Just how you get the authenticated o/s user from within an Oracle session, depends on just how the actual authentication to Oracle was done in order to create that Oracle session.
    E.g. dealing in Oracle with a LDAP server is very different than dealing with a NT Primary/Secondary Domain Controller using o/s authentication, than dealing with a Java-based application server that does it own thing, etc.

  • How to Create Single Sign On for Yahoo

    hi,
    i know how to do SSO for SAP R/3 SYSTEM.
    i want to know how to connect yahoo system using SSO
    let me know procedure how to do that
    regards
    prakash

    Hi,
    Yahoo is already single sign on. You just login in home page and you can access your briefcase, photos, etc...
    you don't require to do anything special.
    If i didn't understand eloborate...
    --Ragu

Maybe you are looking for

  • Sending Email using flash

    Hello friends, I am right now stuck with a deep problem with this flash.. Please anyone out there who can give me a solution please help.. Here I am directly stepping into my problem.. I have a mailer, which is build in flash, which consists of the f

  • Third Party Procurement Goods Receipt

    For Third party procurement, where goods are ordered from a vendor and drop-shipped to a customer, how does SAP recommend the goods receipt process take place by the customer? (We are using CRM/ECC/SRM) For example, normal PO creation requires a plan

  • Help!  Can't display!

    It seems like there's a ton of information about the conceptual structure of Java TV on the internet, and great documentation for all the functions, but there's no intermediary material that discusses which classes/functions relate to which concepts.

  • Multi-master over WAN ?

    When will Multi-Master over WAN being supported ? Will it be in 5.2, and when will this release being distributed ?

  • Note to forum keepers

    Just a note that this morning there appeared to be a couple problems. 1. Your Watches disappeared 2. You seemed to have had problems with the login. It wouldn't accept my password (same one I used yesterday, today to post this, and sent to me by forg