Before you begin
Verify that IBM
Connections works correctly without the SPNEGO authentication protocol.
Create a user account in the LDAP directory and add it to the WebSphere
® Application Server administrators group.
Complete the steps in the Creating a service principal name and keytab file
If you are using on-ramp plug-ins or mobile services, your data traffic is not authenticated by Kerberos tickets or SPNEGO tokens. It is instead authenticated through J2EE form-based authentication.
About this task
The Kerberos authentication protocol uses strong cryptography which enables a client to prove its identity to a server across an insecure network connection. After the client and server have proven their identity, the authentication protocol encrypts all data that the client and server exchange. The SPNEGO tokens, which wrap valid Kerberos tickets, can be used to negotiate the security for SSO.
To configure IBM
Connections to use SPNEGO, complete the following tasks:
Parent topic: Configuring single sign-on
IBM Connections system requirements