Configure IBM® Lotus® Connections to use the Kerberos authentication mechanism. This single sign-on configuration permits users to sign in to the Windows® desktop and then automatically authenticate with IBM Lotus Connections without needing to sign in again.
Before you begin
Install Lotus Connections on a system that uses Microsoft® Active Directory as the LDAP directory.
Verify that Lotus Connections works as expected without the Kerberos authentication protocol.
Install Kerberos. For more information, go to the Kerberos (KRB5) authentication mechanism support for security
If you are using on-ramp plug-ins or mobile services, your data traffic is not authenticated by Kerberos tickets or SPNEGO tokens. It is instead authenticated through J2EE form-based authentication.
Create a user account in the LDAP directory and add it to the WebSphere® Application Server administrators group.
About this task
The Kerberos authentication protocol uses strong cryptography which enables a client to prove its identity to a server across an insecure network connection. After the client and server have proven their identity, the authentication protocol encrypts all data that the client and server exchange. Kerberos uses the SPNEGO mechanism to negotiate the security authentication.
To configure Lotus Connections to use the Kerberos authentication protocol, complete the following tasks:
Parent topic: Configuring single sign-on