Platform single sign-on (SSO) authenticates users by generating a random password and storing it in an operating specific store. Enabling platform single sign-on gives users secure access to the platform and the keystore without ever prompting the user.
To use platform single sign-on, navigate to the Password preferences page and uncheck Prompt me for a password
or check the Do not prompt me again
checkbox on the login dialog.
Optionally, you may set up the platform manually before the platform has been run for the first time:
In the plugin_customization.ini
file in the com.ibm.rcp.platform.personality.branding
plug-in, set the value of the following preferences to true
- com.ibm.rcp.security.auth.ui/ssoAllowed – Boolean value. Determines whether or not users have the option of using single sign-on. You can set this preference value during the client installation or later using a managed setting. This preference should not be surfaced to users.
- com.ibm.rcp.security.auth.ui/ssoEnabled – Boolean value. Determines whether or not users have the option of turning single sign-on on or off. If set to true, single sign-on can be used. If set to false, single sign-on is disabled. The value of this preference is relevant only if ssoAllowed is set to true.
These are Eclipse preference values. If the UI or other entities are already set, then they can no longer be set by plugin_customization.ini
. SSO can only be manually enabled through the plugin_customization.ini
file before the platform has been run in a new workspace. If the workspace has been retained from a previous install or if the platform has already been run, the password is required to access the keystore. SSO can then only be enabled through the platform login dialog or Password preference page.
Parent topic: Login configurations