1. Configuring the CA SiteMinder SSO for Quickr 8.5, please refer to this document: http://www-10.lotus.com/ldd/lqwiki.nsf/dx/Configure_CA_SiteMinder_security_with_IBM_Domino-Quickr_8.5
2. Configuring the CA SiteMinder SSO for ECM P8 Server, please refer to this document:
3. Integrating IBM Lotus Quickr 8.5 for Domino with IBM Enterprise Content Management
Please follow guide here: http://www-10.lotus.com/ldd/lqwiki.nsf/dx/Integrating_IBM_Lotus_Quickr_8.5_for_Domino_with_IBMEnterprise_Content_Management_Configuration_and_bestpractices
or here: http://www.ibm.com/developerworks/lotus/library/quickr-ecm/index.html
4. Make sure the Quickr Server and the P8 Server using the same LTPA key, import the P8 SSO key into Quickr's Web SSO configuration on Quickr Domino Server
Perform the following steps to enable single sign-on between P8 and the Lotus Quickr server:
a. From the WebSphere Application Server Administrative Console(for P8 this Application server is FileNet Quickr Services), click Security>Global Security>Authentication Mechanisms and then select LTPA.
b. Click Single signon (SSO). Specify the Domain name and then click OK.
c. Generate the LTPA key. Specify a password and the file path where the key will be exported and then export the key.
d. Copy the SSO key to Quickr Server
e. Import the P8 SSO key into Quickr's Web SSO configuration on Quickr Domino Server
- Open the Quickr from Notes Administrator.
- Go to Configuration > Web... > View Current Configurations.
- Click "Create Web SSO Configuration"
- Click "Keys"> "Import Websphere LTPA Keys"
- Enter the path of LTPA key and click "OK", and then the password, and "OK"
5. In SiteMinder SSO integration environment for FileNet P8 and Quickr, the request will be sent from both the client and Quickr Server sides when you publish a document from Quickr Server to P8 Server, but the SiteMinder Server has a "IP Check" policy, so the request can not be sent successfully.
To allow the different IP address, disable the "IP Check" parameter from SiteMinder Server. In the Quickr Server's "Agent Configuration Object Properties" dialog, edit the "TransientIPCheck" parameter to "no", and make sure the Quickr Server and the P8 Server in the same domain.