Integration → Integrating with SBM → Single Sign-On (SSO) Configuration → Configuring Common Tomcat for SSO
To use a typical Deployment Automation installation with SBM, you must update configuration files to enable Common Tomcat to find and use the correct SBM SSO installation.
Before you can use SSO with Deployment Automation, you must have SBM installed and SSO must be enabled. You must have the Deployment Automation server installed on the same machine as the Common Tomcat.
C:\Program Files\Micro Focus\common\tomcat\8.5\alfssogatekeeper\conf
For example:
<parameter name="SecurityTokenService" Type="xsd:anyURI"> HTTPS://myserver:8243/TokenService/services/ Trust<parameter> <parameter name="SecurityTokenServiceExternal" Type="xsd:anyURI"> HTTPS://myserver:8243/TokenService/services/ Trust</parameter> <parameter name="FederationServerURL" Type="xsd:anyURI"> HTTPS://myserver:8243/ALFSSOLogin/login </parameter>
<ssoConfig> <ssoEnabled>true</ssoEnabled> </ssoConfig>
ALF SSO Gatekeeper error has occurred: Error obtaining security token.
Detail
Validation of WS-Federation token failed with code 40:Token issuer not allowed.
See Knowledgebase item S140637 for more information.
If you have configured Single Sign-On (SSO) with one version of Common Tomcat and have upgraded Deployment Automation to a version that uses a different version, you must configure Common Tomcat for SSO again, including setting the parameters in the gatekeeper-core-config.xml file. Otherwise, the SSO login will fail.
You must set these parameters by copying over the corresponding strings from earlier version of the gatekeeper-core-config.xml file. Copying and replacing the entire file from the earlier Common Tomcat installation does not work.
Copyright © 2011–2017 Serena Software, Inc., a Micro Focus company. All rights reserved.