SlideShare a Scribd company logo

Active Directory Single Sign-On with IBM

Download as PPTX, PDF
V
Van Staub, MBA

This presentation is from IBM's New Way to Learn 2016 partner enablement. The topic is an introduction to Active Directory Single Sign-On with WebSphere Portal and Connections Cloud. SSO with Domino and usage of SPNEGO are listed as resources at the end of the presentation.

Technology
1 of 31
Active Directory Single Sign-On Worldwide Business Partner Technical Enablement 2016 Van Staub – North America Embedded Solution Agreement Technical Sales 1
Agenda • review in a practical format configuring Active Directory and Active Directory Federation Services • configure SAML with WebSphere • discuss SAML with Connections Cloud • list notable resources at the end
Installing and Configuring Active Directory • the “directory” used to perform authentication with IBM software (e.g. WebSphere Portal) • provides a variety of authentication mechanisms almost out of the box – namely SAML, SPNEGO, and LDAP • very easy to get started
Active Directory Federation Services 2.0 • supports SAML authentication with ”relying parties” • SAML is a protocol that specifies the identity of a user in an encrypted format • identity of the user is provided using a “claim” (i.e. sAMAccountName or email address)
SAMLFlow XML
Installing and Configuring ADFS 2.0 • install the ADFS 2.0 software • configure the first federation server • manually add the SSL certificate to IIS if one is not listed as available to use (I re-used a certificate; you can create a self-signed if needed) • verify the SSL certificate you imported is also set as the Token-Signing certificate • also make sure it’s the primary certificate
manually importing the SSL certificate into IIS
Manually set the Token-Signing Certificate
Configuring WebSphere for SAML • ensure that security is enabled and working with Active Directory • install the SAML ACS enterprise application • configure the SAML TAI to work with the ADFS IdP • steps create a global configuration • steps are shown manually for clarity
• simply deploys the SAML ACS enterprise application • can also be done manually
• Using WAS Console go to Security -> Global Security -> Web and SIP security - > Trust Association • Uncheck Enable trust association
• Click Interceptors • com.ibm.ws.secu rity.web.saml.AC STrustAssociatio nInterceptor • add settings seen in screenshot
• Using WAS Console go to Security -> Global Security -> Custom Properties • add settings seen in screenshot
• Using WAS Console go to Security -> SSL Certificate and Key Management -> Key stores and Certificates • either NodeDefaultTrust Store or CellDefaultTrustST ore • Add SSL certificate (public key) manually or retrieve from port (i.e. the IIS server) the Token-Signer certificate specified earlier
certificate alias you just added to the TrustStore
• Using WAS Console go to Security -> Federated Repositories -> Configure • Click Trusted authentication realms - inbound • add external ream settings seen in screenshot Federation Server identifier seen earlier
• Using WAS Console go to Security -> Global Security -> Web and SIP security -> Trust Association • Check Enable trust association
Creating the Partnership • SAML 2.0 metadata XML can be exported from WebSphere and imported into ADFS • use AdminTask.exportSAMLSpMetadata(‘-spMetadataFileName <SpMetaDataFile> -ssoId 1′) sso_1.sp.acsURL sso_1.sp.acsURL
use defaults on next screens
Finished Partnership (Relying Party Trust)
Resources Understanding the WebSphere Application Server SAML Trust Association Interceptor http://www.ibm.com/developerworks/websphere/techjournal/1307_lansche/1307_lansche.html Step by step guide to implement SAML 2.0 for Portal 8.5 https://developer.ibm.com/digexp/docs/docs/customization-administration/step-step-guide-implement- saml-2-0-portal-8-5/ Front Side SAML SSO with microsoft product (ADFS -> WAS SAML TAI) https://www.ibm.com/developerworks/community/blogs/8f2bc166-3bdc-4a9d-bad4- 3620dbb3e46c/entry/Front_Side_SAML_SSO_with_microsoft_product_ADFS_WAS_SAML_TAI?lang =en Step-by-Step guide to Configure Single sign-on for HTTP requests using SPNEGO web authentication https://www-10.lotus.com/ldd/portalwiki.nsf/dx/Step-by-Step_guide_to_Configure_Single_sign- on_for_HTTP_requests_using_SPNEGO_web_authentication AD + SAML + Kerberos + IBM Notes and Domino = SSO! http://www.andypedisich.com/blogs/andysblog.nsf/dx/robs-saml-presentation-from-mwlug-has-been- posted.htm BP104 Simplifying The S’s: Single Sign-On, SPNEGO and SAML (2014) http://www.idonotes.com/IdoNotes/IdoConnect2013.nsf/dx/bp104-simplifying-the-ss-single-sign-on- spnego-and-saml-2014.htm
Thank You 31

Recommended

Windows Server 2012 Managing Active Directory Domain
Windows Server 2012 Managing Active Directory DomainWindows Server 2012 Managing Active Directory Domain
Windows Server 2012 Managing Active Directory DomainNapoleon NV
 
IBM Single Sign-On
IBM Single Sign-OnIBM Single Sign-On
IBM Single Sign-OnVan Staub, MBA
 
Active Directory Ii
Active Directory IiActive Directory Ii
Active Directory Iideshvikas
 
Azure security architecture
Azure security architectureAzure security architecture
Azure security architectureKarl Ots
 
Masterclass - Amazon WorkSpaces
Masterclass - Amazon WorkSpacesMasterclass - Amazon WorkSpaces
Masterclass - Amazon WorkSpacesAmazon Web Services
 
Data Protection in Transit and at Rest
Data Protection in Transit and at RestData Protection in Transit and at Rest
Data Protection in Transit and at RestAmazon Web Services
 
Microsoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewMicrosoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewDavid J Rosenthal
 
Microsoft Active Directory.pptx
Microsoft Active Directory.pptxMicrosoft Active Directory.pptx
Microsoft Active Directory.pptxmasbulosoke
 

Recommended

Windows Server 2012 Managing Active Directory Domain
Windows Server 2012 Managing Active Directory DomainWindows Server 2012 Managing Active Directory Domain
Windows Server 2012 Managing Active Directory DomainNapoleon NV
 
IBM Single Sign-On
IBM Single Sign-OnIBM Single Sign-On
IBM Single Sign-OnVan Staub, MBA
 
Active Directory Ii
Active Directory IiActive Directory Ii
Active Directory Iideshvikas
 
Azure security architecture
Azure security architectureAzure security architecture
Azure security architectureKarl Ots
 
Masterclass - Amazon WorkSpaces
Masterclass - Amazon WorkSpacesMasterclass - Amazon WorkSpaces
Masterclass - Amazon WorkSpacesAmazon Web Services
 
Data Protection in Transit and at Rest
Data Protection in Transit and at RestData Protection in Transit and at Rest
Data Protection in Transit and at RestAmazon Web Services
 
Microsoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewMicrosoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewDavid J Rosenthal
 
Microsoft Active Directory.pptx
Microsoft Active Directory.pptxMicrosoft Active Directory.pptx
Microsoft Active Directory.pptxmasbulosoke
 
ACTIVE-DIRECTORY.ppt
ACTIVE-DIRECTORY.pptACTIVE-DIRECTORY.ppt
ACTIVE-DIRECTORY.pptmwti2
 
Everything you need to know about external sharing in OneDrive, SharePoint, a...
Everything you need to know about external sharing in OneDrive, SharePoint, a...Everything you need to know about external sharing in OneDrive, SharePoint, a...
Everything you need to know about external sharing in OneDrive, SharePoint, a...Drew Madelung
 
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS SummitPlan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS SummitAmazon Web Services
 
AWS IAM and security
AWS IAM and securityAWS IAM and security
AWS IAM and securityErik Paulsson
 
Windows Server 2012 Installation and Configurtion Superiorgrw
Windows Server 2012 Installation and Configurtion SuperiorgrwWindows Server 2012 Installation and Configurtion Superiorgrw
Windows Server 2012 Installation and Configurtion SuperiorgrwAwais Amjad
 
Introduction_of_ADDS
Introduction_of_ADDSIntroduction_of_ADDS
Introduction_of_ADDSHarsh Sethi
 
Active directory slides
Active directory slidesActive directory slides
Active directory slidesTimothy Moffatt
 
Introduction to EC2 (AWS)
Introduction to EC2 (AWS)Introduction to EC2 (AWS)
Introduction to EC2 (AWS)NodeXperts
 
Best Practices for Active Directory with AWS Workloads
Best Practices for Active Directory with AWS WorkloadsBest Practices for Active Directory with AWS Workloads
Best Practices for Active Directory with AWS WorkloadsAmazon Web Services
 
Active Directory Services
Active Directory ServicesActive Directory Services
Active Directory ServicesVarun Arora
 
Group policy Best Practices
Group policy Best PracticesGroup policy Best Practices
Group policy Best PracticesRob Dunn
 
network storage
network storagenetwork storage
network storagepranayakumar1986
 
Active-Directory-Domain-Services.pptx
Active-Directory-Domain-Services.pptxActive-Directory-Domain-Services.pptx
Active-Directory-Domain-Services.pptxMeriemBalhaddad
 
Messaging Systems on AWS
Messaging Systems on AWSMessaging Systems on AWS
Messaging Systems on AWSAmazon Web Services
 
What is active directory
What is active directoryWhat is active directory
What is active directoryAdeel Khurram
 
Solving the Asset Management Challenge for Cybersecurity (It’s About Time)
Solving the Asset Management Challenge for Cybersecurity (It’s About Time)Solving the Asset Management Challenge for Cybersecurity (It’s About Time)
Solving the Asset Management Challenge for Cybersecurity (It’s About Time)Enterprise Management Associates
 
CCI2018 - Azure Network - Security Best Practices
CCI2018 - Azure Network - Security Best PracticesCCI2018 - Azure Network - Security Best Practices
CCI2018 - Azure Network - Security Best Practiceswalk2talk srl
 
Introduction to Active Directory
Introduction to Active DirectoryIntroduction to Active Directory
Introduction to Active Directorythoms1i
 
2.1 users & groups
2.1 users & groups2.1 users & groups
2.1 users & groupsMuuluu
 
active-directory-domain-services
active-directory-domain-servicesactive-directory-domain-services
active-directory-domain-services202066
 
IBM Social Business Toolkit
IBM Social Business ToolkitIBM Social Business Toolkit
IBM Social Business ToolkitVan Staub, MBA
 
IBM Digital Experience Theme Customization
IBM Digital Experience Theme CustomizationIBM Digital Experience Theme Customization
IBM Digital Experience Theme CustomizationVan Staub, MBA
 

More Related Content

What's hot

ACTIVE-DIRECTORY.ppt
ACTIVE-DIRECTORY.pptACTIVE-DIRECTORY.ppt
ACTIVE-DIRECTORY.pptmwti2
 
Everything you need to know about external sharing in OneDrive, SharePoint, a...
Everything you need to know about external sharing in OneDrive, SharePoint, a...Everything you need to know about external sharing in OneDrive, SharePoint, a...
Everything you need to know about external sharing in OneDrive, SharePoint, a...Drew Madelung
 
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS SummitPlan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS SummitAmazon Web Services
 
AWS IAM and security
AWS IAM and securityAWS IAM and security
AWS IAM and securityErik Paulsson
 
Windows Server 2012 Installation and Configurtion Superiorgrw
Windows Server 2012 Installation and Configurtion SuperiorgrwWindows Server 2012 Installation and Configurtion Superiorgrw
Windows Server 2012 Installation and Configurtion SuperiorgrwAwais Amjad
 
Introduction_of_ADDS
Introduction_of_ADDSIntroduction_of_ADDS
Introduction_of_ADDSHarsh Sethi
 
Introduction to EC2 (AWS)
Introduction to EC2 (AWS)Introduction to EC2 (AWS)
Introduction to EC2 (AWS)NodeXperts
 
Best Practices for Active Directory with AWS Workloads
Best Practices for Active Directory with AWS WorkloadsBest Practices for Active Directory with AWS Workloads
Best Practices for Active Directory with AWS WorkloadsAmazon Web Services
 
Active Directory Services
Active Directory ServicesActive Directory Services
Active Directory ServicesVarun Arora
 
Group policy Best Practices
Group policy Best PracticesGroup policy Best Practices
Group policy Best PracticesRob Dunn
 
Active-Directory-Domain-Services.pptx
Active-Directory-Domain-Services.pptxActive-Directory-Domain-Services.pptx
Active-Directory-Domain-Services.pptxMeriemBalhaddad
 
What is active directory
What is active directoryWhat is active directory
What is active directoryAdeel Khurram
 
Solving the Asset Management Challenge for Cybersecurity (It’s About Time)
Solving the Asset Management Challenge for Cybersecurity (It’s About Time)Solving the Asset Management Challenge for Cybersecurity (It’s About Time)
Solving the Asset Management Challenge for Cybersecurity (It’s About Time)Enterprise Management Associates
 
CCI2018 - Azure Network - Security Best Practices
CCI2018 - Azure Network - Security Best PracticesCCI2018 - Azure Network - Security Best Practices
CCI2018 - Azure Network - Security Best Practiceswalk2talk srl
 
Introduction to Active Directory
Introduction to Active DirectoryIntroduction to Active Directory
Introduction to Active Directorythoms1i
 
2.1 users & groups
2.1 users & groups2.1 users & groups
2.1 users & groupsMuuluu
 
active-directory-domain-services
active-directory-domain-servicesactive-directory-domain-services
active-directory-domain-services202066
 

What's hot (20)

ACTIVE-DIRECTORY.ppt
ACTIVE-DIRECTORY.pptACTIVE-DIRECTORY.ppt
ACTIVE-DIRECTORY.ppt
 
Everything you need to know about external sharing in OneDrive, SharePoint, a...
Everything you need to know about external sharing in OneDrive, SharePoint, a...Everything you need to know about external sharing in OneDrive, SharePoint, a...
Everything you need to know about external sharing in OneDrive, SharePoint, a...
 
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS SummitPlan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit
 
AWS IAM and security
AWS IAM and securityAWS IAM and security
AWS IAM and security
 
Windows Server 2012 Installation and Configurtion Superiorgrw
Windows Server 2012 Installation and Configurtion SuperiorgrwWindows Server 2012 Installation and Configurtion Superiorgrw
Windows Server 2012 Installation and Configurtion Superiorgrw
 
Introduction_of_ADDS
Introduction_of_ADDSIntroduction_of_ADDS
Introduction_of_ADDS
 
Active directory slides
Active directory slidesActive directory slides
Active directory slides
 
Introduction to EC2 (AWS)
Introduction to EC2 (AWS)Introduction to EC2 (AWS)
Introduction to EC2 (AWS)
 
Best Practices for Active Directory with AWS Workloads
Best Practices for Active Directory with AWS WorkloadsBest Practices for Active Directory with AWS Workloads
Best Practices for Active Directory with AWS Workloads
 
Active Directory Services
Active Directory ServicesActive Directory Services
Active Directory Services
 
Group policy Best Practices
Group policy Best PracticesGroup policy Best Practices
Group policy Best Practices
 
network storage
network storagenetwork storage
network storage
 
Active-Directory-Domain-Services.pptx
Active-Directory-Domain-Services.pptxActive-Directory-Domain-Services.pptx
Active-Directory-Domain-Services.pptx
 
Messaging Systems on AWS
Messaging Systems on AWSMessaging Systems on AWS
Messaging Systems on AWS
 
What is active directory
What is active directoryWhat is active directory
What is active directory
 
Solving the Asset Management Challenge for Cybersecurity (It’s About Time)
Solving the Asset Management Challenge for Cybersecurity (It’s About Time)Solving the Asset Management Challenge for Cybersecurity (It’s About Time)
Solving the Asset Management Challenge for Cybersecurity (It’s About Time)
 
CCI2018 - Azure Network - Security Best Practices
CCI2018 - Azure Network - Security Best PracticesCCI2018 - Azure Network - Security Best Practices
CCI2018 - Azure Network - Security Best Practices
 
Introduction to Active Directory
Introduction to Active DirectoryIntroduction to Active Directory
Introduction to Active Directory
 
2.1 users & groups
2.1 users & groups2.1 users & groups
2.1 users & groups
 
active-directory-domain-services
active-directory-domain-servicesactive-directory-domain-services
active-directory-domain-services
 

Viewers also liked

IBM Social Business Toolkit
IBM Social Business ToolkitIBM Social Business Toolkit
IBM Social Business ToolkitVan Staub, MBA
 
IBM Digital Experience Theme Customization
IBM Digital Experience Theme CustomizationIBM Digital Experience Theme Customization
IBM Digital Experience Theme CustomizationVan Staub, MBA
 
IBM Watson Work Services Development
IBM Watson Work Services DevelopmentIBM Watson Work Services Development
IBM Watson Work Services DevelopmentVan Staub, MBA
 
Dave hay desktop single sign-on in an active directory world
Dave hay desktop single sign-on in an active directory worldDave hay desktop single sign-on in an active directory world
Dave hay desktop single sign-on in an active directory worldDave Hay
 
IBM Connections and Desktop Single Sign-On using Microsoft Active Directory, ...
IBM Connections and Desktop Single Sign-On using Microsoft Active Directory, ...IBM Connections and Desktop Single Sign-On using Microsoft Active Directory, ...
IBM Connections and Desktop Single Sign-On using Microsoft Active Directory, ...Dave Hay
 
IBM Connect Switzerland - Der entspannte Administrator
IBM Connect Switzerland - Der entspannte AdministratorIBM Connect Switzerland - Der entspannte Administrator
IBM Connect Switzerland - Der entspannte AdministratorKlaus Bild
 
Migration to IBM SmartCloud Notes
Migration to IBM SmartCloud Notes Migration to IBM SmartCloud Notes
Migration to IBM SmartCloud Notes jackdowning
 
OAuth In The Real World : 10 actual implementations you can't guess
OAuth In The Real World : 10 actual implementations you can't guessOAuth In The Real World : 10 actual implementations you can't guess
OAuth In The Real World : 10 actual implementations you can't guessMehdi Medjaoui
 
NEPHP '12: Create a RESTful API
NEPHP '12: Create a RESTful APINEPHP '12: Create a RESTful API
NEPHP '12: Create a RESTful APIAndrew Curioso
 
MongoDB - The database strikes back
MongoDB - The database strikes back MongoDB - The database strikes back
MongoDB - The database strikes back Steven Cooper
 
Tomboy Web Sync Explained
Tomboy Web Sync ExplainedTomboy Web Sync Explained
Tomboy Web Sync ExplainedMohan Krishnan
 
Angular meteor for angular devs
Angular meteor for angular devsAngular meteor for angular devs
Angular meteor for angular devsArc & Codementor
 
The never-ending REST API design debate -- Devoxx France 2016
The never-ending REST API design debate -- Devoxx France 2016The never-ending REST API design debate -- Devoxx France 2016
The never-ending REST API design debate -- Devoxx France 2016Restlet
 
VMUG - Using PowerShell to call RESTful APIs
VMUG - Using PowerShell to call RESTful APIsVMUG - Using PowerShell to call RESTful APIs
VMUG - Using PowerShell to call RESTful APIsChris Wahl
 
The Present Future of OAuth
The Present Future of OAuthThe Present Future of OAuth
The Present Future of OAuthMichael Bleigh
 
Joker'15 Java straitjackets for MongoDB
Joker'15 Java straitjackets for MongoDBJoker'15 Java straitjackets for MongoDB
Joker'15 Java straitjackets for MongoDBAlexey Zinoviev
 
VMUG - Picking Up New Skills - Tips and Tricks to Build Your Technical Tool C...
VMUG - Picking Up New Skills - Tips and Tricks to Build Your Technical Tool C...VMUG - Picking Up New Skills - Tips and Tricks to Build Your Technical Tool C...
VMUG - Picking Up New Skills - Tips and Tricks to Build Your Technical Tool C...Chris Wahl
 
Webinar: Migration from IBM Domino to IBM Verse
Webinar: Migration from IBM Domino to IBM VerseWebinar: Migration from IBM Domino to IBM Verse
Webinar: Migration from IBM Domino to IBM VerseMOVE4IDEAS
 

Viewers also liked (20)

IBM Social Business Toolkit
IBM Social Business ToolkitIBM Social Business Toolkit
IBM Social Business Toolkit
 
IBM Digital Experience Theme Customization
IBM Digital Experience Theme CustomizationIBM Digital Experience Theme Customization
IBM Digital Experience Theme Customization
 
IBM Watson Work Services Development
IBM Watson Work Services DevelopmentIBM Watson Work Services Development
IBM Watson Work Services Development
 
Single sign on using SAML
Single sign on using SAML Single sign on using SAML
Single sign on using SAML
 
Dave hay desktop single sign-on in an active directory world
Dave hay desktop single sign-on in an active directory worldDave hay desktop single sign-on in an active directory world
Dave hay desktop single sign-on in an active directory world
 
IBM Connections and Desktop Single Sign-On using Microsoft Active Directory, ...
IBM Connections and Desktop Single Sign-On using Microsoft Active Directory, ...IBM Connections and Desktop Single Sign-On using Microsoft Active Directory, ...
IBM Connections and Desktop Single Sign-On using Microsoft Active Directory, ...
 
IBM Connect Switzerland - Der entspannte Administrator
IBM Connect Switzerland - Der entspannte AdministratorIBM Connect Switzerland - Der entspannte Administrator
IBM Connect Switzerland - Der entspannte Administrator
 
Migration to IBM SmartCloud Notes
Migration to IBM SmartCloud Notes Migration to IBM SmartCloud Notes
Migration to IBM SmartCloud Notes
 
OAuth In The Real World : 10 actual implementations you can't guess
OAuth In The Real World : 10 actual implementations you can't guessOAuth In The Real World : 10 actual implementations you can't guess
OAuth In The Real World : 10 actual implementations you can't guess
 
NEPHP '12: Create a RESTful API
NEPHP '12: Create a RESTful APINEPHP '12: Create a RESTful API
NEPHP '12: Create a RESTful API
 
MongoDB - The database strikes back
MongoDB - The database strikes back MongoDB - The database strikes back
MongoDB - The database strikes back
 
Tomboy Web Sync Explained
Tomboy Web Sync ExplainedTomboy Web Sync Explained
Tomboy Web Sync Explained
 
Angular meteor for angular devs
Angular meteor for angular devsAngular meteor for angular devs
Angular meteor for angular devs
 
The never-ending REST API design debate -- Devoxx France 2016
The never-ending REST API design debate -- Devoxx France 2016The never-ending REST API design debate -- Devoxx France 2016
The never-ending REST API design debate -- Devoxx France 2016
 
VMUG - Using PowerShell to call RESTful APIs
VMUG - Using PowerShell to call RESTful APIsVMUG - Using PowerShell to call RESTful APIs
VMUG - Using PowerShell to call RESTful APIs
 
The Present Future of OAuth
The Present Future of OAuthThe Present Future of OAuth
The Present Future of OAuth
 
Joker'15 Java straitjackets for MongoDB
Joker'15 Java straitjackets for MongoDBJoker'15 Java straitjackets for MongoDB
Joker'15 Java straitjackets for MongoDB
 
MongoDB Workshop
MongoDB WorkshopMongoDB Workshop
MongoDB Workshop
 
VMUG - Picking Up New Skills - Tips and Tricks to Build Your Technical Tool C...
VMUG - Picking Up New Skills - Tips and Tricks to Build Your Technical Tool C...VMUG - Picking Up New Skills - Tips and Tricks to Build Your Technical Tool C...
VMUG - Picking Up New Skills - Tips and Tricks to Build Your Technical Tool C...
 
Webinar: Migration from IBM Domino to IBM Verse
Webinar: Migration from IBM Domino to IBM VerseWebinar: Migration from IBM Domino to IBM Verse
Webinar: Migration from IBM Domino to IBM Verse
 

Similar to Active Directory Single Sign-On with IBM

AWS Webcast - Deploying Remote Desktop Gateway on the AWS Cloud
AWS Webcast - Deploying Remote Desktop Gateway on the AWS CloudAWS Webcast - Deploying Remote Desktop Gateway on the AWS Cloud
AWS Webcast - Deploying Remote Desktop Gateway on the AWS CloudAmazon Web Services
 
AWS Cyber Security Best Practices
AWS Cyber Security Best PracticesAWS Cyber Security Best Practices
AWS Cyber Security Best PracticesDoiT International
 
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...Amazon Web Services
 
Powering Remote Developers with Amazon Workspaces
Powering Remote Developers with Amazon WorkspacesPowering Remote Developers with Amazon Workspaces
Powering Remote Developers with Amazon WorkspacesAmazon Web Services
 
Hackproof Your Cloud: Responding to 2016 Threats
Hackproof Your Cloud: Responding to 2016 Threats Hackproof Your Cloud: Responding to 2016 Threats
Hackproof Your Cloud: Responding to 2016 Threats CloudCheckr
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityLalitMohanSharma8
 
AWS Webcast - Highly Available SQL Server on AWS
AWS Webcast - Highly Available SQL Server on AWS AWS Webcast - Highly Available SQL Server on AWS
AWS Webcast - Highly Available SQL Server on AWS Amazon Web Services
 
(DEV202) Under the Desk to the AWS Cloud with Windows PowerShell
(DEV202) Under the Desk to the AWS Cloud with Windows PowerShell(DEV202) Under the Desk to the AWS Cloud with Windows PowerShell
(DEV202) Under the Desk to the AWS Cloud with Windows PowerShellAmazon Web Services
 
AWS re:Invent 2016: Hackproof Your Cloud: Responding to 2016 Threats (SAC308)
AWS re:Invent 2016: Hackproof Your Cloud: Responding to 2016 Threats (SAC308)AWS re:Invent 2016: Hackproof Your Cloud: Responding to 2016 Threats (SAC308)
AWS re:Invent 2016: Hackproof Your Cloud: Responding to 2016 Threats (SAC308)Amazon Web Services
 
CIS Compliance Automations Eevidence Collection, Security and Compliance Be...
CIS Compliance Automations Eevidence Collection, Security and Compliance Be...CIS Compliance Automations Eevidence Collection, Security and Compliance Be...
CIS Compliance Automations Eevidence Collection, Security and Compliance Be...Faiza Mehar
 
Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...
Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...
Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...CodeMill digital skills
 
Apache Knox Gateway "Single Sign On" expands the reach of the Enterprise Users
Apache Knox Gateway "Single Sign On" expands the reach of the Enterprise UsersApache Knox Gateway "Single Sign On" expands the reach of the Enterprise Users
Apache Knox Gateway "Single Sign On" expands the reach of the Enterprise UsersDataWorks Summit
 
Hackproof Your Cloud: Responding to 2016 Threats
Hackproof Your Cloud: Responding to 2016 ThreatsHackproof Your Cloud: Responding to 2016 Threats
Hackproof Your Cloud: Responding to 2016 ThreatsAmazon Web Services
 
Hack proof your aws cloud cloudcheckr_040416
Hack proof your aws cloud cloudcheckr_040416Hack proof your aws cloud cloudcheckr_040416
Hack proof your aws cloud cloudcheckr_040416Jarrett Plante
 
Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsamitchachra
 
Get On Top of Azure Resource Security Using Secure DevOps Kit for Azure
Get On Top of Azure Resource Security Using Secure DevOps Kit for AzureGet On Top of Azure Resource Security Using Secure DevOps Kit for Azure
Get On Top of Azure Resource Security Using Secure DevOps Kit for AzureKasun Kodagoda
 
Simplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing ZoneSimplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing ZoneAmazon Web Services
 
Automating Security in your IaC Pipeline
Automating Security in your IaC PipelineAutomating Security in your IaC Pipeline
Automating Security in your IaC PipelineAmazon Web Services
 
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Amazon Web Services
 
Hackproof Your Cloud – Responding to 2016 Threats
Hackproof Your Cloud – Responding to 2016 ThreatsHackproof Your Cloud – Responding to 2016 Threats
Hackproof Your Cloud – Responding to 2016 ThreatsAmazon Web Services
 

Similar to Active Directory Single Sign-On with IBM (20)

AWS Webcast - Deploying Remote Desktop Gateway on the AWS Cloud
AWS Webcast - Deploying Remote Desktop Gateway on the AWS CloudAWS Webcast - Deploying Remote Desktop Gateway on the AWS Cloud
AWS Webcast - Deploying Remote Desktop Gateway on the AWS Cloud
 
AWS Cyber Security Best Practices
AWS Cyber Security Best PracticesAWS Cyber Security Best Practices
AWS Cyber Security Best Practices
 
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...
 
Powering Remote Developers with Amazon Workspaces
Powering Remote Developers with Amazon WorkspacesPowering Remote Developers with Amazon Workspaces
Powering Remote Developers with Amazon Workspaces
 
Hackproof Your Cloud: Responding to 2016 Threats
Hackproof Your Cloud: Responding to 2016 Threats Hackproof Your Cloud: Responding to 2016 Threats
Hackproof Your Cloud: Responding to 2016 Threats
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
AWS Webcast - Highly Available SQL Server on AWS
AWS Webcast - Highly Available SQL Server on AWS AWS Webcast - Highly Available SQL Server on AWS
AWS Webcast - Highly Available SQL Server on AWS
 
(DEV202) Under the Desk to the AWS Cloud with Windows PowerShell
(DEV202) Under the Desk to the AWS Cloud with Windows PowerShell(DEV202) Under the Desk to the AWS Cloud with Windows PowerShell
(DEV202) Under the Desk to the AWS Cloud with Windows PowerShell
 
AWS re:Invent 2016: Hackproof Your Cloud: Responding to 2016 Threats (SAC308)
AWS re:Invent 2016: Hackproof Your Cloud: Responding to 2016 Threats (SAC308)AWS re:Invent 2016: Hackproof Your Cloud: Responding to 2016 Threats (SAC308)
AWS re:Invent 2016: Hackproof Your Cloud: Responding to 2016 Threats (SAC308)
 
CIS Compliance Automations Eevidence Collection, Security and Compliance Be...
CIS Compliance Automations Eevidence Collection, Security and Compliance Be...CIS Compliance Automations Eevidence Collection, Security and Compliance Be...
CIS Compliance Automations Eevidence Collection, Security and Compliance Be...
 
Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...
Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...
Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...
 
Apache Knox Gateway "Single Sign On" expands the reach of the Enterprise Users
Apache Knox Gateway "Single Sign On" expands the reach of the Enterprise UsersApache Knox Gateway "Single Sign On" expands the reach of the Enterprise Users
Apache Knox Gateway "Single Sign On" expands the reach of the Enterprise Users
 
Hackproof Your Cloud: Responding to 2016 Threats
Hackproof Your Cloud: Responding to 2016 ThreatsHackproof Your Cloud: Responding to 2016 Threats
Hackproof Your Cloud: Responding to 2016 Threats
 
Hack proof your aws cloud cloudcheckr_040416
Hack proof your aws cloud cloudcheckr_040416Hack proof your aws cloud cloudcheckr_040416
Hack proof your aws cloud cloudcheckr_040416
 
Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfs
 
Get On Top of Azure Resource Security Using Secure DevOps Kit for Azure
Get On Top of Azure Resource Security Using Secure DevOps Kit for AzureGet On Top of Azure Resource Security Using Secure DevOps Kit for Azure
Get On Top of Azure Resource Security Using Secure DevOps Kit for Azure
 
Simplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing ZoneSimplify & Standardise your migration to AWS with a Migration Landing Zone
Simplify & Standardise your migration to AWS with a Migration Landing Zone
 
Automating Security in your IaC Pipeline
Automating Security in your IaC PipelineAutomating Security in your IaC Pipeline
Automating Security in your IaC Pipeline
 
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
 
Hackproof Your Cloud – Responding to 2016 Threats
Hackproof Your Cloud – Responding to 2016 ThreatsHackproof Your Cloud – Responding to 2016 Threats
Hackproof Your Cloud – Responding to 2016 Threats
 

Recently uploaded

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 

Recently uploaded (20)

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 

Active Directory Single Sign-On with IBM

  • 1. Active Directory Single Sign-On Worldwide Business Partner Technical Enablement 2016 Van Staub – North America Embedded Solution Agreement Technical Sales 1
  • 2. Agenda • review in a practical format configuring Active Directory and Active Directory Federation Services • configure SAML with WebSphere • discuss SAML with Connections Cloud • list notable resources at the end
  • 3. Installing and Configuring Active Directory • the “directory” used to perform authentication with IBM software (e.g. WebSphere Portal) • provides a variety of authentication mechanisms almost out of the box – namely SAML, SPNEGO, and LDAP • very easy to get started
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10. Active Directory Federation Services 2.0 • supports SAML authentication with ”relying parties” • SAML is a protocol that specifies the identity of a user in an encrypted format • identity of the user is provided using a “claim” (i.e. sAMAccountName or email address)
  • 12. Installing and Configuring ADFS 2.0 • install the ADFS 2.0 software • configure the first federation server • manually add the SSL certificate to IIS if one is not listed as available to use (I re-used a certificate; you can create a self-signed if needed) • verify the SSL certificate you imported is also set as the Token-Signing certificate • also make sure it’s the primary certificate
  • 13.
  • 14.
  • 15. manually importing the SSL certificate into IIS
  • 16.
  • 18. Configuring WebSphere for SAML • ensure that security is enabled and working with Active Directory • install the SAML ACS enterprise application • configure the SAML TAI to work with the ADFS IdP • steps create a global configuration • steps are shown manually for clarity
  • 19. • simply deploys the SAML ACS enterprise application • can also be done manually
  • 20. • Using WAS Console go to Security -> Global Security -> Web and SIP security - > Trust Association • Uncheck Enable trust association
  • 21. • Click Interceptors • com.ibm.ws.secu rity.web.saml.AC STrustAssociatio nInterceptor • add settings seen in screenshot
  • 22. • Using WAS Console go to Security -> Global Security -> Custom Properties • add settings seen in screenshot
  • 23. • Using WAS Console go to Security -> SSL Certificate and Key Management -> Key stores and Certificates • either NodeDefaultTrust Store or CellDefaultTrustST ore • Add SSL certificate (public key) manually or retrieve from port (i.e. the IIS server) the Token-Signer certificate specified earlier
  • 24. certificate alias you just added to the TrustStore
  • 25. • Using WAS Console go to Security -> Federated Repositories -> Configure • Click Trusted authentication realms - inbound • add external ream settings seen in screenshot Federation Server identifier seen earlier
  • 26. • Using WAS Console go to Security -> Global Security -> Web and SIP security -> Trust Association • Check Enable trust association
  • 27. Creating the Partnership • SAML 2.0 metadata XML can be exported from WebSphere and imported into ADFS • use AdminTask.exportSAMLSpMetadata(‘-spMetadataFileName <SpMetaDataFile> -ssoId 1′) sso_1.sp.acsURL sso_1.sp.acsURL
  • 28. use defaults on next screens
  • 30. Resources Understanding the WebSphere Application Server SAML Trust Association Interceptor http://www.ibm.com/developerworks/websphere/techjournal/1307_lansche/1307_lansche.html Step by step guide to implement SAML 2.0 for Portal 8.5 https://developer.ibm.com/digexp/docs/docs/customization-administration/step-step-guide-implement- saml-2-0-portal-8-5/ Front Side SAML SSO with microsoft product (ADFS -> WAS SAML TAI) https://www.ibm.com/developerworks/community/blogs/8f2bc166-3bdc-4a9d-bad4- 3620dbb3e46c/entry/Front_Side_SAML_SSO_with_microsoft_product_ADFS_WAS_SAML_TAI?lang =en Step-by-Step guide to Configure Single sign-on for HTTP requests using SPNEGO web authentication https://www-10.lotus.com/ldd/portalwiki.nsf/dx/Step-by-Step_guide_to_Configure_Single_sign- on_for_HTTP_requests_using_SPNEGO_web_authentication AD + SAML + Kerberos + IBM Notes and Domino = SSO! http://www.andypedisich.com/blogs/andysblog.nsf/dx/robs-saml-presentation-from-mwlug-has-been- posted.htm BP104 Simplifying The S’s: Single Sign-On, SPNEGO and SAML (2014) http://www.idonotes.com/IdoNotes/IdoConnect2013.nsf/dx/bp104-simplifying-the-ss-single-sign-on- spnego-and-saml-2014.htm