Single sign-on by using Kerberos
IBM® Safer Payments allows SSO login by using Kerberos.
Extra setup steps on the IBM Safer Payments server, outside of the IBM Safer Payments configuration, must be completed.
- Your IBM Safer Payments configuration must be connected to an existing LDAP (or Active Directory) server. After turning on LDAP in , you can select the Allow Single Sign On option.
- You must create a keytab file on your Kerberos (or Active Directory) server and deploy it to all IBM Safer Payments servers that are used for API access.
- You must change some system configuration files on the IBM Safer Payments server to point to your Kerberos (or Active Directory) server.
- Finally, every user must run a setup step on the web browser to allow the browser to pass the users authentication parameters to the server.
- For more information about the setup process, see in the online help.
Note: SSO is not required for operation in accordance to PA-DSS.