How To Accomplish Automatic Login To The SSO Server?
Article ID: 52639
Updated On:
Products
CA Single Sign-On
Issue/Introduction
Description:
It is not desired that users need to login explicitly to the SSO Client in order to authenticate to the SSO Server.
What are the options to automate this login process?
Solution:
There are three options available to do so:
- Using the SSO GINA
This is the method leaving the largest footprint on the system as it is requiring the exchange of the MS GINA logon dialog with the SSO GINA.
However, this is also the most flexible method, as it allows automation using any authentication method offered by CA SSO. - Windows Authentication
It is possible with the SSO Windows Authentication Method to utilise the Windows session token issued by the Windows Domain Controller while logging on to the Windows Domain.
To do so you need to set in the Client
- Auth.ini file
...
ServerSetSelection=3
...
AuthMethods=WIN
...
AutoNetworkAuth=yes
...
- Client.ini file
...
AutoLogon=yes
...
Moreover, automatically launch the SSO Client Launchbar by means of Windows Startup folder, Registry or logon script. - Certificate Authentication
It is possible with the SSO Certificate Authentication Method to point to a pre-defined certificate which is utilised for the login process.
To do so you need to set in the Client
- Auth.ini file
...
ServerSetSelection=3
...
AuthMethods=CERT
...
AutoAuthenticate=yes
CertThumbprint=<as displayed in the Thumbprint attribute of the certificate properties>
...
- Client.ini file
...
AutoLogon=yes
...
Moreover, automatically launch the SSO Client Launchbar by means of Windows Startup folder, Registry or logon script.
Ensure that the certificate private key is not password protected to fully automate the logon.
Environment
Release: SOASA199000-12.1-SOA Security Manager-w/ SOA Agent Addl CPUs
Component:
Component:
Resolution
.
Feedback
Yes
No
Powered by
