Im so confuse if some stepd to configure single sign-on in IIS, is never has done this befor!! =(
I have followed the steps according to the doc TEC602366.
When I try to access the application URL a pop-up requesting credentials is displayed but, when i put them, the pdmweb.exe is downloaded to the browser and nothing is presented on the browser.
Can anyone help me to understand what im doing wrong?
I use some differents urls, like:
I believe that this erros are related to these urls or something related to it.
Just to make sure, have you also followed this document?
I think you may be missing step 15 for starters.
Many thanx for reply!!
I had not done this step 15 you oriented.
After making the change, restart IIS and access the url is not made more download pdmweb.exe, but the SDM home page appears asking for login and password to access. =(
OK, we're heading in the right direction at least
Is the ServiceDesk server joined to the same domain that the user accounts are a member of?
Does the user's domain logins match exactly with their ServiceDesk username?
The server is in the same domain the user accounts and the user´s domain logins match with sd username!
At least pdmweb.exe stopped being downloaded by the browser when access the url with port 80.
What is the authentication mode of your IIS server? Or the one of your default web site? Or the one of your CAisd site?
It needs to be set on Windows Authentication. Otherwise, user's credentials will not be passed to the web application.
Hi POssq, thanx for reply!
The authentication mode is the same for IIS, Default Web Site and thhe CAisd too:
I found intriguing that when access with port 80 and refresh it (with F5), the page displays a message that says that the page used information entered (message in brazilian portuguese) and this information will be lost if I continue.
When access with port 8080 and refresh it infinite times no message is displayed ...
Perhaps because, somehow, the credentials are being inserted or used in any way ... (?)
:8080 direct you to the tomcat server. (If you have the default configuration)
If you want SSO with Tomcat you'll need a third party library like Waffle.
The access type of the user trying to login must be set to : Authorize external authentication.
You can find this options on the detail form of an access type.
You should set Ca Embedded Entitlements Manager as the Validation type if EEM's installed. otherwise select : Always authorize.
Do not forget to check the boxe!
Should do the trick.
Yeah, the access type is configured to allow external authentication.
I dont have EEM on my environment, only SDM and BI!! =(
Validation type is set to Always authorize ?
If yes, anything in the ServiceDesk's logs?
pier-olivier.tremblay and Alex_Perretti,
Many, many, many thanx for the exceptional help!!!
Both the solution suggested by Alexander, the step 15 of TEC1584216 doc as the orientation to set the validation type to allways authorize (which was unchecked for testing and I forgot to check again) solved the problem.
My infinitely thanx guys!!!!!