Administration Manual

10. Export the SSO Shared Secret:

a. In the HP EAs-D SSO database window, click Export the Shared Secret.

b. Select a location to save the secret in an XML file, and then click Save.

You will use the XML file as a reference when performing the IAP configuration for SSO (see step

2in“Configuring SSO on the IAP” on page 102.

IMPORTANT:

The XML ﬁle is not encrypted. It should not be left exposed, where unauthorized

users might be able to ﬁnd and read it.

11. In the HP EAs-D SSO database window, click Conﬁgu re SSO Token Agent .

The SSO Agent Configuration box appears.

a. In the Address Books box, enter the filenames of all Domino Directories on the server that

contain Person documents for users participating in EAs Domino SSO.

The filenames should be separated by commas.

b. In IAP Login,selectthetypeoflogintobeusedtoaccesstheIAP.

c. If you select Internet Address as the IAP Login type, be sure to complete the steps in the

following sections:

•

“ModifyingtheSearchTheIAPArchiveagent” on page 102

•

“Modifying the UID”onpage103

d. Click OK.

Note:Thenotes.ini variable HPRIM_SSO_APPEND_NOTESDOMAIN used in previous versions

of EAs Domino is o bsolete. That functionality now corresponds to the second choice in IAP Login:

shortname@domain.

12. Return to the Designer client and open HP EAs-D SSO.

13. In the Shared Code pane, click Agents and then double-click the Generate User Tokens agent.

The Agent properties dialog box appears.

Configuring IAP single sign-on