ActiveTransfer Server 10.11 | webMethods ActiveTransfer Documentation | Administering ActiveTransfer Server | Configuring webMethods ActiveTransfer | Configuring Single Sign-On in the Configuration File
 
Configuring Single Sign-On in the Configuration File
*To enable SSO for ActiveTransfer Web Client in properties.cnf configuration file
1. Enable the system property, mft.server.https.auth.saml to true in the Integration Server_directory \instances\ instance_name \packages\WmMFT\config\properties.cnf file.
2. Enable the Single Sign-On checkbox in the Server Management page for the port.
3. Create a WebSSO configuration file in the Integration Server\instances\default\packages\WmMFT\config\sso
Note:
You can also provide the configuration filename that represents the port number. For example, websso_2343.properties.
The WebSSO configuration file requires the below key value pairs:
Key
Key value
SSO_KEYSTORE
C:/softwares/keycloak/keys/keycloak.jks
SSO_SP_MAPPED_PORT
2343
SSO_SP_ENDPOINT_URL
https://localhost:2343
SSO_IDP_METADATA_URL
https://localhost:8443/auth/realms/
TestSAML/protocol/saml/descriptor/
Or
file:///C:/SoftwareAG_105/IDPMetadata.xml
SSO_KEYSTORE_PASSWORD
password in plain text
SSO_KEYSTORE_TYPE
JKS
SSO_SIGN_ALIAS
keycloakssl
SSO_SIGN_ALIAS_PASSWORD
password in plain text
SSO_ENCRYPT_ALIAS
keycloakssl
SSO_ENCRYPT_ALIAS_PASSWORD
password in plain text
SSO_DEFAULT_ALIAS
keycloakssl
Important: 
*If you want to configure Single Sign-On for IDP initiated login, then add the property, SSO_IDP_INITIATED_REDIRECT_URI for the file (websso_2343.properties.) with the IDP initiated URL. For example, SSO_IDP_INITIATED_REDIRECT_URI= https://idp.machine/adfs/ls/idpinitiatedsignon.aspx.
*When you configure WebSSO property file, the system generates the SPMetadata.xml file and downloads the IDPMetadata.xml file in the sso and gen directories. However, if you cannot download the IDPMetadata.xml file from the IDP server or file path, then copy the content of the hosted IDPMetadata XML to the generated IDPMetadata.xml file.
*You can restart the server or trigger wm.mft.sso:initializeSSO from Designer or Package Management from Integration Server Administrator console to regenerate the property file.
*The SP metadata file needs to be used by the IDP Provider to add the Service Provider.
*You can map multiple values of SSO in your system by creating multiple sso configuration files.