My webMethods Server 10.3 | My webMethods Server Webhelp | Administering My webMethods Server | System Administrator Functions | My webMethods Server Configuration | Configuring My webMethods Server Single Sign-On | Configuring Single Sign-On for Using a Third-Party Identity Provider | Property Setting for Single Sign-On Using a Third-Party IDP
 
Property Setting for Single Sign-On Using a Third-Party IDP
In the Software AG_directory \MWS\server\serverName\config\websso.properties file, provide the values required for single sign-on using a third-party IDP.
The following table lists the properties, required to configure single sign-on with a third-party identity provider in My webMethods Server:
Property
Description
SSO_KEYSTORE
The keystore used for SSO communication using SAML2.0.
My webMethods Server stores the keystores in Software AG_directory \MWS\server\serverName\config\security directory. The value of SSO_KEYSTORE can be an absolute path or a path relative to the config directory.
The default keystore, localhost.p12, is present in the config\security directory.
SSO_KEYSTORE_PASSWORD
The keystore password.
The keystore password can be in plain text or encrypted. For information about password encryption, see Generating an Encrypted Password.
SSO_KEYSTORE_TYPE
The keystore type.
It can be JKS or PKCS12.
SSO_SIGN_ALIAS
The alias name to be used for signing the SAML response.
SSO_SIGN_ALIAS_PASSWORD
The password for signing alias.
SSO_ENCRYPT_ALIAS
The alias name to be used for SAML response encryption.
SSO_ENCRYPT_ALIAS_PASSWORD
The password for alias encryption.
SSO_DEFAULT_ALIAS
The default alias name in case the signing alias (SSO_SIGN_ALIAS) and encryption alias (SSO_ENCRYPT_ALIAS) are same. If you specify a value for SSO_DEFAULT_ALIAS, then the password for default alias is assumed to be same as the keystore password.
If you specify signing alias and encryption alias, you need not specify the default alias. If you specify a value for SSO_DEFAULT_ALIAS, the values set for the following properties are ignored:
*SSO_SIGN_ALIAS
*SSO_SIGN_ALIAS_PASSWORD
*SSO_ENCRYPT_ALIAS
*SSO_ENCRYPT_ALIAS_PASSWORD
SSO_IDP_METADATA_URL
The URL of the Identity Provider's metadata file.
Example Property Settings in websso.properties File
SSO_KEYSTORE=config/security/localhost.p12
SSO_KEYSTORE_PASSWORD={AES}Y5IgMqjfvkgbg7p5VUZztw\=\=
SSO_KEYSTORE_TYPE=PKCS12
SSO_SIGN_ALIAS=localhost
SSO_SIGN_ALIAS_PASSWORD={AES}Y5IgMqjfvkgbg7p5VUZztw\=\=
SSO_ENCRYPT_ALIAS=localhost
SSO_ENCRYPT_ALIAS_PASSWORD={AES}Y5IgMqjfvkgbg7p5VUZztw\=\=
SSO_DEFAULT_ALIAS=localhost
SSO_IDP_METADATA_URL=
"http://example.org/metadata.xml"