Added support to set up Single Sign-On on Linux and Windows - trillium_quality - trillium_discovery

Added support to set up Single Sign-On on Linux and Windows - trillium_quality - trillium_discovery - Latest

Trillium DQ Release Notes

Product type

Software

Portfolio

Verify

Product family

Trillium

Product

Trillium > Trillium Quality

Trillium > Trillium Discovery

Version

Latest

ft:locale

en-US

Product name

Trillium Quality and Discovery

ft:title

Trillium DQ Release Notes

2024

First publish date

2008

ft:lastEdition

2024-12-03

ft:lastPublication

2024-12-03T05:06:42.391000

Set up Single Sign-on (SSO) to effortlessly log into Administration Center and Discovery Center. The SSO option should only be available if you are using Windows Authentication and LDAPS method on Windows platform or LDAP and LDAPS Authentication method on Linux platform. You are prompted to choose SSO option during Repository Server installation.

Note: For SSO support on Windows using LDAPS authentication, follow the steps listed below.

Enabling SSO allows you to log in using your Windows credentials.

Restriction: For the v17.3 release:

SSO support is only available in the Administration Center and Discovery Center applications. Support for SSO in the Repository Manager and Control Center will be added in a later release.
The Trillium Discovery for Collibra solution is not supported with SSO enabled.

SSO support on Windows using LDAPS authentication

For Trillium 17.3.0, the Windows installer does not support Single Sign-On (SSO) with an LDAPS (Secure LDAP) Repository Security setup.

To support SSO with LDAPS:

Install the Trillium Repository Server with the LDAPS Repository Security setup.

Run the -updateoidcsettings command as detailed in the Trillium DQ Installation Guide under "Setting up Single Sign-On" section. On Windows, use the following command to update the SSO settings in the registry.txt file:

cd "C:\Program Files\Trillium Software\MBSW\17\bin"

./mtb_admin -user <boot-user> -password <boot-userpassword> 
-updateoidcsettings "SSO_ENABLED 1 
OIDC_DISCOVERY_ENDPOINT <hostname>:<port>/realms/ldap-sample/.well-known/openid-configuration 
OIDC_CLIENT_ID <discovery-sample-client> OIDC_CLIENT_SECRET <client-secret> 
OIDC_CALLBACK_URL <hostname>:<port>/auth/callback"

Update etc/config.txt with the CA certificate. Follow the Linux approach as instructed in "Update LDAPS settings in config.txt file" in the "Installation Steps on Linux" section from Trillium DQ Installation Guide. For example:
```
key system {     
    key authority-config {         
        value cafile {C:\Program Files\Trillium Software\MBSW\17\etc\ldaps.cer}     
    } 
}
```