To use a single sign-on to an external application such as the GuiXT Web Server, we must configure a secure store in SharePoint. This document will explain the process. To create a secure store in SharePoint, please do the following:
- Open the Server Management tools on your server as shown below. (Start > Administrative Tools > Server Manager).
- In the left pane, select the Roles > Web Server (IIS) > Internet Information Server node as shown below.
- The IIS Manager will open in the main window. In the Connections pane, expand the Sharepoint(SHAREPOINT/Admin) node and select the Sites > Sharepoint Central Administration Web Site node as shown below.
- In the Browse Web Site section of the Manage Web Site sidebar on the right, click on the Browse link. This will take you to the SharePoint administrative web site.
- In the left sidebar, select the Security link. Then click Configre managed accounts in the General Security section as shown in the following example.
- A new page will now display the accounts registered in SharePoint. Any accounts already registered will display as shown below. Click the Register Managed Account link to register a new account. Follow the on-screen instructions to register the account.
- Click the System Settings link in the left sidebar. A new window will display as shown below. Under the Servers section, click the Manage services on server link.
- A list of services will display as shown below. Find the Secure Store Service and verify that it is started.
- Once you have verified that the secure store service is started, click the Application Management link in the left sidebar. Then select the Manage Service Applications link from the Service Applications section as shown below.
- The application list will display as shown below. Click the New icon in the toolbar to add a service application. Note: Since the secure store service for Fuzion is already configured, so we do not need to make any changes here. However, we will provide the steps to set up a secure service for your reference.
To set up a new secure store, please do the following.
Warning: Do not change any data other than that specified below!!!
- Click New and select Secure Store Service from the ensuing dropdown list.
- Fill our the fields in the following screen:
- The service application name will be 'GuiXTFuzion' for our example.
- Create a new application pool and name it 'fuzion_ssl'. Once the pool is created, you can create any application service related to Fuzion for the existing fuzion_ssl pool.
- Choose a configurable security account and select the registered managed account maintained.
- Now we must create a target application for our secure store service. As shown in the following example, none has yet been created.
- Click the New button in the toolbar and fill our all fields in the screen shown below.
- Click Next and fill our all the fields in the next page. The filenames are the field IDs of the correseponding fields on the target application (Fuzion). Set the field type as 'User Name' and 'Password' as shown below.
- Click Next and input an acount that has full access to the targert appliucation. In this case, we will use the sharepoint administrator acount as shown below.
- CLick OK. On the next scren, select your target aplpication and click Generate Key. This will generate a key that will encrypt the SSO database where the user credentials are contained in SharePoint. You will need to enter a passphrase on the 'Generate Key' screen and then enter OK. The following screen will display. Select the target application and click the Set Credentials icon.
- The following screen will display. Enter sharepoint\administrator as the credential ownder. Enter the user name and password in the corresponding fields and then click OK.
- The SharePoint secure store is now configured.
