Single sign-on (SSO) is a property of access control to multiple related, yet independent, software systems. With this property, a user logs in with a network credential to gain access to any of several- related systems.
In this post, we will understand how we can setup single sign-on in IBM HATS that provides a mechanism to automatically log on to the Host system.
Web Express Logon (WEL), a feature provided in HATS allows users to access host applications using their network security credentials. It provides a means for a HATS application to accept user network credential information, previously authenticated by a network security layer, and use it to generate host credentials instead of requiring a HATS user to navigate host logon screens. To map Network Credentials to the Host Credentials, HATS provides Credential Mapper plug-in. If these supplied plug-ins do not meet your needs, then you can create your own plug-in and integrate it into WEL. For more information about the HATS Web Express Logon, refer to this link.
There are few components in the HATS project, which must be configured to implement Web Express Logon. The configuration steps are:
1. Enable and Configure WEL.
2. Record a WEL Macro.
3. Configure HATS to invoke the WEL Macro.
Enable and Configure Web Express Logon
Complete the following steps to enable WEL in your HATS Web Application:
Network Security Plug-ins
Plug-in types available in HATS are:
Credential Mapper Plug-ins
Like security plug-ins, HATS provides few Credential Mappers that you can use for your WEL implementation. These plug-ins are:
Recording Web Express Logon Macro
A WEL macro is slightly different from any other regular HATS macro. You must enable use of WEL at the time of prompt for user ID and password, and to provide an application ID (in case of a 3270 connection).
6. Navigate to the Password input field.
7. Select Add Prompt Action icon. The Add Prompt Action window is displayed.
8. Select Use Web Express Logon with Prompt type of Password and enter Application ID in the Application ID field. Refer to Figure 4.
9. When you have completed the login process, click Stop Macro icon, and save the macro.
Configure HATS to invoke WEL Macro
Once the macro is created, you need to define methods to invoke it in your project. Below are few such methods to choose from:
There are certain things you need to consider before you plan for WEL; for example, your host type, the kind of host authentication needed like DCAS/RACF or JDBC, the security and credential mapper plug-ins, and so on. Once you understand these basic requirements, you can setup WEL to allow your users to automatically log into the host system without seeing the Login screen. Apart from increasing the productivity, it will also help you to reduce the support calls to reset forgotten password and user ids.
Single Sign-On: https://en.wikipedia.org/wiki/Single_sign-on
Creating WEL Custom plug-ins in HATS:
For further information on automation and services offerings, please write to: ZIO@hcl.com
Senior Technical Architect, Lab Services, IBM HACP & HATS