Configuring SPNEGO single sign-on for i2 Analyze
The following section describes how to configure i2 Analyze with Simple and Protected GSS-API Negotiation Mechanism (SPNEGO) single sign-on. The instructions detail how to configure SPNEGO single sign-on with an existing deployment of i2 Analyze.
In the production deployment process, you might first configure SPNEGO single sign-on in the configuration or pre-production environments. As you move to a production deployment, you must replicate any configuration changes in any new deployments.
This section is intended for readers who are familiar with configuring and managing domain controllers, Microsoft™ Active Directory, and have an understanding of SPNEGO single sign-on.
There are many different single sign-on technologies. This section defines a SPNEGO single sign-on setup with workstations that are members of the same Microsoft Active Directory domain. i2 Analyze uses the users and groups in Active Directory to determine the authorization of users.
- A Microsoft Windows® Server running an Active Directory Domain Controller and associated Kerberos Key Distribution Center (KDC).
- A Microsoft Windows® domain member (client) with a web browser that supports the SPNEGO authentication mechanism.
- A working deployment of i2 Analyze that can be accessed by users in Active Directory.
For information on the prerequisites that are required, see the Before you begin section of Configuring SPNEGO authentication in Liberty .