Appendix D Single Sign-On
Configuring Enterprise eTIME to enable single sign-on
To configure Enterprise eTIME to enable single sign-on by using Computer
Associates’ eTrust ® SiteMinder ® :
1. Log on as SuperUser.
2. In the Setup workspace, select System Configuration > System Settings >
Security.
3. On the Security tab, do the following: a. Set site.security.singlesignon to true b. Set site.security.singlesignon.module to com.kronos.auth.SSOSiteMinderSubject
c. Set site.security.singlesignon.module.properties to
Enterprise eTIME.rootdir/1/properties/
SSOSiteMinder.properties
4. In SSOSiteMinder.properties, do the following: a. Set sso.log.file to Enterprise
eTIME.rootdir\1\logs\SSOSiteMinder.log
b. Set sso.log.level to DEBUG.
c. Set sso.principal.key to what identifies the users credentials. The default is SMUSER.
5. In WFC.properties, set com.kronos.wfc.wfp.security.logoffurl to
/1/html/kronos-sso-restart.jsp
6. Verify that the ISAPI SiteMinder Agent Filter precedes the ISAPI JBoss
Filter. You can verify this using the Microsoft Management Console.
7. Configure SiteMinder to work with Enterprise eTIME.
332 ADP, Inc.