SSO Configuration
In the sso.conf file, under sso_Config, an applications section contains a section for configuration of each option corresponding to the Application Type field on the QuickLink Library page. The name of the config property under applications should match exactly with the Application Type display value from the QuickLink library page. The Application Type field is only displayed if the enabled property for the ssoForExternalApplication flag in the feature.conf file is true and External Application is selected in the Type field on the QuickLink Library. The values in the Application Type field depend on the enabled property (design flag) of each application in the sso.conf file. For example, the design flag for Pentaho in baseline has enabled set to false; therefore, the Pentaho option will not be available in the Application Type field.
The following application types are delivered for the applications property:
The Pentaho application configuration includes the following properties. The baseline delivered value for each property is listed below along with a description of the property.
|
Property |
Default Value |
Description |
|
enabled |
false |
This is design flag for the Pentaho Application Type. It should be enabled only if your site supports the Pentaho application. If the enabled property is true, then Pentaho is listed as a value for the Application Type field on the QuickLink Library. If the enabled property is false, then Pentaho is not listed as a value for the Application Type field on the QuickLink Library. |
|
base_url |
|
Provides the URL of the Pentaho application. For example: http://[servername]:[port]/[appname] |
|
header_method_type |
POST |
Indicates the Request Type (that is, GET or POST), which the Pentaho application request supports. |
|
logout_url |
|
N/A |
|
securityKey |
|
N/A |
|
className |
adv.ui.externalApp.Pentaho |
This should not be changed. |
The infoAdvantage application configuration includes the following properties. The baseline delivered value for each property is listed below along with a description of the property.
|
Property |
Default Value |
Description |
|
enabled |
false |
This is design flag for the infoAdvantage Application Type. It should be enabled only if your site supports the infoAdvantage application. If the enabled property is true, then infoAdvantage is listed as a value for the Application Type field on the QuickLink Library. If the enabled property is false, then infoAdvantage is not listed as a value for the Application Type field on the QuickLink Library. |
|
base_url |
|
Provide the URL of the infoAdvantage application. For example: http://[servername]:[port]/[appname] |
|
header_method_type |
POST |
Indicates the Request Type (that is, GET or POST), which the infoAdvantage application request supports. |
|
logout_url |
|
Provide the logout URL of the infoAdvantage application, which will be trigged whenever a user logs out of infoAdvantage. For example: http://[servername]:[port]/infoAdv/infoAdvRunReport.jsp?logoutFlag=true |
|
securityKey |
|
N/A |
|
className |
adv.ui.externalApp.InfoAdv |
This should not be changed. |
The Travel Certify application configuration includes the following properties. The baseline delivered value for each property is listed below along with a description of the property. Each parameter of the URL is listed as a separate property in the Travel Certify section of this configuration file. If there is any change in the URL, for example, any other additional parameter needs to be added or a value of any parameter needs to be changed, then the change needs made in the Travel Certify section of the sso.conf file.
|
Property |
Sub Property |
Default Value |
Description |
|
enabled |
|
false |
This is design flag for the Travel Certify Application Type. It should be enabled only if your site supports the Travel Certify application. If the enabled property is true, then Travel Certify is listed as a value for the Application Type field on the QuickLink Library. If the enabled property is false, then Travel Certify is not listed as a value for the Application Type field on the QuickLink Library. |
|
base_url |
|
|
Provides the URL of the Travel Certify application. |
|
header_method_type |
|
GET |
Indicates the Request Type (that is, GET or POST), which the Travel Certify application request supports. |
|
logout_url |
|
|
URL of the Travel Certify page that should be used as a value for the LOGOUTURL Parameter. |
|
securityKey |
|
|
The authentication key that is required to generate a token to access the Travel Certify application. This key should be provided by Travel Certify. |
|
className |
|
advantage.Travel.TravelCertify |
This should not be changed. |
|
additionalParameters |
|
|
This section contains any additional parameters, other than base_url and logout url, which are required to access the Third-Party application. Baseline parameters in this configuration file are set for Travel Certify based on the Travel Certify URL given as a sample URL above. All properties in the additional parameter section are appended with the base_url as a request parameter. Values for the parameters will remain the same as given for the property in this section, except < ACCESSID >, <LOGINID>, <EMPLOYEEID>, which will be replaced by the actual value based on the current logged in user. Any parameter that is not required, should be removed from the additional parameters section. |
|
|
COMPANYNAME |
|
Value for the COMPANYNAME parameter. |
|
|
USERLOGIN |
<EMPLOYEEID> |
Value of parameter USERLOGIN. Since the value of this parameter is not hardcoded but should be changed based on the logged in user. <EMPLOYEEID> is used, which will be replaced by the Employee ID of the logged in user. |
|
|
ACCESS |
<ACCESSID> |
<ACCESSID> is replaced by the token that is generated based on the security key provided in the securityKey parameter. |
|
|
SKIPLOGINMESSAGE |
TRUE |
Value of parameter –SKIPLOGINMESSAGE |
|
|
IntegratorID |
CGI |
Value of parameter – IntegratorID |
|
|
TARGET |
TRIP |
Value of parameter – TRIP |
|
|
DATASTRING1 |
<EMPLOYEEID> |
Value of parameter – DATASTRING1. <EMPLOYEEID> will be replaced by the Employee ID of the current logged in user. |
|
|
DATASTRING2 |
<LOGINID> |
Value of parameter – DATASTRING2. <LOGINID> will be replaced by the current user’s login ID. |
If your site utilizes the Cornerstone (CSOD) application, then the following properties must be updated.
|
Property |
Sub Property |
Default Value |
Description |
|
enabled |
|
false |
This is the design flag for the Cornerstone Application Type. It should be enabled only if your site supports the Cornerstone (CSOD) application. If the enabled property is true, then Cornerstone is listed as a value for the Application Type field on the QuickLink Library. If the enabled property is false, then Cornerstone is not listed as a value for the Application Type field on the QuickLink Library. |
|
base_url |
|
|
Provides the URL of the Cornerstone application. This URL opens in a new window. |
|
header_method_type |
|
POST |
Indicates the Request Type (that is, GET or POST), which the CSOD application request supports. This value should not be changed. |
|
className |
|
adv.ui.externalApp.Cornerstone |
Class that executes SAML token generation to log in to CSOD. This value should not be changed. |
|
applicationName |
|
|
Indicates the application name handling SSO. |
|
additionalParameters |
|
|
This section contains any additional parameters, other than base_url and logout url, which are required to access the Third-Party application. Baseline parameters in this configuration file are set for Cornerstone based on the Cornerstone URL. All properties in the additional parameter section are appended with the base_url as a request parameter. Values for the parameters will remain the same as given for the property in this section, except < ACCESSID >, <LOGINID>, <EMPLOYEEID>, which will be replaced by the actual value based on the current logged in user. Any parameter that is not required, should be removed from the additional parameters section. |
|
|
cornerstone_idp |
ADVANTAGECSODIDP |
The security realm used for the CSOD application. |
To set up a Quick Link to Advantage Assistant, the following properties must be set up in the sso.conf file:
|
Property |
Sub Property |
Default Value |
Description |
|
enabled |
|
false |
This is the design flag for adding Advantage Assistant to the Application Type field on the QuickLink Library. If the enabled property is true, then Assistant is listed as a value for the Application Type field on the QuickLink Library. If the enabled property is false, then Assistant is not listed as a value for the Application Type field on the QuickLink Library. |
|
base_url |
|
|
N/A |
|
header_method_type |
|
POST |
Indicates the Request Type (that is, GET or POST), which the Assistant application request supports. |
|
logout_url |
|
|
N/A |
|
securityKey |
|
|
N/A |
|
className |
|
adv.ui.externalApp.Assistant |
This value should not be changed. This class obtains the Assistant URL and tenant name from the server.conf file and encodes the tenantname using csf based authentication token. The token will be sent as part of the sso request. |
|
additionalParameters |
|
|
N/A |
