Administering : Authentication in Focal Point : Authenticating by using Web Single Sign-On : Effects of enabling Web Single Sign-On
  
Effects of enabling Web Single Sign-On
Before you enable Web Single Sign-On (SSO), make sure that you know how Focal Point is affected.The following features change when Web SSO is enabled. To access these features, users must be authenticated in Web SSO.
If the Web SSO HTTP headers are present and you have a Focal Point account, you are logged in to Focal Point while the login URL is requested.
If you do not have a Focal Point account, an error occurs.
If the Web Single Sign-On HTTP headers are not present, the Login page is displayed.
If you have a Focal Point account but your Authentication attribute is not set to Web Single Sign-On, the Login page is displayed. This situation occurs only if the Web SSO solution allows access without setting the Web SSO HTTP headers.
When Web SSO is enabled, the following changes occur to login and password settings:
The Focal Point password is not used for Web SSO users.
You cannot change passwords from the Preferences menu.
The following security settings are not applicable for Web SSO users:
Force Password Change
Password Minimum Length
Login Name Minimum Length
Password Maximum Age
Password Quality
Password Reuse
The login settings are not applicable for Web SSO users.
When a Web SSO user clicks Logout, the user is logged out and the license is released, but the user is not directed to the Login page.
The cookie handling settings on the Login Action page are ignored.
When a Web SSO user clicks Send Account Information, the user receives the login URL only.
Almost all requests to Focal Point check for specific HTTP headers before processing occurs. HTTP headers are ignored only when IBM Rational Directory Server is enabled and a Rational Directory Server Single Sign-On token is present in the URL or is available as a cookie. The Ping servlet is used for monitoring the application. The Synchronization servlet and Web Services API are used for integrating Focal Point with other tools. The Ping and Synchronization servlets and Web Services API are excluded from this check. Web SSO does not affect their functions.
You cannot set the RSS and Public Homepage options to Require Authentication. If you set those options to Enabled, the RSS feed and public home page do not require authentication. If the RSS and Public Homepage options are set to Require Authentication, that setting is disabled automatically when Web SSO is enabled.
Go up to
Authenticating by using Web Single Sign-On