Axton, Others, Our solution is a little LDAP based, but in the AREA plugin. For the Midtier, SSO is delegated to the actual SSO system (SiteMinder, ClearTrust, NTLM, etc.), and as a fallback we take a user/password and authenticate it against an LDAP. However, we do recognise that some people will want to use SiteMinder with MT and no LDAP so the LDAP fallback is about to become optional.
We currently do not supply a WUT SSO plugin however there are plans to do so. BMC Support should not be suggesting a hard coded password is used in the DLL because that DLL will need to exist on every client machine, and that means the hard coded password will also be present! Five minutes with a hex editor and users will be able to login as any other user - bad news, I'm sure you'll all agree. To widen the discussion a little; it's entirely incorrect to say Remedy comes with SSO functionality, because it only comes with an interface. Indeed, the interface has existed since 5.1.2 (when AREA was introduced, but correct me if I'm wrong). The SSO interface to the WUT was added later (7.0 I believe). In reference to the whitepaper, I'm of the view that this is of little value to users who do not have a background in C, Java and security. I'm glad everyone is enjoying our diagrams! John Java System Solutions : http://www.javasystemsolutions.com _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"
