Using Single Sign-on (SSO) with CA Workload Control Center

Document ID : KB000010700
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

You can enable WCC to use Single Sign-on/NTLM. Depending on the version of WCC you are using, there are few things to take into consideration in order for the GUI to perform as expected. 

Background:

NOTES 

1. When entering your credentials, it does not matter if you include or omit the domain before the username (assuming that you are using one domain in EEM).

2. When you are accessing the WCC URL, you cannot include the Login.html or Launcher.html in the address. You must use one of the following formats:

    http://hostname:8080/wcc

    http://hostname:8080/wcc/ui

    https://hostname:8443/wcc

    https://hostname:8443/wcc/ui

3. After enabling NTLM, there will be a one-time login to the WCC GUI.

 

Environment:
CA Workload Control Center r11.4 SP2, r11.4 SP3, r11.4 SP4CA Embedded Entitlements Manager r12.51 CR03, r12.51 CR04
Instructions:

Scenario #1

WCC: r11.4 SP2 on Windows 2012 R2

EEM: r12.51 CR03 on Windows 2012 R2

 

+ After enabling NTLM, clear the browser cache.

+ The first time you access the GUI, you may get an 'Authentication Required' pop-up - click 'Cancel'.

+ Enter your credentials again on the Login page - then you will be routed to the Launcher page.

 

+ If you close the tab that the GUI was launched in and access the URL again, you will bypass the Login page and the Launcher page will load.

+ If you sign out of the application, close the tab that the GUI was launched in and access the URL again, you will be routed to the Login page.

+ If you sign out of the application and clicked on the 'Log in automatically using Windows credentials' link, the Launcher page will not load and you will remain on the Login page.

+ Once your credentials have been authenticated, do not sign out of the WCC GUI. 

 

Scenario #2

WCC: r11.4 SP3 on Windows 2012 R2

EEM: r12.51 CR04 on Windows 2012 R2

 

+ After enabling NTLM, clear the browser cache.

+ The first time you access the GUI, you may get an 'Authentication Required' pop-up - click 'Cancel'.

+ Enter your credentials again on the Login page - then you will be routed to the Launcher page.

 

+ If you close the tab that the GUI was launched in and access the URL again, you will bypass the Login page and the Launcher page will load.

+ If you sign out of the application, close the tab that the GUI was launched in and access the URL again, you will be routed to the Login page.

+ If you sign out of the application and clicked on the 'Log in automatically using Windows credentials' link, the Launcher page will not load and you will remain on the Login page.

+ Once your credentials have been authenticated, do not sign out of the WCC GUI. 

 

Scenario #3

WCC: r11.4 SP4 on Windows 2012 R2 

         r11.4 SP4 on RedHat 7 

EEM: r12.51 CR04 on Windows 2012 R2

 

+ After enabling NTLM, clear the browser cache.

+ The first time you access the GUI, you may get an 'Authentication Required' pop-up.

+ Enter your credentials in the pop-up - then you will be routed to the Launcher page.

 

+ If you close the tab that the GUI was launched in and access the URL again, you will bypass the Login page and the Launcher page will load.

+ If you sign out of the application, close the tab that the GUI was launched in and access the URL again, you will bypass the Login page and the Launcher page will load.

+ If you sign out of the application and clicked on the 'Log in automatically using Windows credentials' link, you will bypass the Login page and the Launcher page will load.

+ If you close the tab that the GUI was launched in, removed the URL from your browser history and access the URL again, you will bypass the Login page and the Launcher page will load.

Additional Information: