Configuring Microsoft IIS for single sign-on from Helix ALM web clients

Helix ALM applications support single sign-on for Active Directory users, which lets users use their network credentials to log in instead of entering a separate username and password.

To use single sign-on in Helix ALM Web and the license server web admin utility, the clients must be hosted by a Microsoft Internet Information Services (IIS) web server with Windows integrated authentication enabled.

Keep the following in mind:

  • The Helix ALM Web and license server web admin utility components must be configured on the web server before you can enable single sign-on for them. See the Helix ALM installation help for information.
  • On Mac and Linux, users are prompted to enter a username and password the first time they log in to the web client. If users save the credentials, they can use single sign-on the next time they log in.

IIS 7 and later

Enabling Windows authentication

1. Choose Start > Control Panel > Programs and Features.

2. Click Turn Windows features on or off in the Tasks pane.

3. Expand the Internet Information Services, World Wide Web Services, and Security nodes.

4. Select Windows Authentication.

5. Click OK to save the changes.

Enabling authentication for web clients

1. Open IIS Manager.

2. In the Connections pane, expand the server computer and Sites nodes.

3. Expand the Default Web Site.

4. Select the Scripts folder.

5. Double-click Authentication.

6. Select Anonymous Authentication and then click Disable in the Actions pane.

7. Select Windows Authentication and then click Enable in the Actions pane.

8. To use single sign-on for Helix ALM Web, select the ttweb folder and repeat steps 5 -7.

9. To use single sign-on for the license server web admin utility, select the lsweb folder and repeat steps 5 -7.

10. Restart IIS.

IIS 6

1. Open IIS Manager.

2. Expand the server computer and Web Sites nodes.

3. Right-click Default Web Site and choose Properties. The Properties dialog box opens.

Note:  Helix ALM and license server web components are installed in the default web site by default. If the ttweb or lsweb folder is added to a different web site, right-click it instead of Default Web Site.

4. Click the Directory Security tab.

5. Clear the Anonymous access option.

6. Select Integrated Windows authentication.

7. Click OK to close the Properties dialog box.

8. Click OK to save the changes.

9. Restart IIS.