Chat now with support
Chat with Support

Single Sign-On for Java 3.3.2 - Administration Guide

About this guide Introducing Single Sign-on for Java Preparing for Single Sign-on for Java Deploying Single Sign-on for Java
Getting started with Single Sign-on for Java Single Sign-on for Java and your web applications Setting up logging Controlling access to resources
Security Issues Maintenance and Troubleshooting Appendix: Configuration Parameters Appendix: Using the JKTools

New users and groups

Adding a new user or group to Active Directory should not impact upon the performance of Single Sign-on for Java, as long as existing policy settings remain unchanged. Once a new user or group has been added to Active Directory, that user may be authenticated by Single Sign-on for Java through the existing mechanisms.

Account settings

Single Sign-on for Java may cache information about user / group accounts for efficiency. For example, the groups that a user belongs to may be cached once that data has been obtained, and the authorization policy may be determined, based on this (cached) data.

If the group membership details of that user are updated dynamically, this may not be reflected in Single Sign-on for Java's cache, and subsequent authorization determinations may produce incorrect results.

Network topology changes

Single Sign-on for Java performs dynamic lookups when resolving services to hosts (such as finding the key distribution center for a realm, or domain controller for a domain). Modifying the underlying network topology should therefore not present a problem for Single Sign-on for Java, although it should be noted that a lag between the time the topology has been modified and the time that dynamic lookups reflect this new topology may cause some connection timeouts.


This section provides solutions to some common problems which may be experienced when configuring and deploying applications using Single Sign-on for Java.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating