Cancel
Showing results for 
Search instead for 
Did you mean: 

SSO on Teamcenter 11.3

Solution Partner Legend Solution Partner Legend
Solution Partner Legend

Has anyone successfully configured SSO on Tc11.3 ?

 

I have recently upgraded from 11.2 to 11.3, after which I got error "Possible security vulnerability: Connection to <LDAP server> is not TLS/LDAPS".

 

After taking advice from GTAC, I configured SSL on LDAP server, but still I get the same error.

 

Can anyone guide me here ?

5 REPLIES

Re: SSO on Teamcenter 11.3

Hi Amol,

 

How you resolve your issue?

I am facing same issue when using the LDAP for Authentication.

 

2018-07-09 17:07:07,554 ERROR [stderr] (default task-2) ScriptEngineManager providers.next(): javax.script.ScriptEngineFactory: Provider com.sun.script.javascript.RhinoScriptEngineFactory not found
2018-07-09 17:07:07,639 INFO [stdout] (default task-2) WARN - 2018/07/09-11:37:07.639 UTC - [120] FrontController:init(-1): TcSS Login Service Version 11.5.0.2018041000
2018-07-09 17:07:07,681 INFO [stdout] (default task-2) WARN - 2018/07/09-11:37:07.681 UTC - [120] SSOLoginManager:initDDParams(-1): Possible security vulnerability: Configured TcSS Identity Service URL does not specify SSL
2018-07-09 17:07:07,687 INFO [io.undertow.servlet] (default task-2) Done initializing servlet environment.
2018-07-09 17:07:16,434 INFO [stdout] (default task-5) WARN - 2018/07/09-11:37:16.433 UTC - [125] ConnectionPool:getConn(-1): Possible security vulnerability: Connection to <LDAP Server> is not TLS/LDAPS
2018-07-09 17:10:53,292 INFO [stdout] (default task-7) WARN - 2018/07/09-11:40:53.292 UTC - [144] ConnectionPool:getConn(-1): Possible security vulnerability: Connection to <LDAP Server> is not TLS/LDAPS

Re: SSO on Teamcenter 11.3

Solution Partner Phenom Solution Partner Phenom
Solution Partner Phenom
One word, Kerberos.

Randy Ellsworth, Teamcenter Architect, Applied CAx, LLC
NX 11 | SW 2016 | Creo 4 | TcUA 11.4
Evaluating: AW 3.4

Re: SSO on Teamcenter 11.3

yeah @RandyEllsworth I have already started configuring Kerberos but Teamcenter Helps are not elaborative about the steps

they simply said "configure IIS & reverse proxy server" for Kerberos, but I am not getting what does it mean?

because configuring IIS should have given the features which need to be selected also details should be given for reverse proxy.

 

let me know if someone has documentation for this, I am also in contact with GTAC, let's see!

Re: SSO on Teamcenter 11.3

Hello Team,

 

I have two Queries,

1. while configuring the Kerberos, Siemens Documentation says that

 

Kerbores1.PNG

 

But this path is not available in %TC_ROOT%.

 

2. While checking certified version in Hardware & Software Certification Matrix, i am not able to see 11.5 for Security services?

 

Kerberos2.PNG

 

Re: SSO on Teamcenter 11.3

Solution Partner Phenom Solution Partner Phenom
Solution Partner Phenom
Obviously the GTAC document is old as TC_ROOT\install\install\jre directory has not been available since Siemens no longer delivers Java with their products (since Oracle took it over). You will need to copy the JCE stuff to your java runtime location (likely in %ProgramFiles%\Java\jre…).

You'll need to talk to GTAC about their certification matrix which always seems to lag behind the current versions.

Randy Ellsworth, Teamcenter Architect, Applied CAx, LLC
NX 11 | SW 2016 | Creo 4 | TcUA 11.4
Evaluating: AW 3.4