Configure Your Deployment for Single Sign-On Web Authentication

SAS 9.4 web applications can be configured to use single sign-on web authentication. For more information, see the steps in Web Authentication in SAS Intelligence Platform: Middle-Tier Administration Guide. After you complete those steps, an additional configuration is needed.
To configure SAS Decision Manager to use single sign-on web authentication:
  1. Edit the setenv file for your operating environment.
    Environment
    File
    Directory
    UNIX
    setenv.sh
    /SAS-configuration-directory/Levn/Web/WebAppServer/SASServer11_1/bin
    Windows
    setenv.bat
    \SAS-configuration-directory\Levn\Web\WebAppServer\SASServer11_1\bin
    Add the following option to the JVM_OPTS line: 
    -DMMSingleSignOn=on
  2. In Windows environments, edit the wrapper.conf file in the \SAS-configuration-directory\Levn\Web\WebAppServer\SASServer11_1\conf directory.
    Add the following line in the Java Additional Parameters section: 
    wrapper.java.additional.n=-DMMSingleSignOn=on
    The number n is the next number in the sequence of the wrapper parameters.
    Note: If you are configured to use single sign-on web authentication by Kerberos for Teradata or Hadoop, you must add options to be able to publish models from SAS Decision Manager. Other database management systems are not supported for single sign-on authentication at this time. Before continuing to the next step, see Configure Users Authenticated by Kerberos for Publishing Models.
  3. Restart SASServer11.
    Note: The option is needed only on SASServer11; it is not needed on SASServer7.
Copyright © SAS Institute Inc. All Rights Reserved.
Last updated: February 22, 2017