Configuring single sign-on in the web\WebUI\WebRoot\ folder
In %TRIDION_HOME\web\WebUI\WebRoot\web.config, perform a number of configuration tasks to make it work with single sign-on.
Procedure
- On the Content Manager server, open %TRIDION_HOME\web\WebUI\WebRoot\web.config for editing.
- Uncomment the following
<appSettings>key and specify thehostnameandportnumberof your Content Manager server to enable WCF to work properly:<add key="Tridion.WCF.RedirectTo" value="hostname:portnumber"/> - Place comment delimiters around the
<authorization>section:<!-- <authorization> <deny users="?"/> </authorization> --> - In the
system.serviceModel/bindings/webHttpBindingsection, find thebindingsection with itsnameattribute set toTridion.Web.UI.ContentManager.WebServices.WebHttpBindingConfigand set theclientCredentialTypeattribute of thetransportelement to the valueNonerather than the default valueWindows. - In the
system.serviceModel/behaviors/serviceBehaviorssection, find thebehaviorsection with itsnameattribute set toTridion.Web.UI.ContentManager.WebServices.DeveloperBehavior. In this section, find a commented-out section namedserviceAuthorizationand remove the comment delimiters:<serviceAuthorization principalPermissionMode="Custom"> <authorizationPolicies> <add policyType="Tridion.Web.ServiceModel.HttpIdentityPolicy, Tridion.Web.ServiceModel"/> <add policyType="Tridion.Web.ServiceModel.HttpPrincipalPolicy, Tridion.Web.ServiceModel"/> </authorizationPolicies> </serviceAuthorization> - Save and close Web.config.