The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
Search the VMware Knowledge Base (KB)
View by Article ID
Configuring SSO features for Socialcast On Premise (2035697)
Purpose
When setting up Single Sign On (SSO) integration with Socialcast On Premise, a number of options must be set or verified depending on the desired behavior and configuration.
This article provides the commands that are available to set the relevant options for a Socialcast On Premise cluster.
To update the Socialcast cluster with the password that was set for the OpenToken SP Adapter during the setup, run these commands:
sudo su - deployer
cd /var/www/scmc
LD_PRELOAD=/opt/sqlite-36/lib/libsqlite3.so /var/www/scmc/script/rails runner -e production 'SystemConfig.instance.update_attributes(:sso_password => "token_password")'
Where token_password is the appropriate password.
After running these commands, perform a configuration deployment via the Socialcast Management Console (SCMC).
Configuring SSO options
These options affect the SSO behavior and must be confirmed and set as required:
Option
Type
Description
logout_redirect_url
string
This is the URL you want to redirect users to after they successfully logout from Socialcast. This should be set to either an application dashboard for your IdP or the SP-defined SLO URL (/sp/startSLO.ping) if using the SP-initiated SLO feature.
By default, this is blank.
sso_provision_new_users
true|false
Indicates whether to enable the new user provisioning feature for SSO (lazy provisioning). If users successfully authorize via the IdP and the community does not have an account already provisioned, a basic profile is automatically created, allowing the user to activate their Socialcast profile instantly.
By default, this option is set to true.
sso_sp_login_enabled
true|false
This option determines whether users can authenticate by accessing the Socialcast community and being redirected to the IdP before being returned to Socialcast as an authorized users. Setting this to false displays an error message to users who attempt to access the application without having a current valid session, requiring them to access the IdP separately to gain access to the application.
By default, this option is set to true.
sso_ec_local_enabled
true|false
If you are using external contributor accounts in the community, this options provides the ability to retain local authentication for these accounts that cannot be authenticated via the IdP. When this option is enabled, all users are presented with an additional form entitled Look Up Account when attempting to log in, whereby the user enters their account's email address.
subdomain
string
This is the hostname/subdomain portion of the community URL.
By default, this option is set to acme.
To set these options in Socialcast, run these commands:
