Tivoli® Access Manager integration prerequisites
The following prerequisites must be met to integrate IBM® EMM with IBM® Tivoli® Access Manager.
*
The Tivoli® Access Manager WebSEAL junction must be configured to pass the user name (Short, not Full DN) as the HTTP variable in the URL request to the IBM® EMM application, and the IBM® EMM Web access control header variable property must be set to the name of this user name variable (by default, iv-user).
*
The Tivoli® Access Manager policy server must be configured to use LDAP as its repository for storing group members and user attributes.
*
The IBM® EMM application URLs defined by a WebSEAL junction and the Java application server hosting the IBM® EMM application must refer to the same path.
*
All users who need to access IBM® EMM applications must belong to a group added to an Access Control List (ACL) with appropriate permissions. A WebSEAL junction that points to an application server where Marketing Platform is deployed must be attached to this ACL.
*
When users log out of an IBM® EMM application, they are not automatically logged out of Tivoli® Access Manager. They must close their browser after they log out of an IBM® EMM application to log out of Tivoli® Access Manager.
Enabling the IBM® EMM Scheduler
If you plan to use the IBM® EMM Scheduler, you must configure an Access Control List (ACL) policy in Tivoli® as follows.
1.
Use Web Portal Manager to log in to the domain as a domain administrator.
2.
Click ACL > Create ACL, complete the Name and Description fields, and click Apply.
3.
Click ACL > List ACL, and from the Manage ACLs page, click the link for your ACL policy.
4.
From the ACL Properties page, click Create, and create two entries for your ACL, as follows.
*
For the first entry, set the entry type to unauthenticated and grant Trx - Traverse, read, and execute permissions.
*
For the second entry, set the entry type to Any-other and grant Trx - Traverse, read and execute permissions.
5.
On the ACL Properties page of the ACL, on the Attach tab, attach an un-protected object. Use the complete scheduler servlet path in Tivoli®, starting from WebSEAL. The Marketing Platform context root is typically unica.
WebSEAL junction/Marketing Platform context root/servlet/SchedulerAPIServlet.
Enabling the IBM® EMM Data Filter
If you plan to use the IBM® EMM Data Filter, you must configure an Access Control List (ACL) policy in Tivoli® as follows.
1.
Use Web Portal Manager to log in to the domain as a domain administrator.
2.
Click ACL > Create ACL, complete the Name and Description fields, and click Apply.
3.
Click ACL > List ACL, and from the Manage ACLs page, click the link for your ACL policy.
4.
From the ACL Properties page, click Create, and create two entries for your ACL, as follows.
*
For the first entry, set the entry type to unauthenticated and grant Trx - Traverse, read, and execute permissions.
*
For the second entry, set the entry type to Any-other and grant Trx - Traverse, read and execute permissions.
5.
On the ACL Properties page of the ACL, on the Attach tab, attach an un-protected object. Use the complete data filter servlet path in Tivoli®, starting from WebSEAL. The Marketing Platform context root is typically unica.
WebSEAL junction/Marketing Platform context root/servlet/DataFiltering.
Configuring settings for IBM® Campaign
If you plan to schedule IBM® Campaign, you must configure an Access Control List (ACL) policy in Tivoli® as follows.
1.
Use Web Portal Manager to log in to the domain as a domain administrator.
2.
Click ACL > Create ACL, complete the Name and Description fields, and click Apply.
3.
Click ACL > List ACL, and from the Manage ACLs page, click the link for your ACL policy.
4.
From the ACL Properties page, click Create, and create two entries for your ACL, as follows.
*
For the first entry, set the entry type to unauthenticated and grant Trx - Traverse, read, and execute permissions.
*
For the second entry, set the entry type to Any-other and grant Trx - Traverse, read, and execute permissions.
5.
On the ACL Properties page of the ACL, on the Attach tab, attach the following as un-protected objects. Use the complete path in Tivoli®, starting from WebSEAL. The Campaign context root is typically Campaign.
*
WebSEAL junction/Campaign context root/services/CampaignServices30Service
*
WebSEAL junction/Campaign context root/FlowchartNotifyScheduler
Configuring settings for IBM® Contact Optimization
If you plan to schedule IBM® Contact Optimization sessions, you must configure an Access Control List (ACL) policy in Tivoli® as follows.
1.
Use Web Portal Manager to log in to the domain as a domain administrator.
2.
Click ACL > Create ACL, complete the Name and Description fields, and click Apply.
3.
Click ACL > List ACL, and from the Manage ACLs page, click the link for your ACL policy.
4.
From the ACL Properties page, click Create, and create two entries for your ACL, as follows.
*
For the first entry, set the entry type to unauthenticated and grant Trx - Traverse, read, and execute permissions.
*
For the second entry, set the entry type to Any-other and grant Trx - Traverse, read, and execute permissions.
5.
On the ACL Properties page of the ACL, on the Attach tab, attach the following as un-protected objects. Use the complete path in Tivoli®, starting from WebSEAL. The context root is typically Campaign/optimize.
*
WebSEAL junction/context root/ext_runOptimizeSession.do
*
WebSEAL junction/context root/ext_optimizeSessionProgress.do
*
WebSEAL junction/context root/ext_doLogout.do
Configuring settings for IBM® Marketing Operations
If you plan to schedule IBM® Marketing Operations, you must configure an Access Control List (ACL) policy in Tivoli® as follows.
1.
Use Web Portal Manager to log in to the domain as a domain administrator.
2.
Click ACL > Create ACL, complete the Name and Description fields, and click Apply.
3.
Click ACL > List ACL, and from the Manage ACLs page, click the link for your ACL policy.
4.
From the ACL Properties page, click Create, and create two entries for your ACL, as follows.
*
For the first entry, set the entry type to unauthenticated and grant Trx - Traverse, read, and execute permissions.
*
For the second entry, set the entry type to Any-other and grant Trx - Traverse, read, and execute permissions.
5.
On the ACL Properties page of the ACL, on the Attach tab, attach the following as un-protected objects. Use the complete path in Tivoli®, starting from WebSEAL. The Marketing Operations context root is typically plan, and Marketing Platform context root is typically unica.
*
WebSEAL junction/Marketing Operations context root/errorPage.jsp
*
WebSEAL junction/Marketing Operations context root/alertsService
*
WebSEAL junction/Marketing Operations context root/services/collabService
*
WebSEAL junction/Marketing Operations context root/services/PlanIntegrationServices/1.0
*
WebSEAL junction/Marketing Operations context root/affiniumplan.jsp
*
WebSEAL junction/Marketing Operations context root/invalid_user.jsp
*
WebSEAL junction/Marketing Operations context root/js/js_messages.jsp
*
WebSEAL junction/Marketing Operations context root/js/format_symbols.jsp
*
WebSEAL junction/Marketing Platform context root/servlet/AJAXProxy
Configuring settings for IBM® Distributed Marketing
If you plan to schedule IBM® Distributed Marketing, you must configure an Access Control List (ACL) policy in Tivoli® as follows.
1.
Use Web Portal Manager to log in to the domain as a domain administrator.
2.
Click ACL > Create ACL, complete the Name and Description fields, and click Apply.
3.
Click ACL > List ACL, and from the Manage ACLs page, click the link for your ACL policy.
4.
From the ACL Properties page, click Create, and create two entries for your ACL, as follows.
*
For the first entry, set the entry type to unauthenticated and grant Trx - Traverse, read, and execute permissions.
*
For the second entry, set the entry type to Any-other and grant Trx - Traverse, read, and execute permissions.
5.
On the ACL Properties page of the ACL, on the Attach tab, attach the following as un-protected objects. Use the complete path in Tivoli®, starting from WebSEAL. The Distributed Marketing context root is typically collaborate.
*
WebSEAL junction/Distributed Marketing context root/affiniumcollaborate.jsp
*
WebSEAL junction/Distributed Marketing context root/services/CollaborateIntegrationServices1.0
*
WebSEAL junction/Distributed Marketing context root/flowchartRunNotifyServlet
*
WebSEAL junction/Distributed Marketing context root/js/js_messages.jsp
*
WebSEAL junction/Distributed Marketing context root/js/format_symbols.jsp
*
WebSEAL junction/Distributed Marketing context root/alertsService
Configuring settings for IBM® Interact
If you plan to us Interact, you must configure an Access Control List (ACL) policy in Tivoli® as follows.
1.
Use Web Portal Manager to log in to the domain as a domain administrator.
2.
Click ACL > Create ACL, complete the Name and Description fields, and click Apply.
3.
Click ACL > List ACL, and from the Manage ACLs page, click the link for your ACL policy.
4.
From the ACL Properties page, click Create, and create two entries for your ACL, as follows.
*
For the first entry, set the entry type to unauthenticated and grant Trx - Traverse, read, and execute permissions.
*
For the second entry, set the entry type to Any-other and grant Trx - Traverse, read, and execute permissions.
5.
On the ACL Properties page of the ACL, on the Attach tab, attach the following as un-protected objects. Use the complete path in Tivoli®, starting from WebSEAL. The Interact context root is typically Campaign/interact and the Campaign context root is typically Campaign.
*
WebSEAL junction/Interact context root/flowchartEventPatterns.udo
*
WebSEAL junction/Interact context root/saveFlowchartAction.udo
*
WebSEAL junction/Interact context root/testRunFlowchart.udo
*
WebSEAL junction/Interact context root/getProfileDataAction.udo
*
WebSEAL junction/Interact context root/manageIPB.udo
*
WebSEAL junction/Campaign context root/initOfferListResolution.udo
*
WebSEAL junction/Campaign context root/getOfferListResolutionStatus.udo
Configuring settings for IBM® SPSS® Modeler Advantage Marketing Edition
If you plan to us IBM® SPSS® Modeler Advantage Marketing Edition, you must configure an Access Control List (ACL) policy in Tivoli® as follows.
1.
Use Web Portal Manager to log in to the domain as a domain administrator.
2.
Click ACL > Create ACL, complete the Name and Description fields, and click Apply.
3.
Click ACL > List ACL, and from the Manage ACLs page, click the link for your ACL policy.
4.
From the ACL Properties page, click Create, and create two entries for your ACL, as follows.
*
For the first entry, set the entry type to unauthenticated and grant Trx - Traverse, read, and execute permissions.
*
For the second entry, set the entry type to Any-other and grant Trx - Traverse, read, and execute permissions.
5.
On the ACL Properties page of the ACL, on the Attach tab, attach the following as an un-protected object. Use the complete path in Tivoli®, starting from WebSEAL. The Marketing Platform context root is typically unica.
WebSEAL junction/Marketing Platform context root/rest/spssUser
Copyright IBM Corporation 2012. All Rights Reserved.