The configuration file, authenticationDescriptor.properties, needs to be edited to match your particular network environment. Shown below is the default text of this file.

## This is a sample properties file for NTLM authentication. You can

tailor it to your specific

## situation to work with the NTLM authentication mechanism included

within TeamConnect. All

## un-commented properties in this file are required, though their

values can be changed.

# Identification properties for this authentication component

tc.displayName=NTLM based Single Sign On

tc.uniqueId=SNTLM

tc.isSSO=true

# Custom page mappings (omit any that do not apply)

#page.badCredentials=tryagain.html

#page.lockedAccount=giveup.html

#page.maximumLogins=sorry.html

#page.logout=goodbye.html

#page.sessionTimeout=missedyou.html

# NTLM configuation properties

#

# The NT domain against which clients should be authenticated.

ntlm.tcDomain=TCDOMAIN

ntlm.remoteUserHeader=

The value of ntlm.tcDomain can be a single domain name or it can be a list of domain names, delimited by semicolons. The domain portion of a user's login name (such as "terry@mycompany.com") is matched against this property value and, if a matching domain is not found, authentication fails.

If you expect to override the default error message pages, modify the "page mappings" section to supply your own HTML file names.

Property ntlm.remoteUserHeader must exist in the configuration file, but it does not always need to have a value associated with it. You may find that for WebLogic application servers, a value of Proxy-Remote-User works best and, for WebSphere application servers, a value of $WSRU works best.

Note that even if you do not use properties page.logout and page.sessionTimeout, TeamConnect will construct a logout page on the fly to use in these situations, to avoid redisplaying the login page, which would cause an automatic re-login with NTLM.