General Settings → Authentication
In the Authentication tab, you configure SBM authentication settings. You configure authentication settings in utility mode after your database has been initialized.
If your installation uses multiple Web servers with different authentication settings for each server, select the Override authentication settings for this server check box and configure the authentication settings for the local server. Clear the check box if all servers will use the same authentication settings.
To begin configuring SBM authentication, select the authentication source that SBM will validate credentials against.
Uses SBM login IDs and internal SBM passwords to authenticate users.
Validates users against LDAP using SBM Application Engine.
Validates users against LDAP using SBM Application Engine first, and then against the internal SBM database if the user is not found in LDAP.
Validates users against LDAP using SSO.
Validates users against LDAP using SSO first, and then against the internal SBM database if the user is not found in LDAP.
Uses the Windows security system for authentication. User login IDs and passwords are authenticated against your Windows domain.
Uses an external identity provider to validate user credentials and control access to SBM.
Depending on the option that you select, refer to the following for more information:
After you select an authentication source, select the method SBM will use to manage user sessions. The options differ depending on the authentication source that you select.
SSO enables users to provide their login credentials once, receive a security token in return, and then use this token again to access other SSO-enabled tools without logging in again. Because SSO offers a single point of access to SBM, which enhances the end-user experience, consider selecting this option to manage SBM user sessions.
Optimizes the performance of log in and log out features and is recommended for browsers that support cookies. If you select this check box, a Web page with a logon form is presented to users when they access the system.
Gathers the user's login ID and password in a pop-up dialog box and uses the browser's built-in authentication rather than cookies. This is the least secure option that is offered by SBM.
Manages user authentication using IIS against a Windows domain. This option only applies to Windows Domain (NTCR) authentication.
Manages user authentication using SSO against a Windows domain. This option only applies to Windows Domain (NTCR) authentication.
Select this option if users will be validate against an external identity provider.
Depending on the authentication source and session management options that you select, you can optionally designate a User session time-out period.
This setting forces users to re-authenticate if they have not actively used the system for a specified number of minutes. Enter a positive integer to have SBM automatically log out users who are inactive for the specified number of minutes. This feature is only available when user sessions are managed using Single Sign-On (SSO) or SBM session cookies. This setting is not available with Windows Domain (NTCR) authentication.
When this setting is enabled, the Web client polls the server once a minute to determine if the configured timeout has been exceeded. If no activity has occurred in the browser and the configured timeout has been exceeded, the client disconnects the session and returns a message that indicates that the session has timed out. If the timeout is exceeded and the user attempts to make a change in the browser before the next polling period after the timeout period has lapsed, then the session is immediately disconnected and the user is prompted to log in again.
If the connection to the server is lost or the server cannot be reached, the existing session is automatically disconnected after the first unsuccessful poll between the client and the server. Note that any data that is entered in a transition form that is not completed when the session timeout occurs is lost and will need to be re-entered in the transition form again when the user logs back in.
Copyright © 2007–2016 Serena Software, Inc. All rights reserved.