In the Authentication tab, you configure SBM authentication settings. You configure authentication settings in utility mode after your database has been initialized.

Important: For new installations, the Authentication settings are not saved in the Application Engine database until after you run the Create Database Wizard in SBM System Administrator. After you run the wizard and successfully create the database, use SBM Configurator to configure your Authentication settings.

If your installation uses multiple Web servers with different authentication settings for each server, select the Override authentication settings for this server check box and configure the authentication settings for the local server. Clear the check box if all servers will use the same authentication settings.

Authentication Sources

To begin configuring SBM authentication, select the authentication source that SBM will validate credentials against.

Depending on the option that you select, refer to the following for more information:

Session Management

After you select an authentication source, select the method SBM will use to manage user sessions. The options differ depending on the authentication source that you select.

User Session Time-Out

Depending on the authentication source and session management options that you select, you can optionally designate a User session time-out period.

This setting forces users to re-authenticate if they have not actively used the system for a specified number of minutes. Enter a positive integer to have SBM automatically log out users who are inactive for the specified number of minutes. This feature is only available when user sessions are managed using Single Sign-On (SSO) or SBM session cookies. This setting is not available with Windows Domain (NTCR) authentication.

Note: The User session time-out setting is unrelated to licensing. Rather, you use the User session time-out setting to enhance the security of your system. This setting prevents data from inadvertently being exposed in end-user interfaces for an indefinite period of time.

When this setting is enabled, the Web client polls the server once a minute to determine if the configured timeout has been exceeded. If no activity has occurred in the browser and the configured timeout has been exceeded, the client disconnects the session and returns a message that indicates that the session has timed out. If the timeout is exceeded and the user attempts to make a change in the browser before the next polling period after the timeout period has lapsed, then the session is immediately disconnected and the user is prompted to log in again.

If the connection to the server is lost or the server cannot be reached, the existing session is automatically disconnected after the first unsuccessful poll between the client and the server. Note that any data that is entered in a transition form that is not completed when the session timeout occurs is lost and will need to be re-entered in the transition form again when the user logs back in.

Related Topics

About Windows Domain Authentication

About LDAP Authentication

About External Identity Provider Authentication

Password Restrictions

Other Settings