Use the Authentication tab to review the method used for P6 Progress Reporter user validation. Most settings are read-only because you must use the P6 Administrator application to set the authentication mode and configure P6 EPPM for authentication.
You can use one of these authentication modes:
Native is the default mode for P6 EPPM. In Native mode, the P6 EPPM database acts as the authority and the application handles the authentication of the user who is logging into that application.
Single Sign-On (SSO) controls access to Web applications. In SSO mode, the applications are protected resources. When a user tries to login to one, a Web agent intercepts the login and prompts the user for login credentials. The Web agent passes the user's credentials to a policy server, which authenticates them against a user data store. With SSO, once the users login, they are logged into all Web applications during their browser session (as long as all Web applications authenticate against the same policy server).
Lightweight Directory Access Protocol (LDAP) authenticates users through a directory and is available for all applications. You can use LDAP referrals with Oracle Internet Directory and Microsoft Windows Active Directory. LDAP referrals allow authentication to extend to another domain. You can also configure multiple LDAP servers, which supports failover and enables you to search for users in multiple LDAP stores. An LDAP directory server database confirms the user's identity when they attempt to login to the application.
To view your authentication settings in the P6 Progress Reporter Administrator:
Open the P6 Progress Reporter Administrator.
Select the Authentication tab.
Depending on your authentication mode, you will need to do the following:
If using Native mode for P6:
You do not need to make any changes to use this mode and no settings will appear in the P6 Progress Reporter Administrator.
If using Single Sign-On (SSO) mode for P6:
Enter the "User Header" information specified on the SSO server. For example, if using Oracle Single Sign-On, the User Header is Proxy-Remote-User. For Oracle Access Manager, the User Header is OAM_REMOTE_USER.
Note: In Oracle Access Manager, you also need to change the default ssoCookie setting from ssoCookie:httponly to ssoCookie:disablehttponly.
If using LDAP mode, verify the following:
In the Server field, verify the IP address or name of the LDAP server.
In the Port Number field, verify the port number of the LDAP server.
In the Chase Referral field, verify its status. If you selected chase referral, authentication will extend to another domain.
Note: If using Referrals, you will see settings for other LDAP servers as specified in the P6 Administrator application. Their order in the P6 Administrator application will determine the order P6 Progress Reporter uses to search LDAP servers when authenticating user names.
In the Use SSL field, verify its status. When selected, P6 Progress Reporter will use SSL. If you wish to use a specific certificate for SSL encryption, select 'Use Certificate' (detailed below).
In the Use Certificate field, select this option to use the certificate specified in the Configuration tab for every P6 Progress Reporter encryption request. If you enable this setting, enter the 'SSL Certificate Store' and 'SSL Store Password' settings in the Configuration tab and reboot the application server instance.
In the Base Domain Name field, verify the base domain name used to lookup users when they log into P6 Progress Reporter.
In the User Name field, verify the user name of the LDAP server login.
In the Password field, verify the password of the LDAP server login.
In the User Key field, verify the user attribute for logging into P6 Progress Reporter.
In the Security Level field, verify the option is correct (either None or Simple).
