To create SSO authentication providers:
- Log in to the WebLogic Administration Console as an administrative user for either Primavera Gateway or Primavera Analytics.
- In the Change Center pane select Lock & Edit.
- In the Domain Structure pane, select Security Realms.
- Select myrealm in the security realm list.
- In the Settings for myrealm page, select the Providers tab.
- Select New and enter information for a new authenticator provider.
- In the Name field, enter a name for the authenticator provider. For example, OAMIdentityAsserter.
- In the Type field, select OAMIdentityAsserter.
- Edit the newly created Authenticator and set the Control Flag to Required.
- Move the following Active Types to the Chosen column:
- OAM_REMOTE_USER
- OAM_IDENTITY_ASSERTION
- ObSSOCookie
- Select Save.
- Select New to enter information for a new authenticator provider.
- In the Name field, enter a name for the provider. For example, PrimaveraAuthenticator.
- In the Type field, select OracleInternetDirectoryAuthenticator.
- In the Common tab, select the newly created provider and set the Control Flag to SUFFICIENT, and select Save.
- In the Provider Specific tab, enter the LDAP information from OAM LDAP store. Ensure you enter information in the following sections: Connection, Users, Groups, Static Groups, Dynamic Groups (optional), and General.
- Select Save.
- In the Domain Structure pane, select Security Realms, myrealm, and Providers.
- Edit all other Authenticators and change the Control Flag to SUFFICIENT.
- In the Providers screen, select the Reorder Authentication Providers button and reorder the providers in the following sequence:
- OAMIdentityAsserter
- PrimaveraAuthenticator
- DefaultAuthenticator
- DefaultIdentityAsserter
- Select OK to save your changes
- In the Change Center pane, select Activate Changes.
- Log out of the WebLogic Administration Console.