When you set up Primavera Analytics, you can choose one of the following authentication modes:
- Native is the default mode for the application. In Native mode, the database acts as the authority and the application handles the authentication of the user who is logging into that application.
- Single Sign-On (SSO) controls access to Web applications. In SSO mode, the applications are protected resources. When a user tries to login to one, a Web agent intercepts the login and prompts the user for login credentials. The Web agent passes the user's credentials to a policy server, which authenticates them against a user data store. With SSO, once the users login, they are logged into all Web applications during their browser session (as long as all Web applications authenticate against the same policy server).
- Lightweight Directory Access Protocol (LDAP) authenticates users through a directory and is available for all applications. The application supports LDAP referrals with Oracle Internet Directory and Microsoft Windows Active Directory. LDAP referrals allow authentication to extend to another domain. You can also configure multiple LDAP servers, which supports failover and enables you to search for users in multiple LDAP stores. In LDAP mode, an LDAP directory server database confirms the user's identity when they attempt to log in to an application.