Difference between revisions of "Primary Authentication Controller"
From SmartWiki
| Line 29: | Line 29: | ||
|Enabled users||If '''Allow all users''' is not enabled this allows you to select individual user(s) that can use the Primary Authetication Controller to authenticate for this instance. | |Enabled users||If '''Allow all users''' is not enabled this allows you to select individual user(s) that can use the Primary Authetication Controller to authenticate for this instance. | ||
|- | |- | ||
| − | |Create users if not found||Enable this setting to enable automatic creation of a new account within this instance if someone with an account on the Primary Authentication Controller attempts to connect.<br />''Note:'' this settings attempts to match the e-mail address only. If an account with the same e-mail address already exists on the Member Server, but is | + | |Create users if not found||Enable this setting to enable automatic creation of a new account within this instance if someone with an account on the Primary Authentication Controller attempts to connect.<br />''Note:'' this settings attempts to match the e-mail address to uses that are '''already''' login enabled only. If an account with the same e-mail address already exists on the Member Server, but is NOT login enabled a new user will be created when they attempt to connect. This is to avoid accidentally activating an existing contact with inappropriate pre-existing Role(s). The new user will be created with the branch and role defined in the following 2 settings. |
|- | |- | ||
|Default branch of new user||If '''Create users if not found''' is enabled you can select which internal branch/company they will be created within. | |Default branch of new user||If '''Create users if not found''' is enabled you can select which internal branch/company they will be created within. | ||
Revision as of 19:15, 27 September 2010
The Primary Authentication Controller feature allows one instance of SmartSimple to authenticate users to gain access to a separate instance without having to log in separately (Single Sign-On).
Note: this is only relevant to clients that use multiple instances of SmartSimple.
- The instances can reside on the same server, or on separate servers.
- This access can be granted to all users, or limited to a subset of users.
Contents
Configuration
Authentication Member
Before configuring the Primary Authentication Controller instance you must enable Authentication Member on the target instance and generate the key that will be used by the Primary Authentication server to gain access.
- On Global Settings within the Login & Security Settings section select the check box to enable the instance as an Authentication Member.
- Save the page and the Authentication Member Configurations link will appear.
- Within the Authentication Member Configurations page click New. Complete the details as required:
| Setting | Description |
|---|---|
| Controller Name | Enter any name you wish. |
| Description | Enter desired description. |
| Alias | The Alias of the instance that will act as the Primary Authentication Controller. |
| Member security key | This will be populated once the settings are saved. This key must be entered in the configuration of the Primary Authentication Controller instance. |
| Allow all users | Enable this setting if all login-enabled accounts within this Authentication Member instance should be allowed authenticate and connect via the Primary Authentication Controller. |
| Enabled users | If Allow all users is not enabled this allows you to select individual user(s) that can use the Primary Authetication Controller to authenticate for this instance. |
| Create users if not found | Enable this setting to enable automatic creation of a new account within this instance if someone with an account on the Primary Authentication Controller attempts to connect. Note: this settings attempts to match the e-mail address to uses that are already login enabled only. If an account with the same e-mail address already exists on the Member Server, but is NOT login enabled a new user will be created when they attempt to connect. This is to avoid accidentally activating an existing contact with inappropriate pre-existing Role(s). The new user will be created with the branch and role defined in the following 2 settings. |
| Default branch of new user | If Create users if not found is enabled you can select which internal branch/company they will be created within. |
| Default role of new user | If Create users if not found is enabled you can select which role newly created users will be given. |
Primary Authentication Controller
To configure the instance that will act as the Primary Authentication Controller, to authenticate logins for the Authentication Member instance:
- On Global Settings within the Login & Security Settings section select the check box to enable the instance as a Primary Authentication Controller.
- Save the page and the Primary Authentication Configurations Configurations link will appear.
- Within the Primary Authentication Controller Configurations page click New. Complete the details as required:
| Setting | Description |
|---|---|
| Member Name | Enter any name you wish. |
| Description | Enter desired description. |
| Member Alias | The Alias of the Authentication Member instance. |
| Member URL | The URL of the Authentication Member instance (ie: http://alias2.smartsimple.com). |
| Member security key | This key provided by the Authentication Member instance. |
Once you have entered the above details and saved the configuration it will appear on the list of Authentication Members with a button that allows you to select which users within the Primary Authentication Controller instance are permitted to access the member instance.
