Single Sign-On (SSO) controls access to Web applications. In SSO mode, the applications are protected resources. When a user tries to login to one, a Web agent intercepts the login and prompts the user for login credentials. The Web agent passes the user's credentials to a policy server, which authenticates them against a user data store. With SSO, once the users login, they are logged into all Web applications during their browser session (as long as all Web applications authenticate against the same policy server).
To set your web single sign-on settings:
Open the Primavera P6 Administrator.
In the Authentication tab, expand your configuration.
Expand Authentication.
In the Login Mode field, select WebSSO.
Expand Authentication/Web Single Sign-On.
In the User Name Header Key field, enter the name of the HTTP Header you specified in the policy server.
The value you specify must match the property you created under the policy domain/realm, where the Web server for P6 resides.
For Oracle Single Sign-On, the value should be Proxy-Remote-User. The Proxy-Remote-User should match the LDAP server attribute that maps to the P6 EPPM database USER_NAME field. See Provisioning LDAP User Information for the First Time.
For Oracle Access Manager, the value should be OAM_REMOTE_USER.
In the Context Path Override field, enter the path used to pass web requests from the Single Sign-On Web server to the P6 server. The default listed is the value for P6 (/p6).
In the Allow Alternate Login Attribute field, choose true when using Oracle Single Sign-On, and you want to use an SSO login attribute other than the P6 user name. For example, you will enter your e-mail address when authenticating Oracle Single Sign-on, but your P6 user name will map to the LDAP's UID field.
Notes:
If you enable the Allow Alternate Login Attribute setting, you must configure the Header Key and LDAP Search Attribute settings. You must also configure the LDAP settings for the appropriate database instance to establish a connection to the LDAP server. See Provisioning LDAP User Information for the First Time.
In the Header Key field, enter the HTTP Header Key which contains the global user ID. The default is Osso-User-Guid.
In the LDAP Search Attribute field, enter the LDAP attribute searched by the Header Key to authenticate users. The default is orclguid.
Note: You must configure the LDAP settings for the appropriate database instance to establish a connection to the LDAP server.