NOTE: This authentication module is available if the Identity Management Base Module is installed.
Credentials |
The authentication module uses the login data of the user currently logged in on the workstation. |
Prerequisites |
|
Set as default |
No |
Single sign-on |
Yes |
Front-end login allowed |
Yes |
Web Portal login allowed |
Yes |
Remarks |
One Identity Manager searches for the user account according to the configuration and finds the employee assigned to the user account. If an employee has more than one identity, the QER | Person | MasterIdentity | UseMasterForAuthentication configuration parameter controls which employee identity is used for authentication.
A dynamic system user is determined from the employee's application roles. The user interface and the permissions are loaded through this system user. Changes to the data are assigned to the logged in employee. |
Modify the following configuration parameters in the Designer to implement the authentication module.
Configuration parameter | Meaning |
---|---|
QER | Person | GenericAuthenticator |
Specifies whether authentication through single sign-on is supported. |
QER | Person | GenericAuthenticator | SearchTable |
Table in the One Identity Manager schema which stores the user information. The table must contain a foreign key with the name UID_Person (or CCC_UID_Person) that references the Person table. Example: ADSAccount |
QER | Person | GenericAuthenticator | SearchColumn |
Column from the One Identity Manager table (SearchTable) that is used to search for user name of the current user. Example: CN |
QER | Person | GenericAuthenticator | EnabledBy |
Pipe (|) delimited list of Boolean columns from the One Identity Manager table (SearchTable) enabled by the user account for the login. |
QER | Person | GenericAuthenticator | DisabledBy |
Pipe (|) delimited list of Boolean columns from the One Identity Manager table (SearchTable) disabled by the user account for the login. Example: AccountDisabled |