You can select the authentication method for users in
the Authentication attribute on the Manage Users page
(). IBM® Rational® Focal Point™ supports
three methods for user authentication: Standard, Rational Directory Server, and Web Single
Sign-On (SSO).
Note: The Rational Directory
Server and Web SSO methods are available only if they are enabled
through SQL commands in the SQL interface.
- Standard: This method is the default authentication method.
On the Login page, you type a user name and password,
and Rational Focal Point handles
the authentication.
- Rational Directory
Server: With this method, IBM Rational Directory Server handles
the authentication. You can log in to the product after Rational Directory Server validates the
login credentials. If users are not listed in Rational Focal Point,
but their credentials are valid in Rational Directory
Server, the users are added to the product automatically.
Rational Directory Server supports
SSO, which supports Rational applications
only. Rational Directory
Server users log in by using a token, which can either be in a cookie
or in the URL as a parameter. If the Rational Directory Server validates the
token, a user is automatically logged in to Rational Focal Point.
If no token exists, the Login page is displayed.
This feature is enabled if the Rational Directory
Server is enabled and cannot be disabled separately.
- Web SSO: With this method, a proxy application handles
the authentication. You can log in after the proxy adds parameters
to the HTTP request that provides the information required to log
in.
Users can use only one authentication method, but can have both Rational Directory Server and
Web SSO enabled. You might want to enable both methods so that regular
users can authenticate by using Web SSO while administrators authenticate
by using Rational Directory
Server. Then, administrators can use the Rational Directory Server features to add
and manage users, and regular users can log in to the product automatically.
Note: All
administrators must have the authentication attribute set to Rational
Directory Server. Administrators that have the authentication
attribute set to Web Single Sign-On can add
users to and members from Rational Focal Point only.