The Single Sign On functionality enables users to directly log into Smart Materials without having to enter their user name and password. To activate this feature, the operating system (OS) user name must be mapped with the Smart Materials user name, and the DBA setting SINGLE_SIGN_ON must be set to ON.
Additionally, to enable Single Sign On, you must edit the formsweb.cfg file. You can find the file on the application server in this directory: <ORACLE_Middleware_HOME>\user_projects\domains\ClassicDomain\config\fmwconfig\servers\WLS_FORMS\applications\formsapp_11.1.1\config
Add this string to the otherparams line of the playground definition in the formsweb.cfg file:
usid=%usid%
Here is an example for the smat8 playground, with otherparams in bold:
[smat8]
archive=frmall_2013.jar,spmaticon.jar
# Other Forms runtime arguments: grouped together as one parameter.
# These settings support running and debugging a form from the Builder:
otherparams=combos=n usid=%usid% obr=%obr% record=%record% tracegroup=%tracegroup% log=%log% term=%term% ssoProxyConnect=%ssoProxyConnect%
WebUtilArchive=frmwebutil.jar
WebUtilLogging=off
WebUtilLoggingDetail=normal
WebUtilErrorMode=Alert
WebUtilDispatchMonitorInterval=5
WebUtilTrustInternal=true
WebUtilMaxTransferSize=16384
baseHTML=webutilbase.htm
baseHTMLjpi=webutiljpi.htm
pageTitle=SMAT 8.1.x
workingDirectory=C:\SMAT8.1\fmx
form=logon.fmx
userid=m_login/m_login@smat8
separateFrame=True
lookandfeel=Generic
width=1280
height=960
splashScreen=SPMaterials_SPlash2011.png
logo=INGR.jpg
background=SPMaterials_SPlash2011.png
After changing the formsweb.cfg file, you must re-login to Smart Materials to use Single Sign On.
Map user names
-
Open the A.20.05 User screen and query for the user to be mapped.
-
In the OS User field, enter the Windows OS user name for this user in this format:
<Windows domain name>\<Windows user name>
For example: GALAXY\RSTONE
Set DBA setting
-
Open the A.60.04 DBA Settings screen, and query for the DBA setting SINGLE_SIGN_ON.
-
Select the Active check box for the ON value, and save the changes.
To deactivate the Single Sign On functionality, clear the Active check box for the ON value, and select the Active check box for the OFF value.
When users with a mapped OS user name start a Smart Materials session, the User Name and Password fields are pre-filled. The users can directly select a project to log in.
If the value of m_user_securities.us_id is passed in the Smart Materials URL, the Single Sign On functionality bypasses the login screen and logs in to the project or product group as defined by the us_id value. Here is an example of the URL:
http://galaxy.ingrnet.com/forms/frmservlet?config=SMAT&usid=4711
The Smart Materials application server and the Smart Materials users must be in the same Windows domain. Single Sign On does not work if the users are assigned to a different domain than the application server.
To enforce single sign on, set the DBA setting CHANGE_SSO_USER to OFF and the DBA setting SINGLE_SIGN_ON to ON. Only users mapped to the OS (operating system) user of the local computer can log in to Smart Materials, except super users
A user is considered a super user if the role specified with the DBA setting SUPER_USER_ROLE is assigned to his user securities on A.20.06.01 or A.20.06.02.