In this section you can define settings for the QPR Foundation Server.

 

 

Authentication Method

Here you can select the method which is used for authenticating the users. For example, if Windows NT is selected, then the users are authenticated based on NT user accounts and passwords.

•QPR uses users defined in the QPR Foundation Server.

•Windows NT uses NT domain users.

•LDAP uses LDAP authentication

Any combination of these methods can be used as long as there is at least one method selected.

 

 

Single Sign On

Here you can select the components for which the Windows Integrated Authentication (IWA) is enabled. The options are:

 

•QPR Portal: Enables single sign-on for QPR Portal. When this option is enabled, you need to define the CGI binary host setting.

•QPR Modeling Client: Enables single sign-on for QPR Modeling Client.

•QPR Metrics: Enables single sign-on for QPR Metrics client.

 

In the "Generic Single Sign on (SSO) for" field you can select which components can use generic single sign on authentication. Currently the only option is QPR Portal, and selecting it requires that the CGI binary host setting is defined as well as qprsettings.dat modified accordingly. See "Using Single Sign-On with QPR Products" section in QPR Administrator's Guide for more details.

 

Single Sign On can be used simultaneously with Windows Integrated Authentication.

 

The CGI binary host field is used for defining the IP address or the hostname of the computer where qpr.isapi.dll or qpr.cgi.exe resides in. This is required for single sign on authentication to QPR Portal. The IP is needed only if qpr.isapi.dll or qpr.cgi.exe reside in a different machine than QPR.WAS.Server.exe. In a standalone installation the IP is not needed, since 127.0.0.1 (localhost) is always trusted.

 

 

User Group

Here you can select the group management method.

The Synchronized with NT/LDAP option makes the QPR Foundation Server groups to be synchronized with NT/LDAP groups for authentication purposes. In the case you want some user group to act as a default group, select the Use default user group checkbox and insert the group's name into the Default user group field. The default user group is used when NT/LDAP users are imported, and a group with a name similar to their NT/LDAP group does not exist in QPR Foundation Server. For more information about the default user group, refer to the NT & LDAP Authentication section in QPR Administrator's Guide.

The UMS only option means that the user groups are maintained only by QPR Foundation Server. With this option the groups are not synchronized with NT/LDAP groups for authentication purposes.

 

 

LDAP Synchronization Settings

Here you can select whether user information in QPR Foundation Server is updated when a user logs in with an NT or LDAP account. When using LDAP and this setting is enabled, the information is updated also during the next synchronization if the user information has changed on LDAP. The following information is updated in the case this setting is enabled:

•Full name

•E-mail (LDAP only)

•Telephone number (LDAP only)

•Description

 

 

Autologin Settings

Here you can define options for cookie-based automatic login to QPR Portal. There are three options to choose from:

 

•Enable autologin with cookies as default option. With this option there is a "Login automatically next time" checkbox at Portal's login screen and it is checked by default. Users who leave the option on have their login information stored in a cookie and can login to Portal automatically after the first login unless they explicitly remove the cookie (either from the browser's settings or by clicking the "Clear automatic login information" button at Portal's logout screen.

•Enable autologin with cookies option. With this option there is a "Login automatically next time" checkbox at Portal's login screen. The checkbox is unchecked by default, but otherwise the functionality is similar to the previous option.

•Do not use cookies for autologin. The "Login automatically next time" option is not displayed and cookie-based automatic login is not possible.