Single sign-on in a cluster environment
A single sign-on implementation for clustered environments improves user and role administration. The single sign-on implementation is required when signing onto a cluster results in the user signing onto all of the cluster's UNICOM Intelligence Interviewer - Server Admin instances. Cluster single sign-on allows a UNICOM Intelligence Interviewer - Server Admin user to perform activities on each clustered UNICOM Intelligence Interviewer - Server Admin server without signing onto each server.
A clustered server installation is configured for single sign-on as follows:
1 The activity instance that provides the best performance is selected.
▪For each activity in a cluster environment, the installed instance information is saved under [Server/Application/ApplicationSettings].
▪The property MultiInstance is used to determine whether each activity utilizes the web load balancing feature. In DPM Explorer, MultiInstance should be configured as True (even when there is only one instance) for the UNICOM Intelligence Interviewer - Server, UNICOM Intelligence Reporter - Survey Tabulation and UNICOM Intelligence Reporter activities, as these application activities are accessed from a different server.
▪UNICOM Intelligence Interviewer - Server Admin load balance selects the instance that exhibits the best performance. For more information, see
Load balancing“.
2 The server that hosts the activity instance is logged into.
If a user request is redirected to the activity on a different server, the username and ticket are appended as form parameters. Depending on the username and ticket, httpModules SingleSignOnModule handles the creation of the ASP.NET authentication ticket.
3 The activity instance is exited.
Upon exiting an activity, httpHandlers EndApplication signs-out the ASP.NET authentication ticket.
4 The UNICOM Intelligence Interviewer - Server Admin session is logged off.
When a user logs out of UNICOM Intelligence Interviewer - Server Admin, the ASP.NET authentication cookie is cleared and the DPM ticket is deleted from the DPM data base.
See