Table of Contents

• Overview
• Install psaAuthenticate
  • Download the Application & License
  • Install the License
  • Install the Application
• Configure psaAuthenticate
• User Guide
  • Login Page
  • Administration Login
  • Authentication Error

NOTE: Syniti’s Professional Service Accelerators (psa) have been developed and are supported by

a team of senior consultants. The psas are designed to supplement the Stewardship Tier delivered features with content and automation that accelerate the progress of the project. If you have any questions or encounter any issues while using a psa, please submit a support ticket and be sure to select the psa on the form.

The attached PDF file contains the contents of this article.

Professional Service Accelerators (PSAs) are licensed separately from the SST. For more information, please email NASMT@syniti.com. To download or install a PSA, submit a request to Syniti support.

Overview

psaAuthenticate will allow users to authenticate to the Stewardship Tier Single Sign On. It uses any one of the following methods: SAML, OAuth and Active Directory.

The key feature of this psa is to facilitate single sign-on.

Install psaAuthenticate

The application can be installed on Syniti Solutions SST versions 7.0.1 and above

Download the Application & License

The psaAuthenticate application and/or license are obtained by opening a support ticket at support.syniti.com.

Perform the following steps to retrieve the necessary information for a license request:

1. On the SST application server, locate the Hardware Identifier program (called “HardwareIdentifier.exe") included in a zip file along with the SST installation software and documentation previously downloaded from Syniti.
2. Open the program.
3. Click Generate.
4. Copy the automatically generated ID and collect the following additional information. All information below pertains to the application server running SST; no information is needed regarding the database server:
   • Hardware ID (as mentioned above)
   • Windows computer name
   • Number of processor cores (as shown in the Task Manager CPU tab)
   • Usage of the SST instance, as in, DEV, TEST (or QA) or PROD
5. Syniti Licensing will deliver the license file via the support ticket.

Install the License

Perform the following steps to install the license:

1. Log in to the SST site as an Administrator.
2. Select Admin > Configuration > Product Licenses in the Navigation pane.
3. Click the Upload a file icon in the FILE NAME column next to the Upload a New Product License link.
4. Locate the license file that was provided by Syniti Licensing.
5. Click Open.
6. Verify the license is uploaded.

   NOTE: If the Navigation pane does not display all the licensed components as expected, use the

   browser refresh button or the F5 key to refresh the screen. At this point the full vertical menu will appear.

Install the Application

Perform the following steps to install the application:

1. Obtain the public certificate from the Identity Provider.
2. Right-click zip and go to Properties. Uunblock the file if it is blocked.
3. Unzip the file.
4. Navigate to the SST Installation folder (e.g., D:\BOA\DSP or C:\Program Files (x86)\BOA\DSP).
5. Back up the SST Install\BOA\DSP folder to a compressed zip file.
6. Back up all Syniti-supplied SQL Server databases or verify that a complete recent backup already exists.
   • Supplied databases: AutoGen, cMap, cMap_Data, cMass, cMass_Data, Console, CranPort, CranSoft, DataConstructionServer, DataDialysis, DataGarage, DBMoto_Client, DGE, DGE_Data, dgReports, dgSAP, dspAddOn, DSPCommon, dspMonitor_AccPak, dspMonitorConfig, DSW, IGC, Integrate, IntegrateStaging, InterfaceServer, MC, & RADToolkit

7. Stop IIS.

   This process disconnects all active SST users, so it is highly recommended to perform the install when no users are on the system. This process stops IIS on the web server.

   1. Open Windows Start Menu.
   2. Open the Command Prompt (run as an administrator).
   3. Type: IISReset –stop
   4. Press the Enter key.
   5. Leave the Command Prompt window open for later use.
 
8. Stop all services that start with “Cransoft Service …”

   This process stops all SST background jobs, so it is highly recommended to perform the install when no scheduled operations are running on the system. 

   1. Open Windows Start Menu.
   2. Select Administrative Tools.
   3. Run Services.
   4. Right-click the SST service.
   5. Select Stop.
   6. Repeat the previous two steps for any additional SST services.

9. Copy the Databases folder from the zip file to your existing SST Install \Databases folder. If prompted, replace the files in the destination.
10. Navigate to SST install\Databases and execute file psaAuthenticate_Install.bat (run as an administrator).
11. Start all services that start with “Cransoft Service …”
    1. Open Windows Start Menu.
    2. Select Administrative Tools.
    3. Run Services.
    4. Locate the SST service(s).
    5. Right-click the SST service.
    6. Select Start.
    7. Repeat the previous two steps for any additional SST services.
12. Start IIS.
    1. Open Windows Start Menu.
    2. Open the Command Prompt (run as an administrator).
    3. Type: IISReset –start
    4. Press the Enter key.

Configure psaAuthenticate

psaAuthenticate comes pre-configured to read from the system it’s being installed on. No manual configuration is needed.

If the Navigation pane in SST doesn’t show psaAuthenticate, then try these steps:

1. Log in to the SST site as an Administrator.
2. Select Admin > Configuration > Product License.

• Ensure that psaAuthenticate displays.

User Guide

Login Page

psaAuthenticate allows you to leverage your existing Identity Provider so you can leverage Single Sign On. The traditional Username and Password fields have been removed. To begin your session, click “Sign In”. That will redirect you to your Identity Provider login page.

For Azure, the page may look like the following. Your Identity Provider may provide a different page for authenticating.

After that you will be successfully logged in the Stewardship Tier:

Administration Login

If you need to log in as the administrator, you can append the URL to include ?admin=true. That will allow you enter the administration user and password. 

Authentication Error

If you get a message that you are authenticated successfully but are not automatically logged in the Stewardship Tier, you can verify the following:

• Your user has been created successfully in the Stewardship Tier.
• The email address in the Stewardship Tier matches the email address provided from the Identity Provider.
• The Identity Provider is sending an assertion that contains “email.”

Updated on September 1st, 2021