---

By: Patrick Cascio

An often-overlooked optional component of a PaperVision^® Enterprise installation, the Authentication Gateway may very well have been installed on your Enterprise server since you first set it up, silently gathering dust on a separate port from the main website. Have you ever wondered what it was for or if you could make it work for you?

PaperVision Authentication Gateway scrapes the login credentials of the user logged into the computer and compares them to what’s in PaperVision Enterprise. This provides a secure, single sign-on (SSO) solution for PaperVision Enterprise or ImageSilo^® users, so they do not have to enter login credentials every time.

5 Easy Steps to Get Started with SSO

Incorporating PaperVision Enterprise’s single sign-on (SSO) solution into your operation may sound intimidating, but it only takes a few minutes before you’re off to the races. Here are the simple steps to getting started with SSO:

1. During PaperVision Enterprise’s installation on your system, the initial configuration wizard page will appear
   1. Check the box beside “Configure Web Site”
      Note: If you happen to skip this step during the original installation, don’t hesitate to reach out to Technical Support at 877.374.3569 for help running this step of the configuration wizard again.

2. After initial installation is complete, log into the PaperVision Enterprise Administration Console and create a new encryption key under the appropriate entity:
   1. Under “General Security” in the PaperVision Administration Console sidebar, select “Encryption Keys”
   2. Complete the following fields to create a new encryption key:
      Key Name: AuthGW
      Key Type: Rijndael – AES (256-bit)
      Pass Phrase: (fill in your password phrase)
      Description: Used for securing logins with the Auth Gateway
   3. Click “OK”

3. Assign the new key to the Authentication Gateway in the entity’s security policy:
   1. Under “General Security” in the PaperVision Administration Console sidebar, select “Security Policy”
   2. Select the bubble beside “Allow logins from any source”
   3. Under “Remote Authentication Gateway Encryption” change the Key Name to “AuthGW” using the drop down menu
   4. Click “OK”

4. Finish configuring the Authentic Gateway:
   1. Run the PaperVision Gateway Settings application
   2. Enter the encryption key’s password, the URL for your main PaperVision Enterprise website
   3. Enter default entity ID
      Note: If you need to access multiple entities with the same authentication gateway site, the gateway can be configured to pass through URL parameters like EntID and ProjID. Set up a custom bookmark for each entity and let us do the rest! Contact Technical Support at 877.374.3569 for help configuring the Authentication Gateway for use with multiple entities.

5. Once the Authentication Gateway is configured, ensure the gateway site is in your client computers’ list of trusted sites and it’s configured to log on without prompting the user for their credentials:
   1. Select “Internet Options” from the sidebar control panel in the PaperVision Administration Console
   2. Under the “Security” tab, click the grey “Custom level…” button to open the Security Settings – Trusted Site Zones page
   3. Scroll down in the Settings options to “User Authentication”
   4. Under “Logon” in the setting options, select “Automatic logon with current user name and password”
   5. Click “OK”
      Note: usernames in PaperVision Enterprise must be identical to their domain counterpart for SSO to work correctly. This includes the domain prefix (e.g. DSI\KROSECRANS).

Even if you only sign in to PaperVision Enterprise once a day spanning five seconds, that adds up to twenty minutes over about 250 working days in a year! Now multiply that by the number of users who access these systems on a daily basis; can you really afford not to take advantage?

Add on More Benefits with Active Directory Sync Utility

For more seamless management of users and groups in PaperVision Enterprise, Digitech Systems Professional Services has created a utility that is capable of automatically synchronizing users in PVE with your preexisting users in Active Directory based on group membership. In conjunction with the PaperVision Authentication Gateway, this makes for a powerful, hands-off method of user management. For more information, don’t hesitate to reach out to services@digitechps.com!