This article is part of the Replicon Gen2 knowledge base. If you’re looking for information on Replicon Gen3, which is the latest version of Replicon, please visit:

User Permission report shows all users as Web TimeSheet Authentication instead of Single Sign-on.

The user name data base of Web TimeSheet will not be altered because of the single sign-on authentication method.

  • When the user clicks on the SAML url authentication token will be generated which takes the user name and the password from the Windows SAM file.
  • Token is sent to the IIS for re-directions as per the SAML URL.
  • IIS sends the token to the Active Directory for verification. If the user name and the password matches AD sends the token to IIS with the password field as True.
  • IIS sends the token to the Web TimeSheet database. Where the database checks for the user name. If the username matches the name in the Database, then the authentication is successful.
  • This is the reason why the Web TimeSheet authentication is displayed on reports.