Configuring NSL3.51 Single Sign-on for iFolder
Novell Cool Solutions: Tip
By Anjana Navnith
Digg This -
Posted: 29 Aug 2005
Novell Secure Login provides Single Sign-On for Windows, as well as Web-based and Java applications. This solution explains how to configure NSL's Single Sign On for certain Windows applications that require authenticating to multiple login windows. Configuring SSO for an iFolder application is also explained here.
NSL provides an Add Application Wizard for configuring applications for SSO. When used for configuring login for a windows application, the wizard can automate a standard login window with up to three input fields - Username, Password, and an Optional field. In some applications such as iFolder, there are two login windows. In the first one, the user enters the username and password. Subsequently, iFolder shows a second login dialog prompting the user for a passphrase.
Figure 1: Login Windows for iFolder
If you run the Add Application wizard twice to capture both login windows, the credentials you enter for the second window overwrite the existing value for that field.
The above problem can be solved by configuring the iFolder script as follows:
1. Invoke iFolder. NSL prompts asking if the application needs to be configured for SSO.
2. Click Yes to launch the Add Application Wizard. You can alternatively launch it by right-clicking the tray icon.
3. Choose Configure Windows Application.
4. Select the window function as Login Window.
Figure 2: Select Window Function as 'Login Window'
5. Supply the Wizard and store values for Username, Password, and Optional variables corresponding to User ID, Password, and Server (optional) fields.
Figure 3: Map variables in wizard to corresponding fields in login dialog box
6. Complete the Wizard and save the script.
7. Enter the above credentials in the login box. iFolder will display a dialog box asking for the passphrase.
8. Right-click tray icon to bring up the Add Application wizard. As in the previous case, configure as a Windows application -> login window.
9. Configure only the OK button (ignore the passphrase field)) and continue with the Wizard.
Figure 4: Mapping the OK Button in the Wizard to the OK field in the iFolder passphrase window
While saving the script, NSL shows following prompt: "A login window is already defined for this Application. Do you want to define a new Login Window?"
10. Click Yes.
Figure 5: NSL prompting user for creation of a new login window
NSL then asks if you want to overwrite the existing description.
11. Click No and proceed to save script.
Figure 6: Saving the script
12. After saving the script, bring up NSL's Window Finder and identify the passphrase field. The Window Finder displays the control details. Note the Dialog ID (1044).
Figure 7: Using Window Finder to detect the control details of the passphrase field
13. Bring up the Manage Login window to edit the script for iFolder.
14. After the EndDialog for the Novell iFolder Get Pass Phrase dialog (added by the SSO wizard), add the following:
Setprompt "Enter pass phrase:" Type $Password1 #1044
(1044 is the dialog ID from the previous step.)
Figure 8: Modifying the script for iFolder as shown above
15. Under the UserIDs tab, in addition to Username, Password, and Optional variables, create a new variable called Password1 with <passphrase> as the value.
16. Press Enter.
Figure 9: Credential set for ifolder application after adding Password1 variable corresponding to passphrase
Now when iFolder is invoked, NSL will provide the credentials and perform the login for the user.
Though SSO for iFolder is explained here, any application that has multiple login windows or a login window that requires more than three input fields can be configured in the same way.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com