Novell SecureLogin supports the use of four different types of variables:
Stored
Runtime
Directory attribute
Passticket
NOTE:Specify variables without spaces, for example $Username_Alias. If you use spaces you must enclose the entire variable in quotation marks, for example, "$Username Alias".
Each variable defaults to the platform specified in the application definition or the predefined application name. You can use a variable to change the platform, for example you can have an application definition named www.website1.com, for example:
type $username type $password password
An application definition named www.website2.com might use the variables from www.website1.com, for example:
type $username(www.website1.com) type $password(www.website1.com) password Directory attribute variables
Novell SecureLogin reads directory attributes from the currently logged in user's object.
For example:
type%cn
reads the CN attribute from the currently logged in user's object and specifies it.
You can only use the percentage symbol (%) variables when Novell SecureLogin is configured to use a directory, and only on single-valued text attributes.
Quotes are required around the variable if the attribute name contains a space.
For example:
Set ?text “%Login Time”
Messagebox "%Given Name"
Stored variables are the most common style of variable used in application definitions and Predefined Applications. They are preceded with a dollar symbol ($). Use these variables to store the values used during the login process, such as usernames, passwords and any other details that are required.
This section contains the following information:
The values of these variables are stored in the directory under the user object. They are encrypted so that only the user can access them. You can store variables separately for each application definition and predefined application, so the username variable for one application can be different from the username variable for another application. It is, however, possible to set an application to read variables from another application's application definition and predefined application. This is useful for applications that share user accounts or passwords.
For details, see Section 5.2.73, SetPlat
If a stored variable is referenced in an application definition and predefined application, and there is no value stored for that variable (for example, the first time the program is run), SecureLogin prompts the user to enter a value for the variable. This is an automatic process. It is also possible to manually trigger this process to prompt a user to enter new values for particular variables.
Dialog Class #32770 Title "Log on" EndDialog Type $Username #1001 Type $Password #1002 Click #1
NOTE:If you want to hide a variable from an administrator by displaying it as **** instead of clear text, begin the variable name with $Password.
For example, the $PasswordPIN variable is protected as described, however $PIN is not.
For more details, see Section 5.2.20, DisplayVariables and Section 5.2.9, ChangePassword.
Runtime variables are generally used for storage of calculations, processing data, and date information. You can also use them for temporary passwords and usernames.
Runtime variables are preceded by the question mark symbol (?). They have two modes:
Normal runtime variables are reset each time SecureLogin is started.
Local runtime variables are reset each time the application definition and predefined application is started.
Runtime variables are Normal by default. For details on how to switch a runtime variable to Local mode, see Section 5.2.43, Local.
Runtime variables are not stored in the directory or the Novell SecureLogin cache; they are used straight from the computer's memory. For this reason, it is important not to use runtime variables for the storage of usernames, passwords, or other details Novell SecureLogin will need to access in the future.
If runtime variables are used for such details, the user is prompted to enter them each time the application definition or predefined application is run, or each time Novell SecureLogin is restarted. Users are not prompted for ?variables that have no value. These variables are given the value <NOTSET>.
Dialog Class #32770 Title "ERROR" EndDialog Local ?ErrorCount Increment ?ErrorCount If ?ErrorCount Eq "2" MessageBox "This is the second time you have received this error. Would you like to reset the application?" -YesNo ?Result If ?Result Eq "Yes" KillApp "App.exe" Run "C:\App\App.exe" Else Set ?ErrorCount "0" EndIf EndIf
Passticket variables are preceded with the exclamation mark symbol (!). To use a passticket variable, you must create and define numerical values for stored variables with the names $DESKEY and $DESOFFSET. These numbers are then used by the Novell SecureLogin application definition or the predefined application parser to generate the one-time password.
Once you have defined the stored variables, use the following passticket variable to generate a password.
!<Name of application definition>
or
!default
For example, if you want to use a passticket variable for the Microsoft Outlook application, create two stored variables called $DESKEY and $DESOFFSET under the Outlook application definition. Then, set values for the two stored variables, which allows you to use the variable "!Outlook" whenever you need to generate a one time password.
You can also use "!Default", which automatically reads the values from the current application definition.
If the credentials used to generate one time passwords do not already exist in a secured area of the SecureLogin cache (that is, the $DESKEY and $DESOFFSET variables are not defined), then they are retrieved from the closest SecureLogin Advanced Authentication server. For more information on this, contact Novell Technical Support.
SecureLogin is able to read details from the system and use them to create variables that you can incorporate into the application definition. These variables are automatically generated as Runtime Variables and used in the same manner within any application definition.