Creating a generic user-password application profile



Similar documents
Configuring SuccessFactors

Connected Data. Connected Data requirements for SSO

An overview of configuring Intacct for single sign-on. To configure the Intacct application for single-sign on (an overview)

Configuring. SugarCRM. Chapter 121

Configuring. SuccessFactors. Chapter 67

SP-initiated SSO for Smartsheet is automatically enabled when the SAML feature is activated.

Configuring Salesforce

Configuring Parature Self-Service Portal

For details about using automatic user provisioning with Salesforce, see Configuring user provisioning for Salesforce.

SAML single sign-on configuration overview

Configuring on-premise Sharepoint server SSO

An overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview)

An overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview)

SAP NetWeaver Fiori. For more information, see "Creating and enabling a trusted provider for Centrify" on page

SAP NetWeaver AS Java

Sharepoint server SSO

Configuring. Moodle. Chapter 82

SAML single sign-on configuration overview

User-password application scripting guide

Configuring user provisioning for Amazon Web Services (Amazon Specific)

SAML application scripting guide

Quick Start Guide. Installation and Setup

IIS, FTP Server and Windows

SchoolBooking SSO Integration Guide

Configuring an ios App Store application

Managing policies. Chapter 7

The Customer page is only displayed in Admin Portal on Managed Service Provider accounts. It is not displayed in customer accounts.

Configuring the Samsung SDS CellWe EMM cloud connector

Office 365 deployment checklists

Google Apps Deployment Guide

QualysGuard WAS. Getting Started Guide Version 3.3. March 21, 2014

Active Directory Integration for Greentree

Salesforce Integration

Configure Single Sign on Between Domino and WPS

Getting Started with the Aloha Community Template for Salesforce Identity

Managing users. Account sources. Chapter 1

Defender Token Deployment System Quick Start Guide

Introduction and overview view of Citrix ShareFile provisioning. Preparing your Citrix ShareFile account for provisioning

AVG Business SSO Partner Getting Started Guide

Configuration Guide - OneDesk to SalesForce Connector

SCADA Security. Enabling Integrated Windows Authentication For CitectSCADA Web Client. Applies To: CitectSCADA 6.xx and 7.xx VijeoCitect 6.xx and 7.

QualysGuard WAS. Getting Started Guide Version 4.1. April 24, 2015

Integrating Autotask Service Desk Ticketing with the Cisco OnPlus Portal

WatchGuard QMS End User Guide

Using the Content Distribution Manager GUI

Dolphin Ocean Server and Dolphin Mobile Client Installation and Configuration instructions

Remote Desktop Solution, (RDS), replacing CITRIX Home Access

Managed Security Web Portal USER GUIDE

DATA SHEET Setup Tutorial

Centrify Cloud Management Suite

Samsung KNOX EMM Authentication Services. SDK Quick Start Guide

Application Note. ShoreTel 9: Active Directory Integration. Integration checklist. AN June 2009

QUICK INSTALLATION GUIDE ACTIVATE

User Guide. Version R91. English

Single Sign-on Frequently Asked Questions

Guide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication

Acunetix Web Vulnerability Scanner. Getting Started. By Acunetix Ltd.

Faith Lutheran College, Redlands. Install and Setup Office 365

VERALAB LDAP Configuration Guide

PRODUCT WHITE PAPER LABEL ARCHIVE. Adding and Configuring Active Directory Users in LABEL ARCHIVE

IT Quick Reference Guides Using the Online Ticketing System (mysupport)

Installing Samsung SDS CellWe EMM cloud connectors and administrator consoles

Cloud Hosted IP PBX BGAdmin Training

Managing users. Account sources. Chapter 2

User Management Tool 1.5

AVG Business SSO Connecting to Active Directory

NSi Mobile Installation Guide. Version 6.2

An Overview of Samsung KNOX Active Directory-based Single Sign-On

V-Requester Add-in for Microsoft Outlook

Remote Access End User Reference Guide for SHC Portal Access

TimeTrade Salesforce Connector Administrator Guide

Quick Start Guide. 1 Copyright 2014 Samanage

qliqdirect Active Directory Guide

Self-Service Portal Registering, downloading & activating a soft token

Active Directory Requirements and Setup

ClickDimensions Quick Start Guide For Microsoft Dynamics CRM /1/2011 ClickDimensions

Sentral servers provide a wide range of services to school networks.

In this topic we will cover the security functionality provided with SAP Business One.

Mapping ITS s File Server Folder to Mosaic Windows to Publish a Website

Using ProjectWise Explorer for File Transfer

Guide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication. Mobile App Activation

1. Right click using your mouse on the desktop and select New Shortcut.

Establishing two-factor authentication with Barracuda NG Firewall and HOTPin authentication server from Celestix Networks

MultiSite Manager. User Guide

Citrix Remote Access Portal U s e r M a n u a l

Active Directory Self-Service FAQ

Office 365 deploym. ployment checklists. Chapter 27

Integrating Webalo with LDAP or Active Directory

OUTLOOK WEB APP (OWA): MAIL

Document From MAXIMUM BUSINESS INFORMATION TECHNOLOGY ON A. OwnCloud User Manual. TO I Cafe`

Deploying RSA ClearTrust with the FirePass controller

Administration: Users and Roles

VMware Identity Manager Administration

DreamFactory on Microsoft SQL Azure

Using Internet or Windows Explorer to Upload Your Site

Work with PassKey Manager

BusinessObjects Enterprise XI Release 2

Transcription:

Chapter 4 Creating a generic user-password application profile Overview If you d like to add applications that aren t in our Samsung KNOX EMM App Catalog, you can create custom application profiles using the generic application templates. Custom application profiles provide user access through the user portal to applications that may not be open to the general public or that haven t yet been added to the app catalog. These instructions describe the basic steps for using the generic user-password application template. They show how to create a custom application profile to a web application that uses a user name and a password for authentication. For full instructions on creating a custom user-password application connection, read the User-password application scripting guide.) To use the generic user-password application template, you must be able to write or modify a simple JavaScript script. How to use the generic user-password template (an overview): 1 Discover the login URL where the user-password web application accepts authentication requests and the names of the form data fields used to accept user name and password. Do this using POST analysis in a web browser (described later). 2 Add Generic User-Password to the application list in the Admin Portal and open its entry to configure the template. 3 Use the general user-password application template to configure the basics of a new userpassword application profile: application name, an icon, the login URL for authentication, a way to determine the user name, and so on. 4 Write or modify an advanced script in JavaScript that specifies form data field names for the web application and assigns user name and password values to the appropriate fields. 5 Specify roles that have access to the custom user-password application. 6 Save the new custom user-password application profile so that it appears with its new name in Admin Portal s application list. Discovering the login URL and form data fields This example of how to discover a user-password web application s login URL and its form data fields requires a browser capable of analyzing http requests. 28

Adding and configuring a custom user-password application To discover an application s login URL and form data fields: 1 In your browser, go to a user-password web application s login page. 2 Open your browser s network analyzer tool, typically found under Developer Tools, or something similar. 3 Enter your credentials in the login page and click the login button. 4 Look for the Logon POST method and select it. 5 View the login header. 6 Look within the header for Request URL. This is the request URL. You ll use its value for the URL field in the generic user-password application template. 7 Look within the header for the Form Data section, then within that section for the user name field and the password field. The fields may have many different names depending on how the application defined them. You can identify the user name field because its value will be your user name. The password field s value will be your password. You ll use these two field names in the advanced script in the generic user-password application template. Note If you keep the browser and its development tools open, you can cut and paste the request URL and form data field names from the browser into the generic user-password application template. Adding and configuring a custom user-password application To add a generic user-password application: 1 In Admin Portal, click Apps. 2 Click Add Web Apps. The Add Web Apps screen appears. 3 Click Custom. 4 On the Custom tab, next to the User-Password application, click Add. 5 In the Add Web App screen, click Yes to add the application. Admin Portal adds the application. 6 Click Close to exit the Application Catalog. The application that you just added opens to the Application Settings page. 7 Enter the web application s login URL in the URL field. Chapter 4 Creating a generic user-password application profile 29

Adding and configuring a custom user-password application 8 (Optional) If the web application has a login URL that is designed for viewing on mobile devices, enter that address in the Mobile URL field. When a user on a mobile device requests this web application, the connection request goes to the mobile URL. If there is no mobile URL, a mobile device connection request goes to the standard URL in the field above. All requests from standard browsers go to the standard URL. 9 On the Description page, change the name and description for the application. Because this is a generic or custom application, it s recommended to give this application a unique name. You can also provide a custom application logo. The Category field specifies the default grouping for the application in the user portal. Users have the option to create a tag that overrides the default grouping in the user portal. 10 On the User Access page, select the role(s) that represent the users and groups that have access to the application. When assigning an application to a role, select either Automatic Install or Optional Install: Select Automatic Install for applications that you want to appear automatically for users. If you select Optional Install, the application doesn t automatically appear in the user portal and users have the option to add the application. 11 (Optional) On the Policy page, specify additional authentication control for this application.you can select one or both of the following settings: Restrict app to clients within the Corporate IP Range: Select this option to prevent users outside the company intranet from launching this application. To use this option, you must also specify which IP addresses are considered as your intranet by specifying the Corporate IP range in Settings > Corporate IP Range. Require Strong Authentication: Select this option to force users to authenticate using additional, stronger authentication mechanisms when launching an application. Specify these mechanisms in Policy > Add Policy Set > Account Security Policies > Authentication. You can also include JavaScript code to identify specific circumstances when you want to block an application or you want to require additional authentication methods. For details, see Specifying application access policies with JavaScript. 12 On the Account Mapping page, configure how the login information is mapped to the application s user accounts. The options are as follows: Use the following Directory Service field to supply the user name: Use this option if the user accounts are based on user attributes. For example, specify an Active Admin Portal user s guide 30

Adding and configuring a custom user-password application Directory field such as mail or userprincipalname or a similar field from Samsung KNOX EMM user service. For Web - User Password applications, selecting this option allows an additional option to let Active Directory users log in using Active Directory credentials. Select the Use the login password supplied by the user (Active Directory users only) option for every Web - User Password application that you want users to log in to using Active Directory credentials. Everybody shares a single user name: Use this option if you want to share access to an account but not share the user name and password. For example, some people share an application developer account. Prompt the user for their user name: Use this option if you want users to supply their own user name and password. The first time a user launches the application, he enters his login credentials for that application. The cloud service stores the user name and password and the next time the user launches the application, the cloud service logs the user in automatically. Use Account Mapping Script: You can customize the user account mapping here by supplying a custom JavaScript script. For example, you could use the following line as a script: LoginUser.Username = LoginUser.Get('mail')+'.ad'; The above script instructs the cloud service to set the login user name to the user s mail attribute value in Active Directory and add.ad to the end. So, if the user s mail attribute value is Adele.Darwin@acme.com then the cloud service uses Adele.Darwin@acme.com.ad. For more information about writing a script to map user accounts, see the User-password application scripting guide. Note When the user first logs in to the application, the user portal will ask for the application s login password and then (if the script hasn t already created a password) store the application password in the cloud service so it s not required for later logins by the user. 13 On the Advanced tab, click Edit to enter or modify the JavaScript that specifies the HTML login response that the cloud service sends to the web application login URL when a user requests the application. This advanced script must be present and configured to match the service provider s required form fields. The default example script shows how to specify form fields. The example script does not work as is, and you must modify the script to match each application s form field requirements. For the vast majority of web applications, you need to replace only the username-field in line 2 with the form field name you discovered earlier for user name, replace the password-field in line 4 with the form field name you discovered for the password, and then delete lines 6 and 7. An example (without comment lines) using the form field names User and Password: response.addformfield("user", encode(loginuser.username)); Chapter 4 Creating a generic user-password application profile 31

Adding and configuring a custom user-password application response.addformfield("password", encode(loginpassword)); For detailed information about writing an advanced script and for descriptions of the objects and methods provided by the cloud service for defining an HTTP login response, read User-password application scripting guide. Note On the Changelog page, you can see recent changes that have been made to the application settings, by date, user, and the type of change that was made. 14 Click Workflow to set up a request and approval work flow for this application. The Workflow feature is a premium feature and is available only in the Samsung KNOX EMM User Suite App+ Edition. See Configuring Workflow for more information. 15 Click Save. After configuring the application settings (including the role assignment) and the application s web site, you re ready for users to launch the application from the user portal. Admin Portal user s guide 32

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information