Settings on the Application Authentication tab control the user experience when starting applications.
From the command line, use the Section D.16, “tarantella config list” command to list these settings, and the Section D.15, “tarantella config edit” command to edit these settings.
Changes to these attributes take effect immediately.
This tab contains the following sections:
Authentication
This section contains the following attributes:
Authentication Dialog
This section contains the following attributes:
Launch Dialog
This section contains the following attributes:
Usage: Select or deselect the check box.
Whether to try the password the user typed for the SGD server, if it is stored in the password cache, as the password for the application server.
SGD server passwords might be stored in the cache if some applications are configured to run on the SGD host, or if Section A.1.2, “Password Cache” is selected.
This attribute can be overridden by an application server object's Section C.2.88, “Password Cache Usage” attribute.
Command option:
--launch-trycachedpassword 1 |
0
Usage: Specify
1
(true) or 0
(false).
The following example uses the SGD password stored in the password cache when authenticating to an application server.
--launch-trycachedpassword 1
Usage: Select an option.
The action to take if the user's password has expired on the application server.
The command line options and their Administration Console equivalents are shown in the following table.
Administration Console | Command Line | Description |
---|---|---|
Authentication Dialog |
| Show an SGD authentication dialog. |
Aged Password Handler |
| Show a terminal window, where the user can change their password. |
Launch Failure |
| Take no further action. Treat as a startup failure. |
For Windows applications, the Remote Desktop Session Host handles the authentication process. No information is returned to SGD indicating whether authentication succeeds or fails. This means that once SGD has cached a user name and password for the Windows application server, SGD never displays the authentication dialog again unless the user holds down the Shift key when they click an application's link, or an Administrator deletes the user's entry from the password cache.
Command option:
--launch-expiredpassword manual | dialog |
none
Usage: Specify an option.
In the following example, the user can change their password using a terminal window.
--launch-expiredpassword manual
Usage: Select or deselect the check box.
Enable users to log in to a Microsoft Windows application server with a smart card.
Command option:
--launch-allowsmartcard 1 |
0
Usage: Specify
1
(true) or 0
(false).
The following example enables users to log in using a smart card.
--launch-allowsmartcard 1
Usage: Select or deselect the check boxes.
Controls when the application server's authentication dialog is displayed. The check boxes are inter-related, enabling you to select from three possible options.
The command line options and their Administration Console equivalents are shown in the following table.
Administration Console | Command Line | Description |
---|---|---|
On Shift-Click (selected) On Password Problem (selected) |
| Show the authentication dialog if the user holds down the Shift key when they click an application's link, or if there is a password problem. |
On Shift-Click (deselected) On Password Problem (selected) |
| Only show the authentication dialog when there is a password problem. |
On Shift-Click (deselected) On Password Problem (deselected) |
| Never show the authentication dialog. |
For Windows applications, it is the Remote Desktop Session Host handles the authentication process. No information is returned to SGD indicating whether authentication succeeds or fails. This means that once SGD has cached a user name and password for the Windows application server, SGD never displays the authentication dialog again unless the user holds down the Shift key when they click an application's link, or an Administrator deletes the user's entry from the password cache.
Command option:
--launch-showauthdialog user | system |
none
Usage: Specify an option.
In the following example, the application server's authentication dialog is shown if you hold down the Shift key and click a link to start an application, or if there is a problem with the password.
--launch-showauthdialog user
Usage: Select or deselect the check boxes.
Two attributes that control the initial state of the Save Password check box in the application server authentication dialog and whether users can change it.
If users cannot change the setting, the Initially Checked attribute determines whether users can save passwords in the application server password cache.
Command option:
--launch-savepassword-initial checked |
unchecked
Command option:
--launch-savepassword-state enabled |
disabled
Usage: Specify a valid option.
In the following example, the initial state of the Save Password
check box is selected
. Users can
change this setting.
--launch-savepassword-initial checked --launch-savepassword-state enabled
Usage: Select or deselect the check boxes.
Two attributes that control the initial state of the Always Use Smart Card check box in the application server authentication dialog box and whether users can change it.
If users cannot change the setting, the Initially Checked attribute determines whether the user's decision to always use smart card authentication is cached.
Command option:
--launch-alwayssmartcard-initial
checked|unchecked
Command option:
--launch-alwayssmartcard-state
enabled|disabled
Usage: Specify a valid option.
In the following example, the initial state of the Always Use
Smart Card check box is selected
.
Users can change to this setting.
--launch-alwayssmartcard-initial checked --launch-alwayssmartcard-state enabled
Usage: Enter a time period, measured in seconds, in the field.
The delay in seconds before showing the Application Launch dialog to users.
Command option:
--launch-showdialogafter
secs
Usage: Replace
secs
with the delay, measured in
seconds.
In the following example, the Application Launch dialog is displayed after two seconds.
--launch-showdialogafter 2
Usage: Select or deselect the check boxes.
Attributes that control the initial display state of the Launch Details area of the Application Launch dialog, whether users can change it and whether to show the Launch Details area if an application startup fails.
If users cannot change the setting, the Showed by Default attribute determines whether the users see the application launch details.
Command option:
--launch-details-initial hidden |
shown
Command option:
--launch-details-state enabled |
disabled
Command option:
--launch-details-showonerror 1 |
0
Usage: Specify a valid option.
In the following example, the initial state of the Launch
Details area is hidden
. Users can
change this setting. The Launch Details area is shown if the
application fails to start.
--launch-details-initial hidden --launch-details-state enabled --launch-details-showonerror 1