3.3 Creating an Application Definition for a Windows Application

A Windows application is any application that is launched with an executable (.exe) file.

You can create an application definition for a Windows application by accepting the default selections in the wizard, or you can manually select the attributes you want.

3.3.1 Prerequisites

  • Close all open SecureLogin prompts.

  • Verify if you have permissions to create application definition. See Section 5.0, Setting the Wizard Mode Preference.

  • Ensure that Add application prompts for Windows applications option is selected.

  • Ensure that SecureLogin is running on your workstation.

3.3.2 Using the Default Selections to Create an Application Definition

  1. Ensure that you have completed the prerequisites in Prerequisites.

  2. Start a Windows application for which you want to create an application definition.

    SecureLogin detects a login screen and displays the following prompt:

  3. Select Yes, I want to single sign using the default selections done by the wizard.

    SecureLogin identifies the application and displays the name of the application in the prompt.

  4. You are prompted to specify the credentials for the application. Specify the username, password, and any other information required.

  5. Click OK.

    SecureLogin saves your credentials and uses them to log in to the application.

    The next time you launch the application, SecureLogin provides the username and password for you.

Example: Using the Default Selections to Create an Application Definition for Google Talk

The following example demonstrates creating an application definition for Google* Talk*.

This procedure assumes that you already have a Google account.

  1. Ensure that you have completed the prerequisites in Prerequisites.

  2. Launch Google Talk.

    SecureLogin detects the application and the SecureLogin dialog box is displayed.

  3. Select I want to single sign the screen using the default selections done by the wizard.

    The Enter your Credentials dialog box is displayed.

  4. Specify your username and password, then click OK.

    SecureLogin saves the credentials and uses them to log in to you Google Talk.

  5. Test the application definition by logging out and logging in again.

    If the application is defined correctly with the correct credentials, you are logged in successfully. If your login is not successful, delete the application definition and repeat the above steps. You might also need to review the application definition for event responses and errors.

3.3.3 Manually Defining the Attributes for an Application Definition

  1. Ensure that you have completed the prerequisites in Prerequisites.

  2. Launch the Windows application for which you want to create an application definition.

    SecureLogin detects the application and prompts you to enable the screen for single sign-on.

  3. Select Yes, I want to single sign enable the screen using the wizard. The Application Definition Wizard page is displayed.

  4. Configure the following attributes to create an application definition.

Identifying the Screens

  1. Use the Identify screen tab to identify the login screen. If the Application Definition Wizard identifies the login screen correctly, a check mark displays next to Identify screen. Click Show me to verify if the screen is correctly identified.

  2. If the screen is not correctly identified, drag the Choose icon to the login screen to select it.

Specifying the Credential Source

  1. Use the Credential source tab to define the source of the credentials for the applications.

    Some applications use their own credential set to log in. However, some applications might reuse credentials from another source, such as the user's network password or a one-time password.

  2. Select This application's own credential set to use the application's credential set to log in. If you select this option, SecureLogin creates a discrete set of credentials to enable the application. The credential set has the name of the application.

  3. Select Other to define another source of credentials. If you select this option, select the source of credentials for the application.

    The options for the credential source are:

Using a One-Time Password

  1. Select A one-time password from a smart card to use a one-time password from a smart card.

Using User’s Network Login Credentials

  1. Select The user's network logon credentials to use the user's directory credentials to log in.

Using Credentials from Another Single Sign-One Enabled Application

  1. Select Another SecureLogin enabled application to use the credentials of another application enabled for single sign-on.

    Select the application from a list of available applications enabled for SecureLogin.

Selecting Credentials Based on a Value Identified on the Screen

  1. Select SecureLogin selects credentials based on a value identified on this screen to provide the credentials based on the presence of a particular value on the login screen.

    This option uses a text entry. Regular expressions are supported in the text entry.

    For example:

    Connecting to server (.*)

    where (.*) specifies the value that must be captured to define the credentials.

Identifying the Fields

SecureLogin must identify the fields on the login screen before it can log in to the application. Typically, these are the username and password fields. You can also configure fields such as radio buttons or edit boxes on the login screen. Use the Identify fields menu to view the selected fields.

Figure 3-4 Selecting or Reviewing the Login Fields

Not Allowing SecureLogin to Handle the Fields

  1. Select No. SecureLogin is not required to handle the fields on this screen if you do not want SecureLogin to handle the login fields on the screen.

    Use this option to create a credential set, which can be used with other application screens.

    Similarly, you can use the credential set to link to other application definitions.

Reviewing the Fields

  1. Select Yes. Let me select or review the logon fields to review the fields selected by the wizard .

    By default, SecureLogin uses the field names as the prompts in the dialog boxes. You can edit the field names to make them clear and user-friendly.

  2. If the login fields are not identified correctly, identify them manually by dragging the Choose icon to the button you want to the fields and clicking the Show me icon.

    The selected fields are highlighted.

  3. If Show me does not highlight the correct control, update it by dragging and dropping the Choose icon to the button you want.

    or

    Use the Navigate to field using the keystrokes option.

    1. Click Start.

    2. Specify the keystrokes.

    3. Select Close to return to the Identify fields menu.

    4. Select Stop to stop the recording.

      The next time you log in to the application, the keystrokes are used to log in.

  4. Select Treat text field as a sensitive field to treat the username field like a password field and disguise the characters with asterisks. This is optional for the username but mandatory for the password.

  5. (Optional) Specify the text that SecureLogin presents when prompting the user for username and password.

Reviewing Other Fields

  1. Click All fields to show other fields detected by the wizard on the login screen. Each control is listed by type and name (if known).

    Select the field you want SecureLogin to use in managing the login for the application, then specify the actions for SecureLogin.

    Depending on the application, any or all of the following fields are displayed.

    • Edit box

    • Check Box

    • Combo Box

    • Radio Button

    For information about configuring SecureLogin to use these additional fields, see All Fields.

Specifying Re-authentication Rules

  1. Use the Re-authentication menu to specify if users must reauthenticate with their network credentials or an authentication device.

  2. If you select No. The user is not required to re-authenticate, SecureLogin does not prompt users to reauthenticate users before providing the credentials to the application.

  3. If you select Yes. Enforce re-authentication before accessing this application, users must specify the credentials in order to reauthenticate.

  4. From the Select from the methods detected drop-down list, select the method SecureLogin must use.

    You can select from:

    • Use same credentials as network login: Use the network login credentials.

    • Password: The network password.

    • Smart card: After the PIN is verified, SecureLogin checks to see if the smart card belongs to the user or not.

  5. You must also specify the action SecureLogin takes when the users cancels the reauthentication. You can define one of the following actions:

    • Click this button: Select a button on the application that SecureLogin clicks when a user cancels the reauthentication dialog box. Select the button by dragging the Choose icon to the button you want and clicking Show me.

    • Type the Following Keystorkes: Define the commands or keystrokes SecureLogin enters when a user clicks Cancel in the reauthentication dialog box. To record keystrokes:

      1. Click Start.

      2. Specify the keystrokes.

      3. After you have recorded the keystrokes, click Close.

    • Re-direct the user to this website: Specify a URL to go to when a user cancels the promptfor credentials. You can redirect users to the login screen and force them to specify the login credentials again.

Defining the Submit Options

  1. Use the Submit options menu to define how SecureLogin submits the login screen.

  2. If you select The user submits the screen, SecureLogin does nothing and the user must manually submit the login screen.

  3. If you select SecureLogin submits the screen, specify the action SecureLogin takes to submit the login screen.

    You can specify one of the following actions:

    • Click this button: Select a button on the application that SecureLogin clicks when a user submits the screen. Highlight Select the button by dragging the Choose icon to the button you want and clicking Show me.

    • Type the following keystrokes: Define the commands or keystrokes SecureLogin enters to submit the login notification screen. To record keystrokes:

      1. Click Start.

      2. Specify the keystrokes.

      3. After you have recorded the keystrokes, click Close.

    • Re-direct the user to this website: Specify a URL to go to when a user submits the login notification screen.

  4. You can also specify the action SecureLogin uses when users cancel a prompt to save their credentials. For this, select Enable action when user cancels to change their password.

    You can specify one of the following actions:

    • Click this button: Select a button on the application that SecureLogin clicks when a user submits the screen.Select the button by dragging the Choose icon to the button you want and clicking Show me.

    • Type the following keystrokes: Define the commands or keystrokes SecureLogin enters to submit the login screen. To record keystrokes:

      1. Click Start.

      2. Specify the keystrokes.

      3. After you have recorded the keystrokes, click Close.

    • Re-direct users to this website: Specify a URL to go to when users cancel the change password prompt.

Defining the Matching Criteria

SecureLogin must uniquely identify each application screen in order to run an application definition. If SecureLogin cannot uniquely identify a particular application screen, you can manually define the matching criteria.

Use the Matching criteria menu to define the matching criteria.

  1. If you select No. Use minimal rules based on your previous selections, SecureLogin uses the rules defined in previous attribute panels to identify and handle the password change.

  2. If you select Yes. Use additional Wizard generated rules, you can add, modify, or remove rules. Your matching criteria must include at least one rule.

    After you select this option, the following screen appears:

  3. By default, Use Wizard generated rules is selected.

    The Rules text box lists the controls that are detected by SecureLogin.

    Add new rule by dragging the Choose icon to a specific control.

    Click Show me to confirm that SecureLogin has identified the correct control.

To modify a rule for a control:

  1. Select the rule you want to edit, then click Configure more detailed match for this control

  2. Define what SecureLogin must match. You can set the following matching rule:

    • SecureLogin is to match value displayed: If you select this option, SecureLogin only matches those screens that exactly match the displayed text and rules identified.

To verify the regular expression:

  1. Click Test Match to verify if your regular expression is correct.

    If a regular expression does not match any control on the application screen, SecureLogin prompts you to verify your regular expression and select the correct control.

To delete a rules:

  1. Select the rule, then click Remove

You have successfully completed creating an application definition for a Windows application. The next time you launch the application, SecureLogin provides the credentials for you.