3.2 Creating an Application Definition for a Web Application

A Web application is an application that runs on a Web browser. You can create an application definition for a Web application by accepting the default selections in the wizard, or you can manually select the attributes required for the application definition.

3.2.1 Prerequisites

3.2.2 Using the Default Selections for an Application Definition

  1. Ensure that you have completed the prerequisites in Section 3.2.1, Prerequisites.

  2. Launch the Web application for which you want to enable single sign-on.

    Novell SecureLogin detects the application and prompts you to enable single sign-on.

  3. Select Yes, I want to single sign using the default selections done by the wizard.

    The Enter your Credentials dialog box is displayed.

  4. Specify your credentials, then click OK.

    Novell SecureLogin saves your credentials in the directory. The next time you launch the application, Novell SecureLogin provides the credentials for you.

Example: Using the Default Selections to Enable Yahoo! Mail for Single Sign-On

  1. Ensure that you have completed the prerequisites in Section 3.2.1, Prerequisites.

  2. Launch Yahoo!* Mail.

    Novell SecureLogin detects the application and prompts you to enable it for single sign-on.

  3. Select Yes, I want to single sign using the default selections done by the Wizard .

    The Enter your credentials dialog box is displayed.

  4. Specify your Yahoo! ID and password.

  5. Click OK.

    If you have specified the correct credentials, you are logged in to Yahoo! Mail.

    For subsequent logins, Novell SecureLogin provides the credentials and logs in.

3.2.3 Manually Defining the Attributes for an Application Definition

  1. Ensure that you have completed the prerequisites in Section 3.2.1, Prerequisites.

  2. Launch the Web application for which you want to create an application definition.

    Novell SecureLogin detects the application and prompts you to enable the screen for single sign-on.

  3. Select Yes, I want to single sign enable the screen using the wizard. The Application Definition Wizard page is displayed.

  4. Configure the following attributes to create an application definition.

Identifying the Screens

Use the Identify screen tab to identify the login screen. If the Application Definition Wizard identifies the login screen correctly, a check mark displays next to Identify screen. Click Show me to verify if the screen is correctly identified.

Figure 3-3 Identifying the Login Screen

If the screen is not correctly identified, drag the Choose icon to the login screen to select it.

Specifying the Credentials Source

Use the Credential source tab to define the source of the credentials for the applications.

Some applications use their own credential set to log in. However, some applications might reuse credentials from another source, such as the user's network password or a one-time password.

Figure 3-4 Specifying the Credential Source

  1. Select This application's own credential set to use the application's credential set to log in. If you select this option, Novell SecureLogin creates a discrete set of credentials to enable the application. The credential set has the name of the application.

  2. Select Other to define another source of credentials. If you select this option, select the source of credentials for the application.

    The options for the credential source are:

Using a One-Time Password

  1. Select A one-time password from a smart card to use a one-time password from a smart card.

Using the User’s Network Login Credentials

  1. Select The user's network logon credentials to use the user's directory credentials to log in.

Using Credentials from Another Single Sign-On-Enabled Application

  1. Select Another SecureLogin enabled application to use the credentials of another application enabled for single sign-on. Select the application from a list of available applications enabled for Novell SecureLogin.

Selecting Credentials Based on a Value Identified on the Screen

  1. Select SecureLogin selects credentials based on a value identified on this screen to provide the credentials based on the presence of a particular value on the login screen. This option uses a text entry. Regular expressions are supported in the text entry.

    For example;

    Connecting to server (.*)

    where (.*) specifies the value that must be captured to define the credentials.

Identifying the Fields

Novell SecureLogin must identify the fields on the login screen before it can log in to the application. Typically, these are the username and password fields. You can also configure fields such as radio buttons or edit boxes on the login screen. Use the Identify fields menu to view the selected field.

Figure 3-5 Selecting or Reviewing the Login Fields

Not Allowing Novell SecureLogin to Handle the Fields

  1. Select No. SecureLogin is not required to handle the fields on this screen if you do not want Novell SecureLogin to handle the login fields on the screen.

    You can use this option to create a credential set, which can be used with other application screens. Similarly, you can use the credential set to link to other application definitions and use to identify the application screens.

Reviewing the Fields

  1. Select Yes. Let me select or review the logon fields to review the fields selected by the wizard . By default, Novell SecureLogin uses the field names as the prompts in the dialog boxes. You can edit the field names to make them clear and user-friendly.

  2. If the login fields are not identified correctly, identify them manually by dragging the Choose icon to the fields and clicking the Show me icon. The selected fields are highlighted.

  3. If Show me does not highlight the correct control, update it by dragging and dropping the Choose icon to the button you want.

    or

    Use the Navigate to field using the keystrokes option:

    1. Click Start.

    2. Specify the keystrokes.

    3. Select Close to return to the Identify fields menu.

    4. Select Stop to stop the recording.

      The next time you log in to the application, the keystrokes are used to log in.

  4. Select Treat text field as a sensitive field to treat the username field like a password field and disguise the characters with asterisks. This is optional for the username but mandatory for the password.

  5. (Optional) Specify the text that Novell SecureLogin presents when prompting the user for username and password.

Reviewing Other Fields

  1. Click All fields to show other fields detected by the wizard on the login screen. Each control is listed by type and name (if known).

    Select the field you want Novell SecureLogin to use in managing the login for the application, then specify the actions for Novell SecureLogin.

    Depending on the application, any or all of the following fields are displayed.

    • Edit box

    • Check Box

    • Combo Box

    • Radio Button

    For information on configuring Novell SecureLogin to use these additional fields, refer All Fields.

Specifying Reauthentication Rules

  1. Use the Re-authentication menu to specify if users must reauthenticate with their network credentials or an authentication device.

  2. If you select No. The user is not required to re-authenticate, Novell SecureLogin does not prompt users to reauthenticate before providing credentials to the application.

  3. If you select Yes. Enforce re-authentication before accessing this application, users must specify credentials in order to reauthenticate.

  4. From the Select from the methods detected drop-down list, select the method Novell SecureLogin must use. You can select from:

    • Use same Credentials as Network Login: Use the network login credentials.

    • Default: The method the user used to log in to the application.

    • Password: The network password.

    • Smart Card: After the PIN is verified, Novell SecureLogin checks to see if the smart card belongs to the user or not.

  5. You must also specify the action Novell SecureLogin takes when the users cancels the reauthentication.

    You can define one of the following actions:

    • Click this button: Select a button on the application that Novell SecureLogin clicks when a user cancels the reauthentication dialog box. Select the button by dragging the Choose icon to the button you want and clicking Show me.

    • Type the following keystrokes: Define the commands or keystrokes Novell SecureLogin enters when a user clicks Cancel in the reauthentication dialog box. To record keystrokes:

      1. Click Start.

      2. Specify the keystrokes.

      3. After you have recorded the keystrokes, click Close.

    • Re-direct the user to this website: Specify a URL to go to when a user cancels the prompt for credentials. You can redirect users to the login screen and force them to specify the login credentials again.

Defining the Submit Options

  1. Use the Submit options menu to define how Novell SecureLogin submits the login screen.

  2. If you select The user submits the screen, Novell SecureLogin does nothing and the user must manually submit the login screen.

  3. If you select SecureLogin submits the screen, specify the action Novell SecureLogin takes to submit the login screen.

    You can specify one of the following actions:

    • Click this button: Select a button on the application that Novell SecureLogin clicks when a user submits the screen. Select the button by dragging the Choose icon to the button you want and clicking Show me.

    • Type the following keystrokes: Define the commands or keystrokes Novell SecureLogin enters to submit the login notification screen. To record keystrokes:

      1. Click Start.

      2. Specify the keystrokes.

      3. After you have recorded the keystrokes, click Close.

    • Re-direct the user to this website: Specify a URL to go to when a user submits the login notification screen.

  4. You can also specify the action Novell SecureLogin uses when users cancel a prompt to save their credentials. For this, select Enable action when user cancels to change their password.

    You can specify one of the following actions:

    • Click this button: Select a button on the application that Novell SecureLogin clicks when a user submits the screen.Select the button by dragging the Choose icon to the button you want and clicking Show me.

    • Type the following keystrokes: Define the commands or keystrokes Novell SecureLogin enters to submit the login screen. To record keystrokes:

      1. Click Start.

      2. Specify the keystrokes.

      3. After you have recorded the keystrokes, click Close.

    • Re-direct users to this website: Specify a URL to go to when users cancel the change password prompt.

Defining the Matching Criteria

Novell SecureLogin must uniquely identify each application screen in order to run an application definition. If Novell SecureLogin cannot uniquely identify a particular application screen, you can manually define the matching criteria.

  1. Use the Matching criteria menu to define the matching criteria.

  2. If you select No. Use minimal rules based on your previous selections, Novell SecureLogin uses the rules defined in previous attribute panels to identify and handle the password change.

  3. If you select Yes. Use additional Wizard generated rules, you can add, modify, or remove rules. Your matching criteria must include at least one rule. After you select this option, the following screen appears:

  4. By default, Use Wizard generated rules is selected. The Rules text box lists the controls that are detected by Novell SecureLogin. You can add new rule by dragging the Choose icon to a specific control and clicking Show me to confirm that Novell SecureLogin has identified the correct control.

    To modify a rule for a control:

    1. Select the rule you want to edit, then click Configure more detailed match for this control

    2. Define what Novell SecureLogin must match. You can set the following matching rule:

      • SecureLogin is to match value displayed: If you select this option, Novell SecureLogin only matches those screens that exactly match the displayed text and rules identified.

To verify if your regular expression is correct:

  1. Click Test Match.

    If a regular expression does not match any control on the application screen, Novell SecureLogin prompts you to verify your regular expression and select the correct control.

To delete a rule:

  1. To delete a rule, select the rule, then click Remove.

You have successfully completed creating an application definition for a Web application. The next time you launch the application, Novell SecureLogin provides the credentials for you.