Secure Global Desktop 4.31 Administration Guide
> Users and authentication
> The authentication token login authoritySecure Global Desktop 4.31 Administration Guide
> Users and authentication
> The authentication token login authority
The authentication token login authority allows users to log in to Secure Global Desktop if the Sun Secure Global Desktop Client submits a valid authentication token.
This login authority is disabled by default.
To use this login authority:
See Using the authentication token login authority for automatic logins for details of how to configure this login authority.
Note The authentication token login authority can only be used with the Secure Global Desktop Client. The Native Client and Java technology clients do not support this login authority.
When the Secure Global Desktop Client starts, it submits the authentication token to Secure Global Desktop. The user does not enter a username or password.
The Secure Global Desktop server stores the authentication token against the identity of the user when they generated their authentication token. This means the identity and login profile used are those of the login authority that originally authenticated the user, for example:
| Original authentication | Identity | Login Profile |
|---|---|---|
| UNIX user | .../_user/indigo | .../_ens/o=Tarantella System Objects/cn=UNIX User Profile |
| ENS | .../_ens/o=Indigo Insurance/cn=Indigo Jones | .../_ens/o=Indigo Insurance/cn=Indigo Jones |
| LDAP | .../_service/sco/tta/ldapcache/dc=com/dc=Indigo Insurance/cn=Indigo Jones | .../_ens/o=Tarantella System Objects/cn=LDAP Profile |
| Third party | .../_service/sco/tta/thirdparty/indigo | .../_ens/o=Tarantella System Objects/cn=Third Party Profile |
Emulator sessions and password cache entries belong to the identity of the original authentication.
Copyright © 1997-2007 Sun Microsystems, Inc. All rights reserved.