Secure Mobile Access 100 10.2 User Guide

Using Virtual Office Authentication > Managing Bookmarks > Using Bookmarks > Per-Bookmark Single Sign-On Options
Table of Contents

Per-Bookmark Single Sign-On Options

Secure Mobile Access supports per-bookmark single sign-on for the following bookmark services:

  • Terminal Services (RDP)
  • Web (HTTP)
  • Secure Web (HTTPS)
  • File Shares (CIFS)
  • File Transfer Protocol (FTP)

Per-Bookmark SSO allows users to enable or disable SSO for individual bookmarks. This flexibility in specifying login credentials is useful in the following cases:

  • Users who use multiple accounts to access a variety of resources.
  • Users who use two-factor authentication to log in to the Secure Mobile Access Virtual Office, but use a static password to access other resources.
  • Users who need to access servers that require a domain prefix.

To configure per-bookmark SSO

  1. Before enabling SSO on an individual bookmark, you must first enable SSO globally as described in Global Bookmark Single Sign-On Options.
  2. On the Virtual Office page, click +.
  3. Select one of the service types that supports per-bookmark SSO: Terminal Services (RDP), Secure Web (HTTPS), File Shares (CIFS), or File Transfer Protocol (FTP).
  4. To disable SSO for the bookmark, clear the Automatically log in check box.

  5. To use SSO for the bookmark, select the Automatically log in check box and then select one of the following radio buttons:

    • Use SSL-VPN account credentials – allow login to the bookmark using the local user credentials configured on the SMA appliance.
    • Use custom credentials – allow login to the bookmark using the credentials you enter here; when selected, this option displays Username, Password, and Domain fields. Enter the custom credentials into the Username, Password, and Domain fields that are displayed.

    You can enter the custom credentials as text or use dynamic variables such as those shown in SSO Credentials: Dynamic Variables:

    SSO Credentials: Dynamic Variables
    Text Usage Variable Example Usage
    Login Name %USERNAME% US\%USERNAME%
    Domain Name %USERDOMAIN% %USERDOMAIN\%USERNAME%
    Group Name %USERGROUP% %USERGROUP%\%USERNAME%

  6. For Web (HTTP) and Secure Web (HTTPS) bookmarks, select the Forms-based Authentication check box to use this method for SSO, and then fill in the following fields that are exposed:

    • Configure the User Form Field to be the same as the ‘name’ or ‘id’ attribute of the HTML element representing User Name in the Login form, for example:

      <input type=text name=’userid’>

    • Configure the Password Form field to be the same as the ‘name’ or ‘id’ attribute of the HTML element representing Password in the Login form, for example:

      <input type=password name=’PASSWORD’ id=’PASSWORD’ maxlength=128>

  7. Enter the Username and password for the service.
  8. Click ACCEPT.