Environment
Situation
Question
Is it possible to configure SecureLogin v6.0.x to reverify access to sensitive applications using a smart card and PIN?
Resolution
Answer
Customers with strong authentication requirements can configure SecureLogin SSO to work with Novell Modular Authentication Services (NMAS) or Microsoft Active Directory to require password or smart card+PIN reverification.
With SecureLogin SSO installed by default, a user simply runs an application and SecureLogin seamlessly retrieves the user's application credentials (e.g. username, password, database name) and authenticates in the background. The user is not prompted to enter a password at all.
Some customers wish to configure SecureLogin to prompt the user for strong authentication to (selected) applications. In this scenario, when a user launches an application, they are prompted for their primary network logon (e.g. NDS/AD password or smartcard+PIN) before SecureLogin will retrieve and enter credentials on the user's behalf.
Application re-verification is achieved using the AAVerify command.
- Contact support@actividentity.com for the nmasncp.dll and the document that describes the file and how to install and use it SecureLogin SSO 6.1 New reauthentication via AAVerify.pdf
- Install SecureLogin with smart card support enabled.
- Copy nmasncp.dll into the SecureLogin program files directory.
- Configure the workstation as per the documentation.