Texada SRM Technical Reference Manual
Texada SRM Technical Reference Manual

Double Layer Security List

System Maintenance Menu -> Configure System Settings -> Security Tab -> General Settings -> Double Layer Security List

This security feature applies only to Web App or Open Client access by identifying machines and devices that are new to the software when they first attempt to sign-in to the Texada SRM application through a browser, and by requiring a secure password to then be entered to validate access as outlined in Open Client New Device.
 Once validated a "safe" identifier is logged and all Operators can login normally from that machine or device.
 This feature does not apply to MFC (Microsoft Foundation Class) Clients.
 

Note: When the external 'Authentication' feature is enabled in the Texada Support Parameters this "Session Identifier" processing is disabled and the operator is redirected the to the User Management Menu on Texada Web.

The list of "safe machines" is maintained by the software in this Double Layer Security List table to identify machines that have permission to access the application from a Web App or Open Client.
 An operator must be assigned a Security Role that allows permission to the Security - Double Layer Security List in order to access this table.

Process Flow:

If a user attempts to sign-in to Texada SRM using a Web App or Open Client on a machine or device that is not registered on the safe list, an Open Client New Device warning is displayed to alert the user that a "Temporary Password" is being sent to the operator's address as defined in Operators.

A maximum of two email addresses can be setup for each Operator to receive the message delivering the "Temporary Password Code". An address can be either a regular email address or a cell phone address that can receive a text.
 The "Temporary Password Code" only remains valid for 15 minutes and allows three attempts to enter it correctly before a new "Temporary Password Code" must be requested.
 When the user receives and enters the temporary password, this identifies and validates the machine, and the user is able to sign-in to the application with his standard Operator code and password.

The machine identifier is then automatically added to this Double Layer Security List table to enable future OC sign-ins for any operator from this machine.
 The operator can set a "remember" flag when he first logs in with authentication, so that the safe identifier does not expire for this machine or device.

A machine identifier record that is not flagged to never expire, will be deleted from the safe list by the Background Tasks after 30 days if there has been no use based on the Last Accessed date in the table, but can be re-validated through the same "Temporary Password" process.

Email to Text:
 To send email to any cell phone, the format for most providers is just the 'phone number @ the gateway provider'.
 e.g. 5195551212@pcs.bell.com
 Refer to http://en.wikipedia.org/wiki/List_of_SMS_Gateways or Contact your cell phone provider for further setup details if required.

The fields in this secure device list include:

SESSION IDENTIFIER

This value represents the tag assigned to the computer, machine, or device that has signed into the Texada SRM software application successfully.
 It is displayed on the "landing screen" below the LOGIN button.

In most browsers, this tag is also displayed on the black bar beside the operator and division name across the bottom of the screens.

LAST ACCESSED

The date that this machine last signed in to the application is displayed and controls the no-activity 30 day expiry period.

Note: If there are multiple sessions signed in from the same device, it is only the last one to sign in that is reflected in this table.

REMEMBER SESSION

This flag is set from the Remember this computer field in the Open Client New Device window.

If Remember this computer was not selected then this box is unchecked indicating that if the machine has not signed into the application for 30 days then the safe identifier expires and the operator needs to re-validate it at next sign-in repeating the process outlined in Open Client New Device.

OPR

The operator code from the last operator to sign in from this device is displayed for reference only.

OPERATOR NAME

The name of the last operator to sign in from this device is displayed for reference only.

Expanded Record

Click the EXP/CON button to view the following additional fields:

DIVISION

The division code of the last session to sign from this device is displayed.

TIME LAST ACCESSED

The time that this machine last signed in to the application is displayed.

ACTIONS:
 Additional actions provided by buttons on the Double Layer Security List screen include:

Add a Session Manually:
 In the event that a user cannot receive or send email, and so cannot get the "temporary password", the Session Identifier can be added manually by clicking the ADD button and adding the identifier code manually.
 The session is then automatically flagged to Remember this computer.

Topic Keyword: DLID01 (4389)