Double Layer Security List
System Maintenance Menu -> Configure
System Settings -> Security Tab -> General
Settings -> Double Layer Security List
This security feature applies only to Web App or Open
Client access by identifying machines and devices that are new to
the software when they first attempt to sign-in to the Texada
SRM application through a browser, and by requiring a secure
password to then be entered to validate access as outlined in
Open Client New Device.
Once validated a "safe" identifier is logged and all Operators can
login normally from that machine or device.
This feature does not apply to MFC (Microsoft Foundation Class)
Clients.
Note: When the external 'Authentication' feature is
enabled in the Texada Support Parameters
this "Session Identifier" processing is disabled and the
operator is redirected the to the User Management Menu on
Texada Web.
The list of "safe machines" is maintained by the software in
this Double Layer Security List table to identify machines
that have permission to access the application from a Web
App or Open Client.
An operator must be assigned a Security
Role that allows permission to the Security - Double Layer
Security List in order to access this table.
- Process Flow:
- If a user attempts to sign-in to Texada SRM using a
Web App or Open Client on a machine or device that is not
registered on the safe list, an Open Client New
Device warning is displayed to alert the user that a "Temporary
Password" is being sent to the operator's address as defined in
Operators.
A maximum of two email addresses can be setup for each Operator to receive the message delivering the
"Temporary Password Code". An address can be either a regular email
address or a cell phone address that can receive a text.
The "Temporary Password Code" only remains valid for 15 minutes and
allows three attempts to enter it correctly before a new "Temporary
Password Code" must be requested.
When the user receives and enters the temporary password, this
identifies and validates the machine, and the user is able to
sign-in to the application with his standard Operator code and
password.
The machine identifier is then automatically added to this
Double Layer Security List table to enable future OC
sign-ins for any operator from this machine.
The operator can set a "remember" flag when he first logs in with
authentication, so that the safe identifier does not expire for
this machine or device.
A machine identifier record that is not flagged to never expire,
will be deleted from the safe list by the Background Tasks after 30
days if there has been no use based on the Last Accessed
date in the table, but can be re-validated through the same
"Temporary Password" process.
Email to Text:
To send email to any cell phone, the format for most providers is
just the 'phone number @ the gateway provider'.
e.g. 5195551212@pcs.bell.com
Refer to http://en.wikipedia.org/wiki/List_of_SMS_Gateways
or Contact your cell phone provider for further setup details if
required.
The fields in this secure device list include:
-
- SESSION IDENTIFIER
- This value represents the tag assigned to the computer,
machine, or device that has signed into the Texada SRM
software application successfully.
It is displayed on the "landing screen" below the
LOGIN button.
In most browsers, this tag is also displayed on the black bar
beside the operator and division name across the bottom of the
screens.
LAST ACCESSED- The date that this machine last signed in to the application is
displayed and controls the no-activity 30 day expiry period.
Note: If there are multiple sessions signed in from the same
device, it is only the last one to sign in that is reflected in
this table.
REMEMBER SESSION- This flag is set from the Remember Me field in the
Open Client New Device window.
If Remember Me was not selected then this box is
unchecked indicating that if the machine has not signed into the
application for 30 days then the safe identifier expires and the
operator needs to re-validate it at next sign-in repeating the
process outlined in Open Client New
Device.
OPR- The operator code from the last operator to sign in from this
device is displayed for reference only.
OPERATOR NAME- The name of the last operator to sign in from this device is
displayed for reference only.
Expanded Record- Click the EXP/CON button to view the following
additional fields:
- DIVISION
- The division code of the last session to sign from this device
is displayed.
TIME LAST ACCESSED- The time that this machine last signed in to the application is
displayed.
ACTIONS:
Additional actions provided by buttons on the
Double Layer Security List screen include:
- Add a Session Manually:
In the event that a user
cannot receive or send email, and so cannot get the "temporary
password", the Session Identifier can be added manually by clicking
the ADD button and adding the identifier code
manually.
The session is then automatically flagged to Remember
Me.
Topic Keyword: DLID01 (4389)
