When you create a Window in the configuration editor, you have to define the window that must be detected by SSOWatch. You must carry out this operation through the Detection tabbed panel:
To define the window detection, you must do the following:
1. Select the window that must be detected by SSOWatch, using the target button. For details, see 4.1.1 Simple Detection.
2. If necessary, modify the detection parameters for the selected window by filling in the Parameters of the selected window area.
Upon the detection of the window (Step 1), the Detect by Window Class and Detect by Window Title options are selected. These options are usually sufficient to enable the detection of the window by SSOWatch.
If these options are not sufficient, you can use advanced detection parameters, by looking for additional texts in the window (Look for text option), and/or by adding constraints on the detection process (Advanced button). For details on these detection parameters, see 4.1.3 Restrictions.
4.1.1 Simple Detection
Depending on the type of window to detect, the selection area of the Detection tabbed panel is different:
To detect the window of an application, you drag and drop the target button onto the title bar of the window that you want to detect. For details, see 4.1.1.1 Simple Detection of a Window or a Java Applet.
To detect a Java applet, you drag and drop the target button onto the entire login area of the Java login page. For details, see 4.1.1.1 Simple Detection of a
Window or a Java Applet.
To detect a web page, you drag and drop the target button onto the web page that you want to detect. For details, see 4.1.1.2 Simple Detection of a Web Page.
4.1.1.1 Simple Detection of a Window or a Java Applet
To detect a window, SSOWatch first looks for its title (for standard or Java application) or its login area (for Java applet). It can then look for the presence of an additional text in the window.
To automatically configure the necessary basic data, do one of the following:
For standard or Java application windows, drag and drop the target button located in the top right of the Detection tabbed panel onto the title bar of the window that you want to detect. The data from the last targeted window are displayed in the configuration window, as shown in the following figure.
For Java applets, drag and drop the target button located in the top right of the
Detection tabbed panel onto the login/password area of the Java applet that you want to detect. The data from the last targeted window are displayed in the configuration window, as shown in the following figure.
The Detection tab now shows a tree structure for the targeted window, as well as its parent windows, if any. Each window is represented on two lines differentiated by the icon on the left of the line:
ICON DESCRIPTION
Real characteristics of the targeted window (real title and class).
Data used to detect the targeted window (detection method, modified title).
At this point, the detection parameters of the selected window are automatically configured as follows:
Detect by window class.
If the window has a title, Detect by Window Title (not case sensitive).
If you want to modify these configuration parameters, make selections in the bottom half of the property page. If a targeted window has parent windows, you can modify the
configuration for any intermediate window.
The following table lists the four available title detection methods. All these methods are not case sensitive:
METHOD DESCRIPTION
Is equal to The window title must be equal to the given character string.
Starts with The window title must start with the given character string.
Contains The window title must contain the given character string.
Ends with The window title must end with the given character string.
Example
Let us assume that the application authentication window has a title similar to Enter the password for FirstName LastName.
A potential problem appears with this title because FirstName and LastName can differ from one user to another.
In this case, the text must be edited and reduced to Enter the password for, and the window detection method must be set up to use: Start with or Contains.
4.1.1.2 Simple Detection of a Web Page
If you are using different web browsers at the same time (Internet Explorer and Firefox for example), you must create two different windows: one window for the web page displayed in Internet Explorer, and another one for the web page displayed in Firefox.
If the title of the web page is different depending on the language used, you must also create as much as different windows as there are different titles.
To detect a web page, SSOWatch first looks for its URL. It can then look for the presence of an additional text or of a field in the web page.
To automatically configure the necessary basic data, drag and drop the target button located in the top right of the Detection tabbed panel onto the web page that you want to detect. The data from the last targeted window are displayed in the configuration window, as shown in the following figure:
The Detection tab now shows the URL of the web page (Web page area). At this point, you can adjust the detection parameters of the selected web page by defining a variable URL (Variable URL area) or by detecting a field in the web page (Parameter of the web page area) for example. For details, see 4.1.2 Advanced Detection.
The single sign-on is triggered when all the required fields are displayed, even if the web page is not entirely loaded.
4.1.2 Advanced Detection
4.1.2.1 The Enable Variable URL Detection option
Restriction
This option is only available upon the detection of a web page URL.
Description
Some websites are provided by clusters of HTTP servers (for instance Hotmail) or use the URL to keep session data (for instance Yahoo! Mail). This leads to URLs with variable parts.
To configure the detection of a web page that uses a variable URL, select Enable variable URL detection and click the Configure button.
old URL variable schema. If the schema cannot be matched, confirmation is requested before the old URL variable schema is destroyed.
The variable URL configuration window looks like this:
The selected URL is shown in the text field.
To set up the variable parts, select (with the mouse or the keyboard arrows and the SHIFT key) a part of the URL (1). The tool bar is updated and shows only the generic characters that match the selection. In the tool bar, select the wanted generic character (2).
Generic characters are represented as follows:
Replaces any character (one or more). Corresponds to .+ in a regular expression.
Replaces alphanumeric characters (one or more): lower case letters, upper case letters and digits. Corresponds to [a-zA-Z0-9_]+ in a regular expression.
Replaces letters (one or more): lower or upper case. Corresponds to [a-zA- Z_]+ in a regular expression.
Replaces digits (one or more). Corresponds to [0-9]+ in a regular expression. If you select a generic character, you can restore the original text with the Revert action.
A variable URL must never begin with a generic character.
Example
In the previous window, a Hotmail URL is shown. Variable parts are 3 and 13 numbers after "lc" and after "law".
You only need to select 3 and click (in the toolbar), then select 13 and click again on . The field is displayed like this:
4.1.2.2 The Look for text option
There are cases where detection based on a window class and title is not enough to distinguish multiple windows. For example, assuming you need to configure a detection method that distinguishes between two authentication windows that are both standard dialog boxes (class "#32770") and have the same title (for example, Enter password). Such a case requires that you configure an advanced detection method performing a search for a specific text in the window’s fields.
To configure advanced detection, select in the window list the window that must be detected, and select Look for text.
Two search methods exist:
In the whole window: the text is searched in all the window fields.
In Field: allows you to specify a field where the search will be carried out. This field can be configured with the small target button by dragging and dropping it onto the target field. The field content will be automatically pasted in the look for text field.
The search is not case sensitive.
If the selected Windows control field identifier is 0xFFFF, the search is automatically extended to all the window control fields. This identifier is a special one and is used for generic static texts. It can also appear more than once in a window.
4.1.2.3 The Advanced button
You can define a list of constraints to refine the advanced detection parameters, using the
Advanced button. This button allows you to add constraints on windows that are detected by SSOWatch, to enable or disable the single sign-on, as described in the following procedure:
1. In the Detection tabbed panel, click the Advanced button. The following window appears:
2. Click the Add button.
3. Fill in this window with the following guidelines:
a) The fields are already filled in by default with the values of the selected target window.
b) Use the target button only if the target window is not the wanted one. c) If you select only the Signature check box, the SSO will be disabled, as
this parameter changes.
d) If you select several check boxes to define the constraint, the application containing the window to detect must meet all the parameters defined by these check boxes.
4. Click OK.
The constraint is added in the constraint list.
Remember that SSOWatch detects the window if only one of the listed constraints is verified
4.1.3 Restrictions
To authenticate to an application, SSOWatch implements the user’s sign-on for him or her. Therefore, SSOWatch considers that an application is valid as soon as the user himself or herself is able to enter the information requested by the application.
Consequently, SSOWatch only detects windows that are:
Visible.
Not minimized.
"Active" in the MS-Windows sense – that is, they can accept user inputs. It follows that SSOWatch cannot perform SSO for minimized or hidden windows.
4.2 User Interface
In this section, we introduce the tools and elements of the user interface that allow you to configure Windows types.
The tools are:
The target ( ) that allows you to select a Windows control (field or button).
The optional parameter list that allows you to enter SSO data other than user name/password.
The actions to be performed after the fields have been filled.
4.2.1 Target
You can use the following target button to select a window’s control field (text field, button, etc.):
This target can be used in two ways:
By performing a drag and drop onto the target control field: click the button; the mouse cursor changes to a target; drag it to the target control field and release the mouse button.
Once the mouse button has been released, the field is updated with the control field information (and the intermediate windows/control fields if they exist):
The information displayed gives the control field identifier (in hexadecimal), its class and the text found when the control field was detected.
A new target icon allows you to select the desired control field (with drag and drop). This window allows you to see the selected control field’s details and the different levels of nested windows between the control field and the base window. This is useful for example to select control fields with the same name in windows containing multi-frames.
Only the path from the base window to the target is displayed. To see all the other control fields/windows, you must select the Display all window details check box.
You can also receive the control by its position by selecting the Identify the control by its position in the control hierarchy check box.
You must re-select the windows to activate this mode.
4.2.2 Validation Actions
When the fields have been filled by SSOWatch, you must validate the window with the Enter key or by clicking the OK button (for example). In most of the window types you have the following choices: