Auto Logon for Web Apps

One-click Log in to Web Applications
 

You can setup PMP to auto-fill the login page of web applications with appropriate username/password information, to allow users to login to those apps with just a few clicks, instead of manually entering the information. This is achieved by the users installing the PMP bookmarklet in their browsers.

What is a bookmarklet?

Every browser allows users to create bookmarks for URLs. A browser bookmark typically contains a static URL and clicking the bookmark opens the URL. A bookmarklet is similar to a browser bookmark, but additionally it contains a piece of unobtrusive script. Clicking on the bookmarklet not only opens the URL, but executes the script which can be used to perform a few tasks on the opened URL. A bookmarklet is a secure mechanism to bring dynamism to browser bookmarks.

How does PMP use bookmarklet for auto logon?

As a requisite step, the PMP user must install the PMP bookmarklet in his/her browser's bookmarks bar. To use auto logon, the user clicks the right resource-name/account-name pair and then the PMP bookmarklet in the bookmarks bar. This bookmarklet first opens the URL of the web app and then executes a script that accesses the PMP web server, retrieves the username/password for the requested web app, populates the fields in the login page of the web app and finally submits the page for authentication. The script works only when the user is logged into PMP and is on the right login page of the application.

How to use the PMP bookmarklet for auto login?

One-time setup

 

bookmarklet

One-click Auto Login

 

Security Tip

When using public or shared computer to access PMP and subsequently bookmarklet based auto logon, make sure to remove the PMP bookmarklet from the bookmarks bar after you are done using PMP. Though the bookmarklet does not work when there is no valid PMP session in the browser, the script may be used to obtain information about PMP server's DNS name etc., which can be avoided. The bookmarklet can be installed/removed easily as required.

High Availability Scenario

If you have configured High Availability, in the event of failover, when you connect to the PMP secondary server, the bookmarlet installed for the Primary server will not work for the secondary. You need to install bookmarklet for secondary separately.

 


©2012, ZOHO Corp. All Rights Reserved.