Tokens are authentication keys used to associate a session with a
user. A token is a string that consist of a token type and an
identifier. If a user inserts a smart card into a client, the
card's type and identifier are used as the token (for example
mondex.9998007668077709
). If the user is not
using a smart card, the token type pseudo
and
the client's identifier (MAC address) are supplied as the token
(for example pseudo.080020861234
).
You can register smart card tokens and pseudo-tokens in the Sun Ray data store to assign them to specific users (also known as token owners). You can store the owner's name as well as any other information that helps you to manage tokens in your organization. You can also register alias tokens to enable users to access the same session with multiple tokens. For example, if a user loses a smart card, you can register a new smart card as a replacement. This will be an alias token.
If kiosk mode is configured, you can also specify, for each token, whether the user should be directed to a regular (non-kiosk) session or a kiosk session when the token is inserted. This enables you to override the group-wide kiosk mode setting specified on the System Policy page.
See Chapter 7, Sessions and Tokens for more information.
Filter the list of tokens displayed by using the Search field. You can filter the list from the following groupings: registered tokens or currently used tokens.
Display details about the tokens.
Pre-register smart card tokens and pseudo-tokens.
Delete one or more tokens.
Enable or disable session access for a specific token.
Assign a regular (non-kiosk) session or kiosk session to a token.
Edit a token, including registering it, by clicking on the token identifier. See Section B.4.1, “Token Properties” for details.
The search field enables you to filter what tokens are displayed
in the Tokens table. The drop-down menu enables you to filter the
tokens by registered tokens or currently used tokens. By default,
a wildcard (*) is in the search field to display all the tokens
for the specific filter. You can also specify a token ID or
partial ID in the field to further filter the list of tokens that
are displayed. After you specify a new search string, you can
always click Reset Search Criteria
to reset the
search back to the default.
If nothing is selected in the table, the New button is available. You can use the New button to preregister a token, which enables you to specify the identifier for a token and its owner. You can also specify the session type used for the token, which overrides the current policy settings.
If you select one or more existing tokens in the table (either individually or with the Select All button), you can use the Delete button to delete them.
If you have the system policy set to accept access from only registered tokens, you can then enable or disable session access at the token level. For example, if you disable a token, the smart card or client associated with that token will not be able to access a session.
If you select one or more existing tokens in the table (either individually or with the Select All button), you can use the Session Type Actions menu to specify the session type used for the token, which overrides the current policy settings. This is a good way to change the session type for a group of tokens.
The Token table content changes based on which filter is selected, either Registered Tokens or Currently Used Tokens. The buttons are available only when the Registered Token filter is used.
Token - The token ID.
Examples include mondex.9998007668077709
for a smart card token or
pseudo.080020861234
for a pseudo token.
Click the token ID for more details on the token. See
Section B.4.1, “Token Properties” for details.
Status - Enabled or Disabled. If you have the system policy set to accept access from only registered tokens, you can then enable or disable access at the token level.
Session Type - The session type defined for the token, which overrides the system policy.
Default - Use the default system policy.
Regular - Use the regular (non-kiosk) mode session, which is the Sun Ray server's operating system.
Kiosk - Use the configured kiosk session type, which is listed in the Kiosk tab.
Owner - The owner registered to the token (user defined).
Other Information - Additional information provided for the token (user defined).
Server - The Sun Ray server to which the token is currently assigned.
Desktop Unit - The client to which the token is currently assigned.
utsession
utuser
This page provides details on a token and enables you to edit its properties.
Display more details about a token.
Edit details about a token, including owner, other information, and session type. Adding an owner registers the token.
Add alias tokens.
The Edit button enables you to edit the owner, other information, status, and session type for the token.
Owner - The owner registered to the token (user defined).
Other Information - General information about the token (user defined).
Status - Enabled or disabled. If you have the system policy set to accept access from only registered tokens, you can then enable or disable access at the token level.
Sessions - Specifies the number of running sessions associated with the token. If there are one or more sessions, you can click View Session Details to view the list of sessions.
Session Type - Specifies the session type assigned to the token.
Alias Tokens - Enables you to create alias tokens for the current token.
utsession
utuser