Jörg, They are indeed authenticated unix sessions. If i understand correctly the second token should show an authentication screen instead of status 11?
Sammy Joerg Barfurth wrote: > Sammy Atmadja schrieb: >> Hi, >> >> We've recently upgraded from SRSS 4.0 to 4.1 and the behavior regarding >> sessions stealing seems to have changed. In the old setup it was >> possible to have users with multiple tokens registered. When the user >> forgot to remove the smartcard (for ex. in the office) he/she could take >> over the session from another sunray (at home) by inserting a second >> token. In version 4.1 this results in a status code 11 on the second >> sunray. The logs show "Attempted session steal for token". It also shows >> "stealProtected=true" which suggests that this behavior is >> configurable. Is it possible to change this setting to get the old >> behavior back? >> > > Are these authenticated unix sessions or are you using Kiosk Mode? With > an authenticated Unix session you should be prompted to authenticate > first and then get back to your session. For Kiosk (or a few more exotic > scenarios) you see expected behavior. > > Does using the -D option to utpolicy (or equivalently checking the > "direct session access" box on the Advanced/Policy web admin page) fix > the problem for you? > > - Jörg > _______________________________________________ > SunRay-Users mailing list > [email protected] > http://www.filibeto.org/mailman/listinfo/sunray-users This is a message from the E-MAIL server of Transtrend B.V. The information contained in this communication is confidential and intended solely for the use of the individual or entity to whom it is addressed. You should not copy, disclose, or distribute this communication without the authority of Transtrend B.V. Transtrend B.V. is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt. Transtrend B.V. does not guarantee that the integrity of this communication has been maintained nor that the communication is free of viruses, interceptions or interference. If you are not the intended recipient of this communication please return the communication to the sender and delete and destroy all copies. De informatie verzonden in dit e-mailbericht is vertrouwelijk en uitsluitend bestemd voor de geadresseerde. Openbaarmaking, vermenigvuldiging, verspreiding en/of verstrekking van deze informatie aan derden is, behoudens voorafgaande schriftelijke toestemming van Transtrend B.V. niet toegestaan. Transtrend B.V. staat niet in voor de juiste en volledige overbrenging van de inhoud van een verzonden e-mailbericht, noch voor tijdige ontvangst daarvan. Transtrend B.V. kan niet garanderen dat een verzonden e-mailbericht vrij is van virussen, noch dat e-mailberichten worden overgebracht zonder inbreuk of tussenkomst van onbevoegde derden. Indien bovenstaand e-mailbericht niet aan u is gericht, verzoeken wij u. vriendelijk doch dringend het e-mailbericht te retourneren aan de afzender en het origineel en eventuele kopieen te verwijderen en te vernietigen. _______________________________________________ SunRay-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sunray-users
