Sebastian Hesselbarth schrieb:
I just tried to get a session created on a soft client with another soft
client running a different profile (that creates a different token). I
wasn't able to steal the session while running both clients but as soon
as i disconnected the first client the second one took over the session.
I hope that takeover policy between smartcard sessions and soft client
will be different.
AFAIU you are using token aliasing to attempt this, which is also what
you need to take over a smartcard session with the Sun Desktop Access
Client. There is no substantial difference between the
smartcard<->pseudo toekn case and the pseudo<->pseudo token cases here.
You need an authenticated UNIX session (no kiosk!) with RHA enabled (and
pam_sunray_hotdesk in place) in order to take over session with an
aliased token. (NSCM is a different way to achieve a similar thing. but
not supported on Linux.)
See
<http://blogs.sun.com/joergb/entry/hotdesking_sessions_to_and_from#aliasing+hotdesking>
for more detail.
Regards,
- Jörg
_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users
