- This topic has 1 reply, 2 voices, and was last updated 5 years, 4 months ago by
.
-
Posts
-
To pre-configure a session for saving a user/password, based on instructions (https://www.nomachine.com/DT10O00160#2.1. and https://www.nomachine.com/AR01C00125)
it states that ” While this feature can be very useful in many scenarios, it must be noted that saving the password in the configuration file makes it possible for any user to have access to the physical computer to steal the password and get access to the NX server with the user’s credentials. For this reason the option is turned off by default.”
Where do you enable this option which configuration file?
Hi mattdall,
First of all, let me note one thing: for security reasons, sensitive data is never transmitted from the server-side to the client-side. This means that even if the password is set in the connection file stored on the Web Player host, it will never be used for automatic log-in. To use a pre-configured password is therefore necessary to provide the connection file to the user and save it on his/her computer. It’s the default behavior of NXS for a web session.
“Where do you enable this option which configuration file”
That simply means that nxplayer will not save credentials in an NXS file without clicking the “Save this password in the connection file” link in the authentication panel.
So we can say that this configuration file is NXS file itself. But this is not relevant here, as we are talking about web sessions.
For web sessions, as written above, sensitive data is never transmitted from the server-side to the client-side. It cannot be modified for security reasons, while properly configured NXS file stored on a client-side will trigger automatic log-in procedure for web sessions – it’s a default behavior as well.
Note: Please, also check the “EnableClientCredentialsStoring” from the server configuration file, it seems this key will be useful for you.
This topic was marked as solved, you can't post.