Single Logon access to AE with any user and no password

Document ID : KB000087624
Last Modified Date : 14/04/2018
Show Technical Document Details
Issue:
Error Message :
N/A

From the Java UserInterface (UI), if single logon is enabled as the authorization method for the Automation Engine, there is a possibility to bypass the security mechanism.

This allows a user that is not the same as the operating system user to logon without the need to enter the password.

 
Cause:
Cause type:
Defect
Root Cause: After starting the UI with -S (single logon), access to any client/user was possible without password.
Resolution:
This field was added on 30/03/2017. This article has not been updated yet. Refer to the "Description" or "Workaround" sections for solution information.

Fix Status: Released

Fix Version(s):
Component: UserInterface Java

Automation Engine 12.0.0 – Available
Automation Engine 11.2.3 – Available
Automation Engine 11.1.5 - Available
Additional Information:
Workaround :
Turn off Single Logon.