Client authentication in AcuToWeb is provided by AcuConnect when AcuConnect starts a runtime and the runtime display content
is sent to the client browser. AcuToWeb passes client identification to AcuConnect, which uses its server access file or the
SECURITY_METHOD configuration setting to authenticate.
You can implement security and authentication checking in AcuToWeb using the following methods:
- Add the following line to your
gateway.toml configuration file:
AUTHORIZED_ACCESS 1. When this is setting is in effect, an additional HTML page appears on the client when an AcuToWeb session starts, allowing
a user name and password to be entered. This user name and password is validated against the AcuConnect server access file
or using the AcuConnect SECURITY_METHOD setting.
- If this option is not enabled, but the AcuToWeb Desktop is installed and running on the client, then the client user name
and password (that is, the values used to sign in to the machine with) is sent to the server and validated by the AcuConnect
server access file or using the AcuConnect SECURITY_METHOD setting.
- If none of the previous options are used, then the AcuToWeb Gateway will send a client user name of 'acutoweb' to the server
to be validated by the AcuConnect Access file or AcuConnect SECURITY_METHOD setting. In such cases, you need to add the client
user name
acutoweb to the AcuAccess file and map that to a local username to support allowing anyone launching a particular program.