SB/XA 6.5.7 Focuses on Security – Plan your upgrade today
November 8, 2022
We are excited to announce that System Builder Extensible Architecture (SB/XA) 6.5.7 is now available for download in RBC! With an emphasis on security, SB/XA 6.5.7 contains security enhancements for SBClient SSH connections when Autologin is enabled in addition to:
- Kerberos / SSO Enhancements
- Windows 11 & Windows Server 2022 certification
- Defect fixes and enhancements
Typically, when you log in to the SB/XA system, you first enter your OS-level credentials and then enter your SB/XA user credentials. Now, with Autologin enabled, a user may enter just their OS-level credentials and pass through the SB/XA login. By enabling Autologin you and your users will enjoy all password protections, such as Keyboard Timeout and access to security functions, which you can configure to trigger OS-level re-authentication. You can also configure an SB/XA SSH connection to expire.
Prerequisites
- SB/XA Autologin is enabled: https://my.rocketsoftware.com/RocketCommunity/articles/Tech_Note/How-to-set-up-SB-auto-login-1478607398793
- SBClient and SB/XA Application Server are at version 6.5.7 or later.
- SBClient SSH Communication protocol is used.
SB/XA Application Server Configuration
DMCONT SB.CONTROL
<62, 1> - Use SSH credentials for authentication with autologin (1 / 0)
<62, 2> - Session expiration (hours)
Set DMCONT SB.CONTROL<62, 1> to 1 to use SSH credentials for authentication when Autologin is enabled
Set DMCONT SB.CONTROL<62, 2> to the number of hours before a session expires. The user will be prompted to save their work 5 minutes before the session expires.
Password Protections
When a user creates an SSH connection to the SB/XA Application Server through Autologin, Keyboard Timeout and any other password protections will present a dialog prompting the user to re-authenticate their OS-level credentials.
Session Expiration
The user will be prompted to save their work 5 minutes before the session expires. When the session expires, the user will be prompted to login again.
Note: In the User Security Setup, you can turn off all functionality for a specific user by setting the user’s Autologin flag to 0.
Setting a user’s Autologin flag to 0 will revert password protections to the SB/XA User credentials and turn off the session timeout.
When combined, Autologin, OS-level authentication, and Session Timeout provide a more secure SB/XA authentication process.
Visit RBC today to download SB/XA 6.5.7. It’s free to our SB/XA customers and partners on maintenance. Need to get back on maintenance? Contact you Rocket sales rep or Rocket partner.