Policy

The Policy tab (under the Advanced tab) enables the definition of high-level access rules either for users with smart cards or for users without smart cards (the latter automatically take advantage of pseudo-tokens, see Tokens help page). For example, you can allow only users with registered smart cards (tokens) to access Sun Ray sessions. Or, you might or might not want to allow users to self-register their tokens.

Some check boxes or radio buttons in the Admin GUI are enabled or disabled, based on your selections, to prevent invalid policies from being specified.

Additional settings that, may be offered, depending on your operating system and Sun Ray Server Software configuration, include:

By default all users must pass an authentication dialog when hotdesking, i.e., upon reconnection to an existing session using any DTU on their network. After successful authentication, the Sun Ray DTU is connected directly to the user's session. This security policy feature, called remote hotdesking authentication (RHA) can be turned off if desired. This allows to bypass the Sun Ray authentication and enables direct session access, but may weaken the system security.


Note – Changes to system policy require a Cold Restart of Sun Ray services.