Preventing user interaction during PAM Transparent Login.
Article ID: 186276
Updated On:
Products
CA Privileged Access Manager (PAM)
Issue/Introduction
During the execution of a PAM Transparent Login script including <MouseClick> statements, it may occur that the voluntary or involuntary user interaction with the mouse and/or keyboard causes the input focus to be moved out of the proper entry field making the credential injection unsuccessful. It may even occur that the password can be viewed if the focus is placed on a visible entry field causing a security breach.
Is there any way to avoid this situation? Can user mouse and keyboard interaction be blocked during the credentials injection in a PAM Transparent Login operation?
Is there any way to avoid this situation? Can user mouse and keyboard interaction be blocked during the credentials injection in a PAM Transparent Login operation?
Resolution
Use the 'Freeze Input' feature in the Transparent Login scripting.
Allows insertion of a tag that disables user input (keyboard and mouse events) while a Transparent Login script is running. Freeze Input can prevent re-injection of the user password when using multiple browser tabs. This example freezes user input for 10 seconds. Note: Place this statement at the beginning of your script.
Example:
<inputfreeze action="enable"/>
<sleep time="10000"/>
<inputfreeze action="disable"/>
Allows insertion of a tag that disables user input (keyboard and mouse events) while a Transparent Login script is running. Freeze Input can prevent re-injection of the user password when using multiple browser tabs. This example freezes user input for 10 seconds. Note: Place this statement at the beginning of your script.
Example:
<inputfreeze action="enable"/>
<sleep time="10000"/>
<inputfreeze action="disable"/>
Additional Information
See also:
Configure Windows Transparent Login
Feedback
Yes
No
Powered by
