Credentials
From SpinetiX Support Wiki
Contents
Description
Information systems commonly use credentials to control access to information or other resources. The classic combination of a user's name and a secret password is a widely used example of IT credentials.
Web pages requiring basic authentication can be displayed if the proper credentials are added into Elementi / HMP, if the URL is not being redirected to another page. This doesn't apply for frames embedded into the web page.
HMP
On the HMP side, credentials are used when accessing resources from web servers requiring authentication - they are configured from:
- HMP Control Center > System > Saved Passwords for HMP300, HMP350, HMP400, and HMP400W devices;
- HMP Control Center > Network Settings > Credentials tab for HMP200, HMP130, and HMP100 devices.
- The credentials added onto the players are never shown in clear.
- Starting with firmware 4.2.0, the saved passwords are encrypted using AES-256 cipher before being added in the configuration backup.
- For user credentials for accessing the player, see "User manager tool" page.
Elementi
Credentials are used when accessing resources from web servers/players and when publishing content. They are managed from Menu > Settings > Network Credentials... dialog.
To add a new set of credentials, follow these steps:
- Scroll down to the bottom of the list.
- Double-click on the first column where "Click to add..." is written.
- Enter the server URI
- This can be a full URI of the location, although it is more practical to use just the hostname to match multiple pages for the same server.
- Enter the user and password in the fields next to it.
- When done, click OK button to save the changes.
- Reopen your project if needed.
To edit existing credentials, simply double-click on that line to enter edit mode.
To delete existing credentials, click to select that line and press Delete key. Starting with Elementi 2018, it is possible to select multiple rows by holding the Shift key, and delete them by pressing the Delete key.
- It is possible to export the list of credentials and import it on another instance of Elementi.
- The passwords are not displayed in clear until the button "Show Passwords" is clicked.
- Starting with Elementi 2020, the credentials entered here are automatically used by the Web Robot for websites requiring forms-based authentication. Applies only to DSOS Kiosk and DSOS Systems projects.
Security
The credentials added in Elementi are stored as encrypted hashes inside profile.xml file (found from Application Data \ SpinetiX \ Elementi folder), under the "credentials" section:
<spx:credentials>
<spx:auth realm="" host="http://172.21.1.85:81/" user="content" passwd="QAAANCoAwE/Cl+sBUYdUu+Ow..."/>
<spx:auth realm="Content Area" host="http://spx-hmp-XXXXXXXXXXXXX.local.:81" user="content" passwd="bJ9WAQAAANCMnd8BE8AA..."/>
<spx:auth realm="" host="http://dav.box.com/" user="abc@spinetix.com" passwd="AQAAANCMnd8APEQma+rpGYWmxLmCcZ1Lc..."/>
<spx:auth realm="SYNO_WebDAV Storage" host="http://synology-nas:5005/projects/MyProject/" user="hmp"
passwd="8+DI9HiTIG7rrAMgavfbJ9WwyuERfkecMTTIQAAAAIcygF..."/>
</spx:credentials>
- The profile.xml file cannot be copied and used to another machine because the data is encrypted with the UID of the login name of the user account of the machine; even if another user has the same name, the UID will not be the same.
- If you have a group of HMPs all using one password, delete the value of the "host" parameter above (leaving just two double-quotes). This will result in Elementi / HMD attempting to use this password first for every player it publishes to. Players with different passwords will give the standard login dialog.
- If you have multiple groups of HMPs with different passwords per group, you can copy and paste the entire
<spx:auth>
tag above and replace the hostname in each case.