Credentials

Description

Information systems commonly use credentials to control access to information or other resources. The classic combination of a user's name and a secret password is a widely used example of IT credentials.

Web pages requiring basic authentication can be displayed if the proper credentials are added into Elementi / HMP, if the URL is not being redirected to another page. This doesn't apply for frames embedded into the web page.

DSOS players

On the player side, credentials are used when accessing resources from web servers requiring authentication and are configured from Control Center → System → Saved Passwords.

Notes:

• The credentials added onto the players are never shown in clear.
• Starting with firmware 4.2.0, the saved passwords are encrypted using AES-256 cipher before being added in the configuration backup.
• For user credentials for accessing the player, see "User manager tool" page.
• For legacy players, see Network Settings → Credentials tab.

Elementi

Credentials are used when accessing resources from web servers/players and when publishing content. They are managed from Menu → Settings → Network Credentials... dialog.

To add a new set of credentials, follow these steps:

1. Scroll down to the bottom of the list.
2. Double-click on the first column where "Click to add..." is written.
3. Enter the server URI
   • This can be a full URI of the location, although it is more practical to use just the hostname to match multiple pages for the same server.
4. Enter the user and password in the fields next to it.
5. When done, click OK button to save the changes.
6. Reopen your project if needed.

To edit existing credentials, simply double-click on that line to enter edit mode.

To delete existing credentials, click to select that line and press Delete key. Starting with Elementi 2018, it is possible to select multiple rows by holding the Shift key, and delete them by pressing the Delete key.

Notes:

• It is possible to export the list of credentials and import it on another instance of Elementi.
• The passwords are not displayed in clear until the button "Show Passwords" is clicked.
• Starting with Elementi 2020, the credentials entered here are automatically used by the Web Robot for websites requiring forms-based authentication. This requires DSOS KIOSK or DSOS SYSTEMS license on the players side.

Security

The credentials added in Elementi are stored as encrypted hashes inside profile.xml file (found from Application Data \ SpinetiX \ Elementi folder), under the "credentials" section:

<spx:credentials>
  <spx:auth realm="" host="http://172.21.1.85:81/" user="content" passwd="QAAANCoAwE/Cl+sBUYdUu+Ow..."/>
  <spx:auth realm="Content Area" host="http://spx-hmp-XXXXXXXXXXXXX.local.:81" user="content" passwd="bJ9WAQAAANCMnd8BE8AA..."/>
  <spx:auth realm="" host="http://dav.box.com/" user="abc@spinetix.com" passwd="AQAAANCMnd8APEQma+rpGYWmxLmCcZ1Lc..."/>
  <spx:auth realm="SYNO_WebDAV Storage" host="http://synology-nas:5005/projects/MyProject/" user="hmp" 
            passwd="8+DI9HiTIG7rrAMgavfbJ9WwyuERfkecMTTIQAAAAIcygF..."/>
</spx:credentials>

Notes:

• The profile.xml file cannot be copied and used to another machine because the data is encrypted with the UID of the login name of the user account of the machine; even if another user has the same name, the UID will not be the same.
• If you have a group of players all using one password, delete the value of the "host" parameter above (leaving just two double-quotes). This will result in Elementi / HMD attempting to use this password first for every player it publishes to. Players with different passwords will give the standard login dialog.
• If you have multiple groups of players with different passwords per group, you can copy and paste the entire <spx:auth> tag above and replace the hostname in each case.