|
|
|
|
|
The prerequisite only needs to be configured once in the Nexeed Industrial Application System.
The procedure must be performed for each computer and each user.
Prerequisite
Configuring the automatic login in the Nexeed Industrial Application System
Procedure
If the user is logged out, they may need to log in to the identity provider.
In the Nexeed Industrial Application System a default identity provider must be defined so the login mask is skipped and the Windows user is automatically logged in to the identity provider. If the Windows user is not automatically logged in to the identity provider and the selection of a user appears with the identity provider, the single sign-on function must be configured in the browser.
Configuring the automatic login to the identity provider with the Windows user
In order to realize the automatic login, an identity provider is required. The identity provider must be configured in the Nexeed Multitenant Access Control module and must be configured as the default identity provider.
From Nexeed Industrial Application System 2023.02 version onwards, the standard identity provider can be configured in the Nexeed Multitenant Access Control module.
Alternatively, the default identity provider can be passed to the Nexeed Industrial Application System via the query parameter preferred_idp. The query parameter preferred_idp must be appended to the URL.
Example:
https://<server>?<parameter>&preferred_idp="Identity provider"
If a default identity provider is defined but another user is to be logged in, an invalid identity provider can be written to the preferred_idp query parameter. The login mask is then displayed again and another user can be logged in.
Example:
https://<server>?<parameter>&preferred_idp="undefined"
The browser must be configured on the computer used to view the content.
If the Single Sign-On feature is not configured in the browser, the identity provider displays a user selection. The Single-Sign-On functionality must be configured in the browser so that the Nexeed Industrial Application System automatically logs the Windows user on to the identity provider.
Browser |
Description |
|---|---|
Edge |
The windows user will be used automatically. |
Firefox |
Configure Single Sign-On in Firefox: |
Chrome |
Configure Single Sign-On in Chrome: https://chrome.google.com/webstore/detail/windows-accounts/ppnbnpeolgkicgegkbkbjmhlideopiji |
The cookies must be set in the browser that is used to display the content.
A cookie banner is displayed in the Nexeed Industrial Application System. The user must accept the cookies so that the cookie banner is no longer displayed when logging in again.
Accept or reject cookies in the cookie banner
The cookies are saved depending on which selection is made. A new preference query is displayed:
Or:
Set cookie manually in the browser
Alternatively, the do-consent cookie can be set manually in the browser for the Nexeed Industrial Application System.
Example:
do-consent:{“consent”:{“convenience”:true,”analysis”:false,”marketing”:true,”custom”:[]},”timeToLive”:365,”timestamp”:1706715823318,”version”:4}
Element |
Description |
|---|---|
consent.convenience/analysis/marketing/custom |
true = Consent to cookies of this type. false = Reject cookies of this type. |
timeToLive |
Days since 'timestamp' until the cookie preferences are queried again. |
timestamp |
Unix time stamp (seconds since January 1, 1970 UTC) for preference selection time. |
version |
Version of the cookie banner or the storage format of the preferences. |
The automatic logout must be configured with the user used to view the content.
The automatic logout from the Nexeed Industrial Application System is set to 5 minutes of inactivity by default. After the set time, an automatic logout is triggered by the portal.
The command line parameters for the browser must be configured on the computer used to display the content.
The command line parameters for the browser can be stored in the autostart folder of the operating system by using a script.
Run browser in full screen mode or kiosk mode
The full screen mode or the kiosk mode can be realized via the command line parameters of the browser. If the browser is to be run in protected kiosk mode, additional settings must be configured in the browser. More information about the kiosk mode of the browsers can be found in the documentation of the providers.
The browser must be closed before entering the command line parameters, to ensure that the command line parameters work correctly.
|
Chrome |
Edge |
Firefox |
|
|---|---|---|---|---|
Documentation of the provider |
https://developer.chrome.com/ |
https://learn.microsoft.com/en-us/deployedge/microsoft-edge-configure-kiosk-mode |
https://wiki.mozilla.org/Firefox/CommandLineOptions |
|
Profile selection |
--profile-directory="Profile path" The profile path does not match the profile name. In the profile settings, activate the checkbox create desktop shortcut. |
--profile-directory="Profile path" |
-P "Profile name" -profil "Profile path" |
|
Avoid interruption |
|
--no-first-run |
|
|
Full screen mode |
--start-fullscreen |
--start-fullscreen The Startup Boost settings must be disabled in the browser settings. |
-new-window --start-fullscreen |
|
Kiosk mode |
--kiosk |
--kiosk --edge-kiosk-type=fullscreen |
-new-window --kiosk |
|
URL |
Add the URL in quotation marks. |
|||
Example of a desktop shortcut |
start chrome --kiosk "https://portal.bosch-nexeed.com" start chrome --start-fullscreen "https://portal.bosch-nexeed.com" |
start msedge --no-first-run --kiosk --edge-kiosk-type=fullscreen "https://portal.bosch-nexeed.com" start msedge --no-first-run --start-fullscreen --edge-kiosk-type=fullscreen "https://portal.bosch-nexeed.com" |
start firefox -new-window --kiosk "https://portal.bosch-nexeed.com" start firefox -new-window --start-fullscreen "https://portal.bosch-nexeed.com" |
|
Add command line parameter URL
The URL must be added in quotation marks after the command line parameter of the browser.
Copying the URL from the browser is possible from Nexeed Industrial Application System 2023.02 onwards.
Running Nexeed Industrial Application System in full screen mode
In order to run the Nexeed Industrial Application System in full screen mode, the query parameter maximize_content=true must be appended to the browser URL.
https://<host>?<parameter>&maximize_content=true
Set default identity provider
If the default identity provider is handed over with the URL, the query parameter preferred_idp must be appended to the browser URL
Configuring the automatic login in the Nexeed Industrial Application System
Example:
https://<host>?<parameter>&maximize_content=true&preferred_idp="Identity provider"
Parts of the dashboard or modules display error messages
The Nexeed Industrial Application System restarts and is displayed correctly after 5 minutes at the latest.
By default, the single sign-on timeout is set to 10 hours. To avoid this behavior, close and reopen the browser before the single sign-on session expires.
Automatic login does not work in private/incognito sessions in the Edge Browser
Environment authentication is not enabled by default in a private/incognito session.
Environment authentication can be enabled in the registry database.
Element |
Description |
|---|---|
Registry-Hive |
HKEY_LOCAL_MACHINE Or: HKEY_CURRENT_USER |
Registry path |
Software\Policies\Microsoft\Edge |
Description |
AmbientAuthenticationInPrivateModesEnabled |
Type |
REG_DWORD |
Value |
0 = Enables environment authentication in regular sessions 1 = Enables environment authentication in regular/private sessions 2 = Enables environment authentication in regular sessions and guest sessions 3 = Enables the Environment authentication in regular/private sessions and guest session |
User Manual | Nexeed AGV Control Center