How do I get to this dialog box?
From X Manager or X Manager for Domains or the X Administrative Console
(Administrative Console only) Click the Domain Definitions tab.
In the left pane, select an existing session definition or click next to Sessions Definitions to create a new one.
In the Session Definition pane on the right, click the Security tab.
The options are:
|Allow remote IP connections||When cleared, only local X clients can connect to Reflection X. Client connectors set up a listening socket only on the local loopback interface. Notes: When you connect to a client using Secure Shell as the connection method (the default), the X11 data is forwarded to Reflection X from a local port. This means that, for Secure Shell clients, you can clear Allow remote IP connections to help ensure access only from clients running on authenticated hosts. A client connector accepts incoming connection requests from X clients and forwards X protocol requests received from the X client to the protocol router. The client connector also receives X protocol replies, events, and errors from the protocol router and forwards these to the appropriate X client.|
|Host-based authorization||When this option is selected, clients that use this session will be able to connect only to the hosts you include in the Authorized Hosts list.|
|Authorized Hosts||This option is visible when Host-based authorization is selected.|
|To create or edit the Authorized Hosts list, type host names in the text box, separating each name by new lines, spaces, commas or semi-colons.|
|User-based authorization||When selected, clients are allowed to run only if they can be verified using MIT-MAGIC-COOKIE-1 authorization.|
|Notes: To edit the xauth command that Reflection X uses to put an MIT cookie in the user's .XAuthority file, go to the client definition pane; under Connection method click Advanced.|
|If both user-based and host-based authorization are enabled, the client connection succeeds if either authorization succeeds; so enabling both reduces your level of security.|
|Authorization timeout (secs)||This option is visible only when User-based authorization is selected. After all clients have stopped, the MIT-MAGIC-COOKIE-1 cookie created for a session remains valid for the specified duration (in seconds). In most cases, there is no reason to change the default. Because Reflection X creates a new cookie for each new client started from Reflection X, this setting has no effect on clients you launch from X Manager. Only clients launched from outside X Manager might use an existing cookie.|