Modern Authentication Methods for PowerBuilder

Modernize Authentication Methods
and Strengthen Security

Integrate with Active Directory - Implement Single Sign-On (SSO)
Token Based and Multi-Factor Authentication
Monitor Application usage in Real-Time
Implement traceability and auditing features

Get a free trial


Why Use Visual Guard


PowerBuilder with Active Directory
Integrate with Active Directory

Reuse Windows accounts stored in Active Directory
to log users in your PowerBuilder Application
 

Single Sign-On (SSO) and PowerBuilder Applications
Implement Single Sign-On

Launch a PowerBuilder app without providing credentials:
The current Windows account is recognized and user permissions are automatically applied.

Token Based Authentication
Support OAuth 2

Integrate your PowerBuilder Apps with an OAuth Authentication System. Comply with corporate standards. Unify authentication methods.

Delegate Daily Security management to business users
Multi-factor Authentication

Increase security for sensitive operations: authenticate users with their login, password, and mobile device.
 

Token Based Authentication
Secure your Web API

Plug & Play solution to secure your web API, authenticate users and grant them server-side authorizations. Supports PowerServer 2021 Rest APIs or others. No technical or security skill required

Enhance your
Applications Security

Instantly add new Security features to your applications
 

  • Why spend months or years of complex developments, when you can easily implement a ready-to-use solution, embedding a complete feature set?
  • We keep up with security standards and technologies for you, and assist you down the road for designing, installing and configuring your system.

Centralize the security
of several applications

Replace several security systems, specific to each application, with a single solution

  • Get a global overview of users and access rights across your entire Application portfolio.
  • A Single System securing PowerBuilder, .NET, Java, Angular, PHP, Oracle, SharePoint, etc.

Make your application Compliant

Try Visual Guard Now

Screenshots

Visual Guard Features

User Management

Manage users accessing your applications
User Provisioning
Create, store, administer large volumes (up to millions) of user accounts with the Visual Guard Console.
Manage them in a central system, or a deploy them to multiple sites (ISV or distributed systems).
Create Login/password accounts

Create and manage login/password accounts within Visual Guard.
Grant them rights to access certain data and features inside your applications.

Reuse Windows accounts from an existing Active Directory
Use Windows Accounts to authenticate users accessing your application.Grant rights to Windows Accounts or Windows Groups, to access specific application data or features.
Edit Windows accounts
You can authorize user administrators to add/edit/remove Windows Accounts with the Visual Guard Console.
Let users self-register
Allow users to create an account for themselves. Grant them automatically default (limited) access rights. You can choose to require administrator validation before they can access the application.
Manage Groups of Users
Define a hierarchy of groups. Replicate the structure of your organization.Place users in groups. Grant access rights to user groups.
User Authentication

User Authentication

Verify user identities with various authentication methods
Login/password authentication
Users must provide a valid login/password combination before accessing your application.
Windows Authentication
Users must provide valid Windows credentials before accessing your application. Optionally, you can let users enter the application without asking for their credentials (see below "Windows SSO").
Strong / Multi-Factor Authentication (MFA)
Highly secured, yet very simple for end-users: they provide their pin code or fingerprint, through an authorized device (mobile or web browser). It supports the most complex security requirements. Read more
Remote Windows Authentication
Users can log in your application with their Windows credentials, although they connect from a remote location (hotel, airport, public wifi, mobile Internet...).
Multiple Authentication Mode
The same application can accept several types of authentication. For instance Windows Accounts for internal users, login/password for external users, strong authentication for critical operations. Read more
Multiple Active Directories - Identity Federation
Reuse Windows accounts located in several Active Directories, no matter they belong to the same network or not. Security is centralized, although users are spread over multiple sites or companies. Read more
Windows SSO (Single Sign-On)
Windows users can access your application without entering their credentials: Visual Guard automatically captures the current Windows account and applies the access rights granted to this account.
Web SSO (Single Sign-On)
Users can log in once, and navigate across several websites without login again. No matter the websites are hosted in the same network or not. They just need to communicate with your VG server. Read more
Offline mode
Users can log in and access a desktop application although they are offline: Visual Guard works locally to authenticate users and enforce apply their permissions. Supports .NET WPF and Winforms applications.
Custom Password Policy
For login/password accounts, you can customize the rules to define, renew, unlock, and expire a password. For Windows accounts, the current Active Directory password policy will appliesy.
User Access Rights

User Access Rights

Define and grant permissions. Control access to application data and features
Define Access Rights inside the application
Create fine grain permissions, to control access to specific application data and features (menu, buttons, fields...). Group Permissions into Permission Sets and Roles.
Dynamic Actions
Enforce permissions with "dynamic actions": change dynamically objects properties in your application (e.g., disable a menu item, hide a field...). These actions are completely independent of the application's code. They are defined and stored within VG and applied at run-time by Visual Guard. Learn more
Static Actions
Your code retrieves the user permissions via the Visual Guard API and enables the proper application features. E.g., if the user has the permission "Can_Read_Invoice", then enable the button "View_Invoice".
Grant Access Rights to Users
Grant roles or permissions to users via the Visual Guard Console, or by programming via the VG API.
Grant Access Rights to User Groups
You can grant Roles to Groups. When placing users in groups, they automatically get the roles of their groups. Optionally, you can choose to propagate Group roles to sub-groups.
Traceability

Traceability, Monitoring, and Audit

Keep track and review important activities inside your applications
Log important application events
Record important events for traceability reasons: user logon, business operations, administrator operations, system security events...
Monitor applications in Real-time
Follow important activities in real time inside your applications such as: access to confidential data, critical transactions, security changes. Detect suspicious events - e.g., critical operations at unusual times.
Send email notifications for sensitive events
Automatically alert administrators, controllers or managers of important or suspicious activities.
Audit User Operations
Review in details the business operations performed in your applications (who did what, when, from where?). Filter them by application, user, dates, device or event. Pinpoint issues or suspicious events.
Analyze past activities with Historical Graphs
Analyze business trends with Graphs. Detect possible issues - for instance, unusual volumes of transactions.
Analyze application usage with attendance graphs
See how each application is used. Display the time and number of successful or invalid connections.
Audit Administrator Operations
Review administrator activities (create users, grant permissions...). Filter them by application, user, date, device or event. Pinpoint issues or suspicious events.
Generate Security Reports
Generate reports about the access control configuration (users, groups, access rights, etc.).
Security Tools

Security Tools

User-friendly applications, dedicated to personnel managing and controlling security
Administration Console (Desktop)
Ready-to-use, Windows-based application, designed for developers and master admins setting up the environment and managing application security. Learn more
Administration Console (Web)
Ready-to-use web application, dedicated to administrators managing users and granting them access rights, as well as auditors controlling/reviewing application security. Learn more
Deployment Tool
Utility deploying a security database from dev to test, and production environments. Learn more
Visual Guard Server
Production server, exposing authentication, access control, and logging web services, and securing any applications capable of https or SOAP requests (Java, PHP, Delphi, C++, etc.). Read more
Security Framework

Security Framework

Integrate Visual Guard and call its APIs, to manage security by Program
Call the Visual Guard APIs
VG APIs expose hundreds of methods for securing the application in production (authenticating users, enforcing permissions, logging activities) and administering security (managing users, groups, roles...).
Secure multiple Applications
Centralize the security of all your applications. Get a global overview of all users and their access rights across the entire IT system. Comprehensive and uniform Control and Audit across all the applications.
Secure .Net Applications
Add a VG .Net run-time in your applications to secure them. Supports Winform, WPF, ASP.NET, WCF, MVC, as well as SharePoint Applications.
Secure PowerBuilder Applications
Add a VG PowerBuilder run-time in your PowerBuilder Applications to secure them.
Secure Java, PHP, AngularJS and other languages
Call the Web services exposed by the Visual Guard Server to Authenticate users, enforce permissions and log activities. Works with any language capable of calling Web Services.
Customize the Administration Console
Get the full source code of the Web Administration Console, and adapt it for your business needs. Implement your business logic and corporate presentation standards, and call the Visual Guard API to manage and audit security. Our support team will assist you every step of the way.
Support additional types of authentications and identities
Develop a module that will integrate with a 3rd party authentication provider. Our support team will guide you every step of the way.
Add custom security rules
Implement custom security rules for application security. For example, enforce segregation of duties by defining which roles or user group should be mutually exclusive (can't be granted to the same user). Our support team will guide you every step of the way.

Try Visual Guard Now


Try Visual Guard

Visual Guard Dynamic Permissions

See how to define permissions without touching the code of your application.

5 lines of code to implement SSO in your PowerBuilder application

1 - Reference Visual Guard in the application

i.e. add 2 PBL provided by Visual Guard to the application library list.

2 - Create the Security Manager
vge_n_cst_vgmanager uo_vgmanager
uo_vgmanager = CREATE vge_n_cst_vgmanager
3 - Connect to the Access Control repository
uo_vgmanager.of_SetTransObject (…)    
4 - Authenticate the user and load his security
uo_vgmanager.of_verifyuser (…)
The same method applies to both Windows accounts and Username/Password accounts. This will authenticate the user and download his access privileges (if any).
5 - Apply User Access Privileges in the application (optional)
guo_vgmanager.of_setsecurity(…)

You may use this method if you defined restrictions for the user to access data and/or features in the application. One call in the ancestor window is enough to apply access privileges in the entire GUI.

Consulting - Assistance - Support

Novalys can help you put your application security in place. Our team offers the following services.


Functional and technical specifications

Analysis of existing applications, Interviewing users on security management rules, Definition and attribution of permissions and user roles, Definition and repartition of administration privileges, Proposition of global or local organization of application security.

Development

Integration of Visual Guard in your applications, Securing complex objects (Web services, classes…), Development of specific components or adaptation of Visual Guard components to respond to complex functional or technical specifications.

Production

Installation and configuration of VG with ADFS, Installation and configuration of Web SSO with Visual Guard, Creation of a deployment procedure for security in production.

Support

Benefit from a consistent and seamless experience from implementation to production thanks to Visual Guard Professional Support Team.

 

Pre-sales and post-sales can be two very different things... I had a very uniform experience thanks to Anne

New Century Health Director of Systems Development

The support provided by Novalys has been excellent and very quick

Head of Securty of an international insurance company

Feedback from our clients