ULTEO OPEN VIRTUAL DESKTOP OVD WEB APPLICATION GATEWAY



Similar documents
ULTEO OPEN VIRTUAL DESKTOP UBUNTU (PRECISE PANGOLIN) SUPPORT

ULTEO OPEN VIRTUAL DESKTOP V4.0

Ulteo Open Virtual Desktop Installation

How To Understand The Architecture Of An Ulteo Virtual Desktop Server Farm

INUVIKA OVD INSTALLING INUVIKA OVD ON UBUNTU (TRUSTY TAHR)

Installation documentation for Ulteo Open Virtual Desktop

ZCP trunk (build 51762) Z-Admin Manual. The Z-Admin Manual

INUVIKA OVD INSTALLING INUVIKA OVD ON RHEL 6

Deploying RSA ClearTrust with the FirePass controller

Active Directory Requirements and Setup

IBM Endpoint Manager Version 9.1. Patch Management for Red Hat Enterprise Linux User's Guide

QUICK START. GO-Global Cloud 4.1 SETTING UP A LINUX CLOUD SERVER AND HOST INSTALL THE CLOUD SERVER ON LINUX

IBM Endpoint Manager Version 9.2. Patch Management for SUSE Linux Enterprise User's Guide

This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections:

What s New in Propalms VPN 3.5?

Using Microsoft Windows Authentication for Microsoft SQL Server Connections in Data Archive

Eucalyptus User Console Guide

INUVIKA OVD VIRTUAL DESKTOP ENTERPRISE

Configuring. Moodle. Chapter 82

API documentation - 1 -

How To Connect A Gemalto To A Germanto Server To A Joniper Ssl Vpn On A Pb.Net 2.Net (Net 2) On A Gmaalto.Com Web Server

Introduction to Mobile Access Gateway Installation

SOA Software API Gateway Appliance 7.1.x Administration Guide

The data between TC Monitor and remote devices is exchanged using HTTP protocol. Monitored devices operate either as server or client mode.

Administering Jive Mobile Apps

Expresso Quick Install

Kaspersky Security Center Web-Console

OnCommand Performance Manager 1.1

Sophos UTM Web Application Firewall for Microsoft Exchange connectivity

Object Storage and Enterprise Repository Installation manual

How to Configure Captive Portal

Citrix Receiver for Mobile Devices Troubleshooting Guide

Egnyte Single Sign-On (SSO) Installation for OneLogin

SAML 2.0 SSO Deployment with Okta

CYAN SECURE WEB HOWTO. NTLM Authentication

VMware Identity Manager Administration

McAfee Cloud Identity Manager

nitrobit update server

Collax Web Security. Howto. This howto describes the setup of a Web proxy server as Web content filter.

UVOS WEB REGISTRATION EXTENSION MANUAL

Q&A Session for Understanding Atrium SSO Date: Thursday, February 14, 2013, 8:00am Pacific

SSL VPN Server Guide. Access Manager 3.2 SP2. June 2013

Installation Guide. Copyright (c) 2015 The OpenNMS Group, Inc. OpenNMS SNAPSHOT Last updated :19:20 EDT

Policy Guide Access Manager 3.1 SP5 January 2013

McAfee Cloud Identity Manager

Kaspersky Security Center Web-Console

SecureAware on IIS8 on Windows Server 2008/- 12 R2-64bit

Crawl Proxy Installation and Configuration Guide

Salesforce Files Connect Implementation Guide

Copyright Pivotal Software Inc, of 10

DEPLOYMENT GUIDE Version 2.1. Deploying F5 with Microsoft SharePoint 2010

DEPLOYMENT GUIDE CONFIGURING THE BIG-IP LTM SYSTEM WITH FIREPASS CONTROLLERS FOR LOAD BALANCING AND SSL OFFLOAD

Setting up VMware Server v1 for 2X VirtualDesktopServer Manual

MadCap Software. Upgrading Guide. Pulse

A Guide to New Features in Propalms OneGate 4.0

How To Install Storegrid Server On Linux On A Microsoft Ubuntu 7.5 (Amd64) Or Ubuntu (Amd86) (Amd77) (Orchestra) (For Ubuntu) (Permanent) (Powerpoint

Kerio MailServer 6. Administrator s Guide. Kerio Technologies

F-Secure Policy Manager. Administrator's Guide

SAML single sign-on configuration overview

To set up Egnyte so employees can log in using SSO, follow the steps below to configure VMware Horizon and Egnyte to work with each other.

MY HELPDESK - END-USER CONSOLE...

BMC Remedy Integration Guide

DEPLOYMENT GUIDE Version 1.1. Deploying the BIG-IP LTM v10 with Citrix Presentation Server 4.5

Configuring Secure Socket Layer (SSL) for use with BPM 7.5.x

v7.8.1 Release Notes for Websense Web Security

Nevepoint Access Manager 1.2 BETA Documentation

OAuth 2.0 Developers Guide. Ping Identity, Inc th Street, Suite 100, Denver, CO

Introduction to the EIS Guide

Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER

Installing and Configuring vcloud Connector

Xerox DocuShare Security Features. Security White Paper

Installing and configuring TrueConf client application for Linux

Using SAML for Single Sign-On in the SOA Software Platform

Lucid Key Server v2 Installation Documentation.

F-Secure Policy Manager. Administrator's Guide

VMware Identity Manager Connector Installation and Configuration

CDH 5 Quick Start Guide

1. Introduction. 2. Web Application. 3. Components. 4. Common Vulnerabilities. 5. Improving security in Web applications

OneLogin Integration User Guide

Exchange Integration DME 4.4 Microsoft Exchange 2007, 2010, 2013

IBM Cloud Manager with OpenStack

WESTERNACHER OUTLOOK -MANAGER OPERATING MANUAL

avast! for linux technical documentation

How To Set Up A Backupassist For An Raspberry Netbook With A Data Host On A Nsync Server On A Usb 2 (Qnap) On A Netbook (Qnet) On An Usb 2 On A Cdnap (

DEPLOYMENT GUIDE Version 1.1. Deploying F5 with Oracle Fusion Middleware Identity Management 11gR1

OpenLDAP Oracle Enterprise Gateway Integration Guide

Egnyte Single Sign-On (SSO) Installation for Okta

INUVIKA OPEN VIRTUAL DESKTOP FOUNDATION SERVER

Load Balancing. Outlook Web Access. Web Mail Using Equalizer

LoadRunner and Performance Center v11.52 Technical Awareness Webinar Training

ISL Online Integration Manual

Zabbix Manual.

MyanPay API Integration with Magento CMS

App Orchestration 2.5

Weston Public Schools Virtual Desktop Access Instructions

Siteminder Integration Guide

McAfee Cloud Identity Manager

Kerio Connect. Administrator s Guide. Kerio Technologies

Avast for linux technical documentation

Deploying the BIG-IP System v11 with Microsoft SharePoint 2010 and 2013

Transcription:

ULTEO OPEN VIRTUAL DESKTOP V4.0.2 OVD WEB APPLICATION GATEWAY

Contents 1 Introduction 2 2 Overview 3 3 Installation 4 3.1 Red Hat Enterprise Linux 6........................... 4 3.2 SUSE Linux Enterprise Server 11.SP1...................... 4 3.3 Ubuntu Lucid................................... 4 3.4 Ubuntu Precise.................................. 5 3.5 Debian Squeeze.................................. 5 3.6 Debian Wheezy.................................. 5 3.7 OpenSUSE 11.3................................... 6 4 Configuration 7 4.1 Configuration file................................. 7 4.1.1 Configuration Section.......................... 7 4.1.2 Handlers Section............................. 8 4.1.2.1 ServerHandler......................... 8 4.1.2.2 ClientHandler.......................... 8 4.1.2.3 DispatchHandler........................ 9 4.1.2.4 ChainHandler.......................... 10 4.1.2.5 RedirectHandler........................ 10 4.1.3 Filters Section............................... 10 4.1.3.1 StaticRequestFilter....................... 10 4.1.3.2 CookieFilter........................... 11 4.1.3.3 HttpBasicAuthFilter...................... 12 4.1.3.4 NTLMFilter........................... 12 4.2 Configuration Example.............................. 13 ULTEO SAS 2014-1

Section 1 Introduction Ulteo Open Virtual Desktop 4.0 supports the delivery of native Web Applications alongside Windows and Linux. The OVD Web Application Gateway is intended to provide a single sign on (SSO) capability for Web Applications as well as the ability to integrate Web Applications into the OVD infrastructure. This documentation describes how to configure OVD to integrate Web Applications into an OVD user session. ULTEO SAS 2014-2

Section 2 Overview The OVD Web Application Gateway is defined as a new role named ulteo-ovd-slaveserverrole-web. The role can be installed as an additional role on an existing server with the OVD farm or as a dedicated role on a standalone server The OVD Web Application Gateway can be used in two modes: path: The path mode defines the full path for a Web Application such as http://ulteo.demo/webapps domain: The domain mode will use the dns configuration for a domain in order to access the Web Application such as http://webappname.ulteo.demo/ The publication and configuration of a Web Application is performed on the Applications tab on the OVD Administration Console. ULTEO SAS 2014-3

Section 3 Installation The OVD Web Application Gateway can be installed on all the supported distributions 3.1 Red Hat Enterprise Linux 6 Install the keyring package to validate the repository using gpg: # rpm -- import http :// archive. ulteo.com/ovd /4.0/ rhel /6.0/ keyring Edit the file /etc/yum.repos.d/ovd.repo with: [ovd -4.0.2] name = Ulteo OVD 4.0.2 baseurl = http :// archive. ulteo.com/ovd /4.0/ rhel /6.0/ enabled =1 gpgcheck =1 gpgkey = http :// archive. ulteo.com/ovd /4.0/ rhel /6.0/ keyring To install the Premium module ulteo-ovd-slaveserver-role-web that provides the Web Application Gateway execute the following command: # yum install ulteo - ovd - slaveserver - role - web 3.2 SUSE Linux Enterprise Server 11.SP1 Add the Premium repository: # zypper ar http :// archive. ulteo.com/ovd /4.0/ sles /11 _sp1 ovd Install the keyring package to validate the repository using gpg: # rpm -- import http :// archive. ulteo.com/ovd /4.0/ sles /11 _sp1 / keyring Update the package database: # zypper refresh To install the Premium Edition ulteo-ovd-slaveserver-role-web that provides the Web Application Gateway execute the following command: # zypper install ulteo - ovd - slaveserver - role - web 3.3 Ubuntu Lucid Edit the /etc/apt/sources.list.d/ulteo_ovd.list file and add these lines: deb http :// archive. ulteo.com/ovd /4.0/ ubuntu lucid main ULTEO SAS 2014-4

To install the Premium Edition ulteo-ovd-slaveserver-role-web that provides the Web Application Gateway execute the following commands: # apt - get install ulteo - keyring # apt - get install ulteo -ovd - slaveserver -role -web 3.4 Ubuntu Precise Edit the /etc/apt/sources.list.d/ulteo_ovd.list file and add these lines: deb http :// archive. ulteo.com/ovd /4.0/ ubuntu precise main To install the Premium Edition ulteo-ovd-slaveserver-role-web that provides the Web Application Gateway execute the following commands: # apt - get install ulteo - keyring # apt - get install ulteo -ovd - slaveserver -role -web 3.5 Debian Squeeze Edit the /etc/apt/sources.list.d/ulteo_ovd.list file and add these lines: deb http :// archive. ulteo.com/ovd /4.0/ debian squeeze main To install the Premium Edition ulteo-ovd-slaveserver-role-web that provides the Web Application Gateway execute the following commands: # apt - get install ulteo - keyring # apt - get install ulteo -ovd - slaveserver -role -web 3.6 Debian Wheezy Edit the /etc/apt/sources.list.d/ulteo_ovd.list file and add these lines: deb http :// archive. ulteo.com/ovd /4.0/ debian lucid main To install the Premium Edition ulteo-ovd-slaveserver-role-web that provides the Web Application Gateway execute the following commands: # apt - get install ulteo - keyring # apt - get install ulteo -ovd - slaveserver -role -web ULTEO SAS 2014-5

3.7 OpenSUSE 11.3 Add the Premium repository: # zypper ar http :// archive. ulteo.com/ovd /4.0/ opensuse /11.3 ovd # zypper refresh Install the keyring package to validate the repository using gpg: # rpm -- import http :// archive. ulteo.com/ovd /4.0/ opensuse /11.3/ keyring Update the package database: # zypper refresh To install the Premium Edition ulteo-ovd-slaveserver-role-web that provides the OVD Web Application Gateway execute the following command: # zypper install ulteo - ovd - slaveserver - role - web ULTEO SAS 2014-6

Section 4 Configuration 4.1 Configuration file In order to integrate a Web Application, a JSON configuration file is required. More details on the JSON format can be found in Wikipedia: http://en.wikipedia.org/wiki/ JSON. One JSON file is required for each Web Application. Once created, the JSON config file can be uploaded using the OVD Admin Console. The configuration of the JSON file is described below. Configuration parameters described in this section can be assigned the value of a setting that is defined in the Admin Console. This is done by using variables to contain those values. They can be used in handlers and filters on any nesting level. 4.1.1 Configuration Section Parameters described in this section are variables which are configurable in OVD Administration Console. They can be used in handlers and filters on any nesting level. The syntax for using a variable is of the form $(VARNAME). There are five types of variable: url text input field in Admin console (checked if it s valid) string text input field in Admin Console boolean checkbox input field in Admin Console user_login login of current logged in user user_passwd password of current logged in user In the configuration section, you define variables which will be used in the handlers section. You have to set minimum, the type and the value. The variables will be shown on a form in the appropriate Web Application in the OVD Administration Console " Configuration ": { " TARGETURL ": { " type ": " url ", " title ": " Server URL", " value ": " https :// demo. zarafa.com/webapp ", " USER_LOGIN ": { " type ": " string ", " value ": " demo12 ", " USER_PASSWD ": { " type ": " string ", ULTEO SAS 2014-7

" value ": " demo12 " Any other type used in the JSON file will be displayed in Administration Console as a read-only text input field. The optional parameter title is used in the Administration Console as the label for the input field. 4.1.2 Handlers Section This section defines the handlers and the order in which the handlers should be used to handle traffic between a user s browser and a Web Application. Each handler should have a unique name (key). The parameter type is required and defines the type of handler. Optional parameter filters describes filters that should be processed during request handling. 4.1.2.1 ServerHandler ServerHandler - manages the basic configuration for the target Web Application Parameters: baseuri (required) address of the Web Application next_handler (required) name of the next handler " Server ": { " type ": " ServerHandler ", " baseuri ": " http :// $( TARGETIP )", " next_handler ": " Dispatch " 4.1.2.2 ClientHandler ClientHandler opens a connection to the target Web Application, downloads the requested date and returns it to the user s browser. ULTEO SAS 2014-8

" Client ":{ " type ": " ClientHandler " 4.1.2.3 DispatchHandler DispatchHandler chains the query to others handlers, based on the defined rules. Parameters bindings (required) consists of a list of conditions and a next_handler which is the handler to execute if no condition is fulfilled. A Condition Parameter consists of a condition and a next_handler which is the handler to execute if the condition is fulfilled. cond (required) any valid python expression. next_handler (required) - name of the handler to be executed if the condition is fulfilled Variables available in a cond expression: request_path (string) path of requested resource request_headers (list) list of request headers " Dispatch ":{ " type ": " DispatchHandler ", " bindings ":{ " condition1 ":{ " cond ": " request_path. startswith ( / manage )", " next_ handler ": " Unauthorized ", " condition2 ":{ " cond ": " login_ form in request_ path ", " next_ handler ": " LoginForm ", " next_handler ": " Client " ULTEO SAS 2014-9

4.1.2.4 ChainHandler The ChainHandler is a connector between two handlers. It is used mainly to add filters between two handlers. " Chain ":{ " type ": " ChainHandler ", " next_handler ": " Client " 4.1.2.5 RedirectHandler The RedirectHandler redirects the browser to a given location. Parameter location (required) can define the URL or path to which the browser should be redirected. " Unauthorized ":{ " type ": " RedirectHandler ", " location ": "/ site /401" 4.1.3 Filters Section Each handler can define a list of filters. Filters handle several authentication by adding or modifying data in request and response. Filters are defined as an array of object 4.1.3.1 StaticRequestFilter StaticRequestFilter makes an internal http query. In most cases, it s used to submit login form and acquired cookies created after submit. Parameters: path (required) - (string) - path to login form. form (required) - (string) - input fields which are part of the form ULTEO SAS 2014-10

autologin (required) - (boolean) - defines if the form is automatically submitted or not (true or false) regexp (optional) - (string) - regular expression used to match redirects content_regexp (optional) - (string) - regular expression used to match response content On first request, OVD Web Application Gateway will open page configured in path parameter. In content of this page will find all input fields listed in form parameter and insert values. After this it will submit form that contains listed input fields. If server response has 302 code and Location header matches regexp attribute or server response has 200 code and response content matches content_regexp attribute then OVD Web Application Gateway will relogin (submit again data) to the Web Application. { " type ": " StaticRequestFilter ", " path ": "/ site / login_form ", " autologin ": false, " form ":{ " ac_login ": "$( USER_LOGIN )", " ac_password ": "$( USER_PASSWD )" 4.1.3.2 CookieFilter CookieFilter is able to inject cookies in the stream, read them back and update. This filter will retrieve the cookie from the server and store it user s session to reinject it at the next requests. Parameters: managed (optional) - (array) - array of cookie names that should be managed by OVD Web Application Gateway. Those cookies will not be visible in user s browser. suppressed (optional) - (array) - array of cookie names that should be removed by OVD Web Application Gateway. If the user s browser does send such a cookie it will be dropped and the Web Application will not receive it. If Web Application does set such a cookie is will be dropped, and the user s browser will not receive it replayed (optional) - (array) - array of cookie names that shouldn t be changed ULTEO SAS 2014-11

If cookie is not defined in managed, suppressed or replayed lists it will be dropped (such as it would be on suppressed list). { " type ": " CookieFilter ", " managed ": " WEBAPPScookie ", " relayed ": " I18N_LANGUAGE " 4.1.3.3 HttpBasicAuthFilter HttpBasicAuthFilter is able to inject http basic authentication header. Parameters: user (required) - (string) - username pass (required) - (string) - password If cookie is not defined in managed, suppressed or replayed lists it will be dropped (such as it would be on suppressed list). { " type ": " HttpBasicAuthFilter ", " user ": "$( USER_LOGIN )", " pass ": "$( USER_PASSWD )" 4.1.3.4 NTLMFilter NTLMFilter is able to inject NTLM authentication header. Parameters: user (required) - (string) - username pass (required) - (string) - password If cookie is not defined in managed, suppressed or replayed lists it will be dropped (such as it would be on suppressed list). ULTEO SAS 2014-12

{ " type ": " NTLMFilter ", " user ": "$( USER_LOGIN )", " pass ": "$( USER_PASSWD )" 4.2 Configuration Example The example below illustrates how to configure and use Zarafa (a Webmail application) in Ulteo Open Virtual Desktop { " title ": " Zarafa WebApp ", " Configuration ": { " TARGETURL ": { " type ": " url ", " title ": " Server URL", " value ": " https :// demo. zarafa.com/webapp ", " USER_LOGIN ": { " type ": " string ", " value ": " demo12 ", " USER_PASSWD ": { " type ": " string ", " value ": " demo12 ", " Handlers ": { " Start ": { " baseuri ": "$( TARGETURL )", " next_ handler ": " LoginRequestHandler ", " type ": " ServerHandler ", " Client ": { " type ": " ClientHandler ", " LoginRequestHandler ": { " next_handler ": " Client ", " type ": " ChainHandler ", " filters ": [ { " type ": " CookieFilter ", " managed ": [ " ZARAFA_WEBAPP " ], { " type ": " StaticRequestFilter ", " path ": "/ webapp /", " autologin ": false, " content_regexp ": " login_main ", " form ": { " username ": "$( USER_LOGIN )", ULTEO SAS 2014-13

] " password ": "$( USER_PASSWD )" ULTEO SAS 2014-14

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information