Professional Documents
Culture Documents
V4.0.2
OVD WEB APPLICATION GATEWAY
Contents
1
Introduction
2 Overview
3 Installation
3.1
4 Conguration
4.1
Conguration le . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4.1.1
Conguration Section . . . . . . . . . . . . . . . . . . . . . . . . . .
4.1.2
Handlers Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4.1.2.1
ServerHandler . . . . . . . . . . . . . . . . . . . . . . . . .
4.1.2.2
ClientHandler . . . . . . . . . . . . . . . . . . . . . . . . . .
4.1.2.3
DispatchHandler . . . . . . . . . . . . . . . . . . . . . . . .
4.1.2.4
ChainHandler . . . . . . . . . . . . . . . . . . . . . . . . . .
10
4.1.2.5
RedirectHandler . . . . . . . . . . . . . . . . . . . . . . . .
10
Filters Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
10
4.1.3.1
StaticRequestFilter . . . . . . . . . . . . . . . . . . . . . . .
10
4.1.3.2
CookieFilter . . . . . . . . . . . . . . . . . . . . . . . . . . .
11
4.1.3.3
HttpBasicAuthFilter . . . . . . . . . . . . . . . . . . . . . .
12
4.1.3.4
NTLMFilter . . . . . . . . . . . . . . . . . . . . . . . . . . .
12
13
4.1.3
Section 1
Introduction
Ulteo Open Virtual Desktop 4.0 supports the delivery of native Web Applications alongside Windows and Linux. The OVD Web Application Gateway is intended to provide a
single sign on (SSO) capability for Web Applications as well as the ability to integrate
Web Applications into the OVD infrastructure. This documentation describes how to
congure OVD to integrate Web Applications into an OVD user session.
Section 2
Overview
The OVD Web Application Gateway is dened as a new role named ulteo-ovd-slaveserverrole-web. The role can be installed as an additional role on an existing server with the
OVD farm or as a dedicated role on a standalone server
path: The path mode denes the full path for a Web Application such as http://ulteo.demo/webapps
domain: The domain mode will use the dns conguration for a domain in order
to access the Web Application such as http://webappname.ulteo.demo/
The publication and conguration of a Web Application is performed on the Applications tab on the OVD Administration Console.
Section 3
Installation
The OVD Web Application Gateway can be installed on all the supported distributions
3.1
3.2
3.3
Ubuntu Lucid
3.4
apt - get
apt - get
apt - get
apt - get
update
install ulteo - keyring
update
install ulteo - ovd - slaveserver - role - web
Ubuntu Precise
3.5
apt - get
apt - get
apt - get
apt - get
update
install ulteo - keyring
update
install ulteo - ovd - slaveserver - role - web
Debian Squeeze
3.6
apt - get
apt - get
apt - get
apt - get
update
install ulteo - keyring
update
install ulteo - ovd - slaveserver - role - web
Debian Wheezy
apt - get
apt - get
apt - get
apt - get
update
install ulteo - keyring
update
install ulteo - ovd - slaveserver - role - web
3.7
OpenSUSE 11.3
Section 4
4.1
Configuration
Configuration file
4.1.1
Configuration Section
Parameters described in this section are variables which are congurable in OVD
Administration Console. They can be used in handlers and lters on any nesting
level. The syntax for using a variable is of the form $(VARNAME).
There are ve types of variable:
url text input eld in Admin console (checked if its valid)
string text input eld in Admin Console
boolean checkbox input eld in Admin Console
user_login login of current logged in user
user_passwd password of current logged in user
In the conguration section, you dene variables which will be used in the handlers
section. You have to set minimum, the type and the value. The variables will be
shown on a form in the appropriate Web Application in the OVD Administration
Console
Example:
" Configuration ": {
" TARGETURL ": {
" type ": " url " ,
" title ": " Server URL " ,
" value ": " https :// demo . zarafa . com / webapp "
},
" USER_LOGIN ": {
" type ": " string " ,
" value ": " demo12 "
},
" USER_PASSWD ": {
" type ": " string " ,
ULTEO SAS 2014 - 7
Any other type used in the JSON le will be displayed in Administration Console as
a read-only text input eld.
The optional parameter title is used in the Administration Console as the label for
the input eld.
4.1.2
Handlers Section
This section denes the handlers and the order in which the handlers should be
used to handle trac between a users browser and a Web Application.
Each handler should have a unique name (key). The parameter type is required and
denes the type of handler. Optional parameter lters describes lters that should
be processed during request handling.
4.1.2.1
ServerHandler
ServerHandler - manages the basic conguration for the target Web Application
Parameters:
baseURI (required) address of the Web Application
next_handler (required) name of the next handler
Example:
" Server ": {
" type ": " ServerHandler " ,
" baseURI ": " http :// $ ( TARGETIP ) " ,
" next_handler ": " Dispatch "
}
4.1.2.2
ClientHandler
Example:
" Client ":{
" type ": " ClientHandler "
}
4.1.2.3
DispatchHandler
4.1.2.4
ChainHandler
4.1.2.5
RedirectHandler
The RedirectHandler redirects the browser to a given location. Parameter location (required) can dene the URL or path to which the browser should be
redirected.
Example:
" Unauthorized ":{
" type ": " RedirectHandler " ,
" location ": "/ site /401"
}
4.1.3
Filters Section
Each handler can dene a list of lters. Filters handle several authentication by
adding or modifying data in request and response. Filters are dened as an array
of object
4.1.3.1
StaticRequestFilter
4.1.3.2
CookieFilter
CookieFilter is able to inject cookies in the stream, read them back and update. This lter will retrieve the cookie from the server and store it users
session to reinject it at the next requests.
Parameters:
managed (optional) - (array) - array of cookie names that should be managed
by OVD Web Application Gateway. Those cookies will not be visible in users
browser.
suppressed (optional) - (array) - array of cookie names that should be removed by
OVD Web Application Gateway. If the users browser does send such a cookie it
will be dropped and the Web Application will not receive it. If Web Application
does set such a cookie is will be dropped, and the users browser will not receive
it
replayed (optional) - (array) - array of cookie names that shouldnt be changed
4.1.3.3 HttpBasicAuthFilter
4.1.3.4 NTLMFilter
{
" type ": " NTLMFilter " ,
" user ": " $ ( USER_LOGIN ) " ,
" pass ": " $ ( USER_PASSWD ) "
}
4.2
Configuration Example
The example below illustrates how to congure and use Zarafa (a Webmail application)
in Ulteo Open Virtual Desktop
{
" title ": " Zarafa WebApp " ,
" Configuration ": {
" TARGETURL ": {
" type ": " url " ,
" title ": " Server URL " ,
" value ": " https :// demo . zarafa . com / webapp "
},
" USER_LOGIN ": {
" type ": " string " ,
" value ": " demo12 "
},
" USER_PASSWD ": {
" type ": " string " ,
" value ": " demo12 "
}
},
" Handlers ": {
" Start ": {
" baseURI ": " $ ( TARGETURL ) " ,
" next_handler ": " LoginRequestHandler " ,
" type ": " ServerHandler "
},
" Client ": {
" type ": " ClientHandler "
},
" LoginRequestHandler ": {
" next_handler ": " Client " ,
" type ": " ChainHandler " ,
" filters ": [
{
" type ": " CookieFilter " ,
" managed ": [
" ZARAFA_WEBAPP "
]
},
{
" type ": " StaticRequestFilter " ,
" path ": "/ webapp /" ,
" autologin ": false ,
" content_regexp ": " login_main " ,
" form ": {
" username ": " $ ( USER_LOGIN ) " ,
ULTEO SAS 2014 - 13