Frank Kobzik has uploaded a new change for review. Change subject: frontend: Allow NLA auth for Native RDP execution ......................................................................
frontend: Allow NLA auth for Native RDP execution This patch allows Network Level Authentication in combination with Native RDP client. This is done by setting enablecredsspsupport flag in RDP descriptor to 1. Previously this flag was set to 0 which prevented clients to connect to RDP server with NLA enabled. This patch only affects 'Native client' invocation. The 'Browser plugin' still has this option disabled (enabling it would prevent passing password to ActiveX plugin and therefore SSO would be impossible). Also RDP info icon text in 'Console options' dialog was enhanced with information about NLA and SSO. Change-Id: If686b824aa05b6d0083b9be6eca681797c3c26f3 Bug-Url: https://bugzilla.redhat.com/1131693 Signed-off-by: Frantisek Kobzik <[email protected]> --- M frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/CommonApplicationConstants.java M frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/AbstractRdp.java M frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/RdpNativeImpl.java M frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/RdpPluginImpl.java M frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/vms/IRdp.java 5 files changed, 14 insertions(+), 12 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/28/32028/1 diff --git a/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/CommonApplicationConstants.java b/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/CommonApplicationConstants.java index b2f90e4..9c507e5 100644 --- a/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/CommonApplicationConstants.java +++ b/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/CommonApplicationConstants.java @@ -1581,10 +1581,10 @@ String rdpInvokeAuto(); @DefaultStringValue("Downloads a console configuration file to be opened by Remote Desktop client application on " + - "your system.") + "your system. Required for Network Level Authentication.") String rdpInvokeNative(); - @DefaultStringValue("Uses browser plugin to invoke the RDP session (MS Internet Explorer only) .") + @DefaultStringValue("Uses browser plugin to invoke the RDP session (MS Internet Explorer only). Required for Single Sign On.") String rdpInvokePlugin(); @DefaultStringValue("Console Invocation") diff --git a/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/AbstractRdp.java b/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/AbstractRdp.java index 346e1d4..200e468 100644 --- a/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/AbstractRdp.java +++ b/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/AbstractRdp.java @@ -12,8 +12,6 @@ private Integer width = 640; private Integer height = 480; private Integer authenticationLevel = 2; - private Boolean enableCredSspSupport = false; // Disable 'Credential Security Support Provider (CredSSP)' to enable - // SSO. private boolean useLocalDrives; private Boolean redirectPrinters = false; private Boolean redirectClipboard = true; @@ -77,14 +75,6 @@ public void setAuthenticationLevel(Integer authenticationLevel) { this.authenticationLevel = authenticationLevel; - } - - public Boolean getEnableCredSspSupport() { - return enableCredSspSupport; - } - - public void setEnableCredSspSupport(Boolean enableCredSspSupport) { - this.enableCredSspSupport = enableCredSspSupport; } public Boolean getRedirectPrinters() { diff --git a/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/RdpNativeImpl.java b/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/RdpNativeImpl.java index 64bdf5b..b85db86 100644 --- a/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/RdpNativeImpl.java +++ b/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/RdpNativeImpl.java @@ -87,4 +87,9 @@ ConsoleModel.makeConsoleConfigRequest("console.rdp", "application/rdp; charset=UTF-8", configBuilder.toString());//$NON-NLS-1$$NON-NLS-2$ } + @Override + public boolean getEnableCredSspSupport() { + return true; + } + } diff --git a/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/RdpPluginImpl.java b/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/RdpPluginImpl.java index 20bcf6e..da7ef5d 100644 --- a/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/RdpPluginImpl.java +++ b/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/RdpPluginImpl.java @@ -135,4 +135,9 @@ } catch(e) { alert(e); } }-*/; + @Override + public boolean getEnableCredSspSupport() { + return false;// Disable 'Credential Security Support Provider (CredSSP)' to enable SSO + } + } diff --git a/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/vms/IRdp.java b/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/vms/IRdp.java index 2ab273b..efc90f7 100644 --- a/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/vms/IRdp.java +++ b/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/vms/IRdp.java @@ -15,5 +15,7 @@ void setUseLocalDrives(boolean value); + boolean getEnableCredSspSupport(); + void connect(); } -- To view, visit http://gerrit.ovirt.org/32028 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: If686b824aa05b6d0083b9be6eca681797c3c26f3 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: ovirt-engine-3.5 Gerrit-Owner: Frank Kobzik <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
