There seems to be a difference between how the java viewer works on different
platforms. Running the client on linux through firefox/icedteaplugin throws an
exception if I put a password protection and force encryption on the
vncserver, but on a client running on windows it works fine in with or without
encryption.
Details
we have integrated everything with xinetd. This is the config line for the vnc
service
server_args = -geometry 1280x1024 -rfbport 5901 -inetd -query
localhost -log *:syslog:40 -SecurityTypes=VenCrypt,TLSVnc -rfbauth
/tmp/vncpassword
This works fine on linux if one use this client command line
java -jar VncViewer.jar -Server the.server.address:5901
But if I try to access it directly through the web page using firefox i get
this backtrace
[royd@newton ~]$ firefox http://the.server.address:8000/httpvnc
(firefox:16639): GLib-CRITICAL **: g_hash_table_insert_internal: assertion
`hash_table != NULL' failed
Fontconfig warning: "/etc/fonts/conf.d/50-user.conf", line 9: reading
configurations from ~/.fonts.conf is deprecated.
java version "1.7.0_09-icedtea"
OpenJDK Runtime Environment (fedora-2.3.5.fc18-x86_64)
OpenJDK 64-Bit Server VM (build 23.2-b09, mixed mode)
Fontconfig warning: "/etc/fonts/conf.d/50-user.conf", line 9: reading
configurations from ~/.fonts.conf is deprecated.
/builddir/build/BUILD/icedtea-
web-1.3.1/plugin/icedteanp/IcedTeaNPPlugin.cc:682: thread 0x7f9deda1b100:
Error: Unknown plugin value requested.
Fontconfig warning: "/etc/fonts/conf.d/50-user.conf", line 9: reading
configurations from ~/.fonts.conf is deprecated.
Fontconfig warning: "/etc/fonts/conf.d/50-user.conf", line 9: reading
configurations from ~/.fonts.conf is deprecated.
CConn: connected to host the.server.address port 5901
CConnection: Server supports RFB protocol version 3.8
CConnection: Using RFB protocol version 3.8
CConnection: processing security types message
CConnection: Server offers security type VeNCrypt(19)
CConnection: Server offers security type VeNCrypt(19)
CConnection: Choosing security type VeNCrypt(19)
CSecurityTLS: Handshake succesful!
CSecurityTLS: Using cipher suite: TLS_DH_anon_WITH_AES_256_CBC_SHA
java.security.AccessControlException: Applets may not call System.exit()
at
net.sourceforge.jnlp.runtime.JNLPSecurityManager.checkExit(JNLPSecurityManager.java:379)
at javax.swing.JFrame.setDefaultCloseOperation(JFrame.java:388)
at com.tigervnc.vncviewer.PasswdDialog.<init>(PasswdDialog.java:30)
at com.tigervnc.vncviewer.CConn.getUserPasswd(CConn.java:271)
at
com.tigervnc.rfb.CSecurityVncAuth.processMsg(CSecurityVncAuth.java:39)
at com.tigervnc.rfb.CSecurityStack.processMsg(CSecurityStack.java:49)
at
com.tigervnc.rfb.CSecurityVeNCrypt.processMsg(CSecurityVeNCrypt.java:174)
at com.tigervnc.rfb.CConnection.processSecurityMsg(CConnection.java:184)
at com.tigervnc.rfb.CConnection.processMsg(CConnection.java:56)
at com.tigervnc.vncviewer.VncViewer.run(VncViewer.java:224)
at java.lang.Thread.run(Thread.java:722)
The server side xinetd config seems to be right as the web applet works fine on
a windows client or if I change the server_args so that None is listed first
and remove rfbauth in the config
server_args = -geometry 1280x1024 -rfbport 5901 -inetd -query
localhost -log *:syslog:40 -SecurityTypes=None,VenCrypt,TLSVnc
With the above config the both the CLI and the web app works fine on linux. It
seems like the password popup gets into problems with the security manager.
(I'm quite blank at java stuff so this might be wrong)
I want to exclude access to all viewers that do not support encryption so the
None flag should not be there.
Any hints is greatly appreciated.
Best regards,
Roy.
--
The Computer Center, University of Tromsø, N-9037 TROMSØ Norway.
phone:+47 77 64 41 07, fax:+47 77 64 41 00
Roy Dragseth, Team Leader, High Performance Computing
Direct call: +47 77 64 62 56. email: [email protected]
------------------------------------------------------------------------------
Free Next-Gen Firewall Hardware Offer
Buy your Sophos next-gen firewall before the end March 2013
and get the hardware for free! Learn more.
http://p.sf.net/sfu/sophos-d2d-feb
_______________________________________________
Tigervnc-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/tigervnc-users
