Difference between revisions of "Adito"

Revision as of 03:09, 24 June 2009

OpenVPN Application Layer Software (ALS), formerly know as Adito, is a web-based SSL VPN server written in Java. It has a browser-based AJAX UI which allows easy access to intranet services. Once installed and configured correctly, you will be able to access all your server files and the HDA (to include applications) using https://user.yourhda.com (tested with Firefox and Internet Explorer).

Post-Install:

If you reboot your server anytime after installing Adito, the application does not start automatically on boot. In order to start it, enter the following in terminal as your normal user:

ant -f /var/hda/web-apps/adito/server/build.xml start

Once it says "Adito started successfully" give it a a minute or so before trying to access it with your web browser. An autostart mechanism is currently being developed.

Web Browser Tip:

You will receive a security alert on the first run for Mozilla Firefox or Internet Explorer. This is no cause for alarm. To prevent this from occurring each time you access Adito, follow the procedures listed below:

Mozilla Firefox - When the page loads, you will see a pop up stating "adito:4443 uses an invalid security certificate."

Select Ok and you will see another message, "Secure Connection Failed"
Choose the "or you can add an exception" link at the bottom.
You will then see two choices, "get me out of here!" and "Add Exception..." Select the "Add Exception..." option.
Another box will appear stating "You are about to override how Firefox identifies this site" Select "Get Certificate"
You will then have an option to "View Certificate" or "Confirm Security Exception" or "Cancel" Select "Confirm Security Exception" Ensure the "Permanently store this exception" is checked.
It may take a minute for it to finish, then you should see the login screen. You won't see invalid security certificate now that you have added the exception.

Internet Explorer - When the page loads, it will say "There is a problem with this website's security certificate."

Select the option "Continue to this website (not recommended)."
Look for the "Certificate Error" box next to the web page address at the top and select it.
A box will pop up saying "Untrusted Certificate" and select "View certificates"
When the certificate is displayed, you will see it belongs to username.yourhda.com. Choose the Install button and a wizard will pop up.
Select Next and ensure the "Automatically select the certificate store based on the type of certificate is chosen and select Next.
Select Finish and a Security Warning will appear stating "You are about to isntall a certificate from a certification authority (CA) claing to represent: user.yourhda.com". Select Yes.
It will indicate Finished and choose OK to complete. You won't see "There is a problem with this website's security certificate" in the future as the site is now a trusted site.

NOTE: Other browsers have not been tested. The procedures will be slightly different for them.

Configuration Options:

Router (Settings)

In order to use https://user.yourhda.com (substitute your user name for user) to access Adito VPN from any computer using the web browser, create a Port Forward or Virtual Server rule. This is a required step for the Map HDA Folders and Apps options to work from outside your network.
On a D-LINK WBR-2310 router, set a Virtual Server setting to forward port 443 public and 4443 private to the HDA server IP address using TCP traffic type.

Map HDA folders (Network Places)

Login as administrator
Select Network Places (middle left menu)
Select Create Network Places (upper right menu)
Enter desired Name and Description.
Check Add to Favorites and select Next
Choose Local File from drop down
Enter path to the folder you want mapped and select next
Select Everyone, select Add, and select Next
Select Finish and select Exit Wizard

NOTE: You can add any folder on the server using the steps above. The default Amahi folders (Music, Docs, etc) have already been added.

Map HDA Apps Option 1 (Web Forwards Tunneled Web)

Login as administrator
Select Web Forwards (middle left menu)
Select Create Web Forward
Select Tunneled Web and select Next
Enter HDA for Name and Description.
Check Add to Favorites and select Next
Enter http://hda for Destination URL and select Next
Select Everyone, select Add, and select Next
Select Finish and select Exit Wizard
Not all HDA apps will work (i.e. phpsysinfo)
This method makes use of Adito Agent (java web agent)
Each time the agent is executed, a random port is tunneled (may not work with firewalled client network)

Map HDA Apps Option 2 (Web Forwards Replacement Proxy)

Login as administrator
Select Web Forwards (middle left menu)
Select Create Web Forward
Select Create Replacement Proxy and select Next
Enter HDA for Name and Description.
Check Add to Favorites and select Next
Enter http://hda for Destination URL and select Next
Select Next
Select Everyone, select Add, and select Next
Select Finish and select Exit Wizard
Not all HDA apps will work (i.e. phpsysinfo)
There is no port restriction (uses 443).

@@ Line 14: / Line 14: @@
 You will receive a security alert on the first run for Mozilla Firefox or Internet Explorer.  This is no cause for alarm.  To prevent this from occurring each time you access Adito, follow the procedures listed below:
-* <u>Mozilla Firefox</u> - When the page loads, you will see a pop up stating "adito:4443 uses an invalid security certificate."
+<u>Mozilla Firefox</u> - When the page loads, you will see a pop up stating "adito:4443 uses an invalid security certificate."
-** Select Ok and you will see another message, "Secure Connection Failed"
+* Select Ok and you will see another message, "Secure Connection Failed"
-** Choose the "or you can add an exception" link at the bottom.
+* Choose the "or you can add an exception" link at the bottom.
-** You will then see two choices, "get me out of here!" and "Add Exception..." Select the "Add Exception..." option.
+* You will then see two choices, "get me out of here!" and "Add Exception..." Select the "Add Exception..." option.
-** Another box will appear stating "You are about to override how Firefox identifies this site"  Select "Get Certificate"
+* Another box will appear stating "You are about to override how Firefox identifies this site"  Select "Get Certificate"
-** You will then have an option to "View Certificate" or "Confirm Security Exception" or "Cancel"  Select "Confirm Security Exception"  Ensure the "Permanently store this exception" is checked.
+* You will then have an option to "View Certificate" or "Confirm Security Exception" or "Cancel"  Select "Confirm Security Exception"  Ensure the "Permanently store this exception" is checked.
-** It may take a minute for it to finish, then you should see the login screen.  You won't see invalid security certificate now that you have added the exception.
+* It may take a minute for it to finish, then you should see the login screen.  You won't see invalid security certificate now that you have added the exception.
-*<u>Internet Explorer</u> - When the page loads, it will say "There is a problem with this website's security certificate."
+<u>Internet Explorer</u> - When the page loads, it will say "There is a problem with this website's security certificate."
-** Select the option "Continue to this website (not recommended)."
+* Select the option "Continue to this website (not recommended)."
-** Look for the "Certificate Error" box next to the web page address at the top and select it.
+* Look for the "Certificate Error" box next to the web page address at the top and select it.
-** A box will pop up saying "Untrusted Certificate" and select "View certificates"
+* A box will pop up saying "Untrusted Certificate" and select "View certificates"
-** When the certificate is displayed, you will see it belongs to username.yourhda.com.  Choose the Install button and a wizard will pop up.
+* When the certificate is displayed, you will see it belongs to username.yourhda.com.  Choose the Install button and a wizard will pop up.
-** Select Next and ensure the "Automatically select the certificate store based on the type of certificate is chosen and select Next.
+* Select Next and ensure the "Automatically select the certificate store based on the type of certificate is chosen and select Next.
-** Select Finish and a Security Warning will appear stating "You are about to isntall a certificate from a certification authority (CA) claing to represent:  user.yourhda.com".  Select Yes.
+* Select Finish and a Security Warning will appear stating "You are about to isntall a certificate from a certification authority (CA) claing to represent:  user.yourhda.com".  Select Yes.
-** It will indicate Finished and choose OK to complete.  You won't see "There is a problem with this website's security certificate" in the future as the site is now a trusted site.
+* It will indicate Finished and choose OK to complete.  You won't see "There is a problem with this website's security certificate" in the future as the site is now a trusted site.
 :'''NOTE:'''  Other browsers have not been tested.  The procedures will be slightly different for them.
 === Configuration Options: ===
-* <u>Router (Settings)</u>
+ <u>Router (Settings)</u>
-** In order to use '''<nowiki>https://user.yourhda.com</nowiki>''' (substitute your user name for user) to access Adito VPN from any computer using the web browser, create a Port Forward or Virtual Server rule.  This is a required step for the Map HDA Folders and Apps options to work from outside your network.
+* In order to use '''<nowiki>https://user.yourhda.com</nowiki>''' (substitute your user name for user) to access Adito VPN from any computer using the web browser, create a Port Forward or Virtual Server rule.  This is a required step for the Map HDA Folders and Apps options to work from outside your network.
-** On a D-LINK WBR-2310 router, set a Virtual Server setting to forward port 443 public and 4443 private to the HDA server IP address using TCP traffic type.
+* On a D-LINK WBR-2310 router, set a Virtual Server setting to forward port 443 public and 4443 private to the HDA server IP address using TCP traffic type.
-* <u>Map HDA folders (Network Places)</u>
+<u>Map HDA folders (Network Places)</u>
-** Login as administrator
+* Login as administrator
-** Select Network Places (middle left menu)
+* Select Network Places (middle left menu)
-** Select Create Network Places (upper right menu)
+* Select Create Network Places (upper right menu)
-** Enter desired Name and Description.
+* Enter desired Name and Description.
-** Check Add to Favorites and select Next
+* Check Add to Favorites and select Next
-** Choose Local File from drop down
+* Choose Local File from drop down
-** Enter path to the folder you want mapped  and select next
+* Enter path to the folder you want mapped  and select next
-** Select Everyone, select Add, and select Next
+* Select Everyone, select Add, and select Next
-** Select Finish and select Exit Wizard
+* Select Finish and select Exit Wizard
 :'''NOTE:'''  You can add any folder on the server using the steps above.  The default Amahi folders (Music, Docs, etc) have already been added.
-* <u>Map HDA Apps Option 1 (Web Forwards Tunneled Web)</u>
+<u>Map HDA Apps Option 1 (Web Forwards Tunneled Web)</u>
-** Login as administrator
+* Login as administrator
-** Select Web Forwards (middle left menu)
+* Select Web Forwards (middle left menu)
-** Select Create Web Forward
+* Select Create Web Forward
-** Select Tunneled Web and select Next
+* Select Tunneled Web and select Next
-** Enter HDA for Name and Description.
+* Enter HDA for Name and Description.
-** Check Add to Favorites and select Next
+* Check Add to Favorites and select Next
-** Enter '''<nowiki>http://hda</nowiki>''' for Destination URL and select Next
+* Enter '''<nowiki>http://hda</nowiki>''' for Destination URL and select Next
-** Select Everyone, select Add, and select Next
+* Select Everyone, select Add, and select Next
-** Select Finish and select Exit Wizard
+* Select Finish and select Exit Wizard
-** Not all HDA apps will work (i.e. phpsysinfo)
+* Not all HDA apps will work (i.e. phpsysinfo)
-** This method makes use of Adito Agent (java web agent)
+* This method makes use of Adito Agent (java web agent)
-** Each time the agent is executed, a random port is tunneled (may not work  with firewalled client network)
+* Each time the agent is executed, a random port is tunneled (may not work  with firewalled client network)
-* <u>Map HDA Apps Option 2 (Web Forwards Replacement Proxy)</u>
+<u>Map HDA Apps Option 2 (Web Forwards Replacement Proxy)</u>
-** Login as administrator
+* Login as administrator
-** Select Web Forwards (middle left menu)
+* Select Web Forwards (middle left menu)
-** Select Create Web Forward
+* Select Create Web Forward
-** Select Create Replacement Proxy and select Next
+* Select Create Replacement Proxy and select Next
-** Enter HDA for Name and Description.
+* Enter HDA for Name and Description.
-** Check Add to Favorites and select Next
+* Check Add to Favorites and select Next
-** Enter '''<nowiki>http://hda</nowiki>''' for Destination URL and select Next
+* Enter '''<nowiki>http://hda</nowiki>''' for Destination URL and select Next
-** Select Next
+* Select Next
-** Select Everyone, select Add, and select Next
+* Select Everyone, select Add, and select Next
-** Select Finish and select Exit Wizard
+* Select Finish and select Exit Wizard
-** Not all HDA apps will work (i.e. phpsysinfo)
+* Not all HDA apps will work (i.e. phpsysinfo)
-** There is no port restriction (uses 443).
+* There is no port restriction (uses 443).

Amahi Wiki

Links

Personal tools

Navigation

Tools

Difference between revisions of "Adito"

Revision as of 03:09, 24 June 2009

Post-Install:

Web Browser Tip:

Configuration Options: