Skip past navigation linksSecure Global Desktop Administration Guide > Users and authentication > Enabling web server authentication for the browser-based webtop

Enabling web server authentication for the browser-based webtop

To enable web server authentication for the browser-based webtop:

  1. On each array member, configure the web server to protect access to the /sgd URL.
  2. In Array Manager, click Secure Global Desktop Login, Properties.
  3. Check the box next to Use third party authentication.
  4. Check one or more boxes in User identity mapping.
  5. Configure the Tomcat component of the Secure Global Desktop Web Server to trust the web server authentication. On each array member, edit the /opt/tarantella/webserver/tomcat/version/conf/server.xml file. Add the following attribute to the connector element (<Connector>) for the Coyote/JK2 AJP 1.3 Connector:
    tomcatAuthentication="false"

Notes

Example of how to configure the Secure Global Desktop Web Server

The following is an example of how you might configure the Secure Global Desktop Web Server for web server authentication:

  1. Use the /opt/tarantella/webserver/apache/version/bin/htpasswd binary to create a web server password file.
  2. Edit the /opt/tarantella/webserver/apache/version/conf/httpd.conf file and insert the following directory directives:
    Skip past preformatted textSetEnvIf Request_URI "\.(cab|jar|gif|der)$" sgd_noauth_ok
        
    <LocationMatch /sgd>
       Order Allow,Deny
       Allow from env=sgd_noauth_ok
       AuthUserFile file-path
       AuthName auth-domain
       Authtype Basic
       Require  valid-user
       Satisfy  any
    </LocationMatch>
    where file-path is the full path to the web server password file
    and auth-domain is the name of authorization realm that appears in the web browser's authentication dialog.
  3. Restart the Secure Global Desktop Web Server (tarantella webserver restart ) for the configuration changes to take effect.

Notes

Related topics