webRDP HTML5 Gateway - Amazon Web Servicesstoneware-docs.s3.amazonaws.com/webRDP-HTML5-Gateway...webRDP HTML5 Gateway will make requests to the backend Terminal Server or remote desktop

© 2013 Stoneware, Inc.

webRDP HTML5 Gateway

Note:

This document is the property of w ebInflection. It is not to

be copied, reproduced, or printed w ithout prior consent

from Stonew are, Inc.

webRDP HTML5 Gateway2


Table of Contents

Foreword 0

Part I Introduction 3

................................................................................................................................... 31 Welcome

................................................................................................................................... 42 Overview

Part II Features 6

................................................................................................................................... 61 Overview

Part III Requirements 10

Part IV Installation 12

Part V Connecting to the HTML5 Gateway 19

Part VI Branding the Gateway 20

Part VII Security Gateway 22

Part VIII Adding a Signed SSL Certificate 23

Part IX Customizing the Interface 26

................................................................................................................................... 281 Custom Page Tags

................................................................................................................................... 292 Sample HTML Page

................................................................................................................................... 313 Sample JSP

Index 0

Introduction 3


1 Introduction

1.1 Welcome

Thank you for installing the Stoneware webRDP HTML5 Gateway. This document will provide anoverview of the webRDP HTML5 Gateway features and how to install / configure the gateway inyour environment. For more information regarding the webRDP HTML5 Gateway, please visit theStoneware web site at www.stone-ware.com.

http://www.stone-ware.com



1.2 Overview

The Stoneware webRDP HTML5 Gateway is a software product designed to connect remote endusers with Windows desktops and Microsoft Terminal Servers using just a web browsers. Theproduct is considered a "gateway" because it translates the HTML5 code within the web browserto Microsoft's Remote Desktop Protocol.

Diagram:

Support: Through this gateway, users can connect to the following Windows systems:

Windows XP, Vista, and 7 Windows Server 2000, 2003, and 2008 Windows Virtual Desktop Systems (with RDP enabled) Microsoft Terminal Server

Benefits:

No client-side software required No browser plug-in required Access Remote Windows Desktops from desktops, notebooks, tablets, and smartphones Supports most all operating systems including Windows, Mac, Linux, iOS, Android, andWindows 8 Takes minutes to install and configure Fully customizable for Managed Service Providers, Hosted Service Providers, customdevelopers, and large IT shops

Introduction 5




2 Features

2.1 Overview

A matrix of webRDP HTML5 Gateway features is displayed below.

Feature Basic Advanced

Username/PasswordDisplay SettingsStart ProgramsRDP 5 Bulk CompressionExperienceKeep AliveAdmin ConsoleCut and PasteCustomizable BannerCustomizable SplashHTTP(S) Proxy SupportSOCKS 5 SupportEncrypted PasswordPassword ExpirationCustomizable Logo

A description of each webRDP HTML5 Gateway feature is listed below.

Computer (required)

The IP address, DNS name, or machine name of the backend device the webRDP HTML5Gateway will attempt to connect to. The user can pass a non-standard port number (i.e. -something other than the default RDP port 3389) by appending ":[port number]" to thecomputer name.

Example: mymachine.stone-ware.com:4595

Username

The user ID required to access the Windows machine via the remote desktop protocol(RDP). This parameter is not required. The remote desktop or Terminal Server willprompt if authentication is required.

Display

Features 7


The Display tab controls the screen resolution displayed through the webRDP HTML5Gateway. The client supports multiple display settings including:

Fit to Browser

640x480

800x600

1024x768

1280x720

1280x768

1280x1024

1440x900

1440x1050

1600x1200

1680x1050

1920x1080

1920x1200

Start Program

The Start Program feature allows the webRDP HTML5 Gateway to automatically start aspecific application on the backend Terminal Server. The Terminal Server will suppressthe desktop view and only display the application's interface via the connection. Thisfeature is only available when connecting to a Microsoft Terminal Server.

Start Folder (optional)

Specifies the working directory for the application specified in the Start Program field.

RDP Compression

RDP compression is enabled within the webRDP HTML5 Gateway to optimize performancebetween the client and the backend Terminal Server or remote desktop. Thecompression is enabled by default and cannot be disabled on the client. If the host doesnot support RDP 5 bulk compression, the client will default back to RDP 4 compression.

Experience

The experience tab will control some of the performance settings associated withcontrolling the remote desktop or terminal session. Performance between the webRDPHTML5 Gateway and remote desktop can be improved by disabling graphical features ofthe remote desktop when creating the RDP session. The performance settings aredescribed below:

Desktop Background - When checked, the remote desktop or terminal session willdisplay any desktop background configured on the machine. Often the desktopbackground can be very graphic intensive and require the client to redraw the screen



more frequently, thus slowing performance.

Font Smoothing - When checked, the webRDP HTML5 Gateway client will display fontsmoothing if enabled on a 2003 Terminal Server or a 2008 Terminal Server. This featurewill improve the visual presentation of desktop windows and text.

Desktop Composition (Vista and Windows 7 feature) - When Desktop Composition isenabled, individual windows no longer draw directly to the screen or primary displaydevice as they did in earlier versions of Windows. Instead, their drawing is redirected tooff-screen surfaces in video memory, which are then rendered into a desktop imageand presented on the display. This feature will consume more bandwidth and can bedisabled by removing the check from the box.

Show Contents of Window While Dragging - When checked, the webRDP HTML5Gateway will display the contents of the window being dragged across the desktopinterface. When disabled, the contents of the window are suppressed while beingmoved within the desktop.

Menu & Windows Animation - When checked, the menu animations of the desktop willbe displayed on the remote desktop client. These animations will generate morenetwork traffic when being sent to the remote desktop client (i.e. -webRDP). Menuanimations can be disabled to reduce communication traffic by disabling the check box.

Visual Styles - When checked, the theme associated with the desktop will be displayedin the webRDP HTML5 Gateway. Themes are more graphically intensive and thereforewill generate more traffic between the webRDP HTML5 Gateway and remote desktopand/or Terminal Server. To disable the theme within the remote desktop client,uncheck the box.

Keep Alive

The keep alive option will send a packet to the backend Terminal Server or desktop on apredetermined interval to stop the device from being disconnected by networking gear(switches, routers, etc.) due to inactivity.

Cut and Paste (Clipboard)

The webRDP HTML5 Gateway supports the transfer of text between the remote desktopand the client using the clipboard feature of the operating system.

Admin Mode

The webRDP HTML5 Gateway will connect to a Terminal Server in console mode allowingan administrator to manage the Terminal Server (if allowed)

Customize Banner

Features 9


Allows an administrator to change the default graphic banner displayed at the top of the webRDP HTML5 Gateway user interface. This feature allows OEMs to replace the shippinggraphic banner with their own branded graphic banner.

Customize Splash Screen

Allows the administrator to change the default graphic splash screen that is displayedwhen the webRDP HTML5 Gateway is invoked within a web page or web application.

URL Generator (Launch URL)

The URL Generator allows the user to take all of the various connection parameters (listedabove) and create a URL that will automatically connect to the backend Terminal Server orWindows desktop. The URL can be used in desktop shortcuts, web pages, links, andemails. There are two types of URLs:

o Plain Text - the parameters are displayed in clear text in the address bar of thebrowser

o Encrypted - the parameters are encrypted in the address bar of the web browser. Stoneware suggests always using the encrypted URL. However, the Plain Textversion is useful for troubleshooting.

Proxy Support

The webRDP HTML5 Gateway client supports the use of HTTP(S) Forward Proxy servers. When enabled, the webRDP HTML5 Gateway will make requests to the backend TerminalServer or remote desktop through a designated Proxy. This feature is useful fororganizations who do not wish to expose their internal Terminal Servers or remotedesktops to the Internet.

The proxy server's IP Address and Credentials (username/password) can be passed as partof the RDP connection. Once the connection to the proxy server is accepted, all RDP



traffic will be redirected to the internal Terminal Server or remote desktop.

Chaining - feature allowing two or more proxy servers to be defined whenconnecting to a Terminal Server or remote desktop.

SOCKS Support

The webRDP advanced client supports the use of SOCKS 5 proxies. When enabled, thewebRDP HTML5 Gateway will make requests to the backend Terminal Server or remotedesktop through a designated SOCKS 5 proxy. This feature is useful for organizations whodo not wish to expose their internal Terminal Servers or remote desktops to the Internet. The SOCKS server's IP Address and Credentials (username/password) can be passed aspart of the RDP connection. Once the connection to the SOCKS proxy is accepted, all RDPtraffic will be redirected to the internal Terminal Server or remote desktop.

Chaining - feature allowing two or more SOCKS servers to be defined whenconnecting to a Terminal Server or remote desktop.

* Note - use of clear text username/password is currently supported with SOCKS 5

Did You Know:

You can chain a combination of SOCKS and PROXY servers together. The webRDPHTML5 Gateway can connect through a HTTPS proxy server and then through aSOCKS server to get to a backend RDP session.

Encrypted Password

New feature that allows the webRDP HTML5 Gateway to pass an encrypted passwordbetween the client and the backend RDP session. The encryption method supports RSA512 Public Key/Private Key format. The feature works in stand-alone mode or embeddedwithin a web page/application. In addition to encrypting the user's password, theadministrator can set an expiration on the password so that it is no longer valid after agiven number of hours.

3 Requirements

Below are the requirements for the webRDP HTML5 Gateway:

webRDP HTML5 Gateway Server

Requirements 11


The webRDP HTML5 Gateway is a Java application that runs on Windows or Linux servers. Theinitial release of the HTML5 Gateway is released for Windows server platform. Othersupported server platforms will come at a later date.

Windows 2003, 2008, or 2012 Server

Microsoft Windows 2003 or 2008Minimum 4 Gig of RAM300MB additional disk spaceNo other application should be using port 80 or 443 on the server

End User Client

Browsers that supports HTML5 (canvas)

Internet Explorer 9.0, 10.0Firefox 16, 17, 18, 19, 20, 21Chrome 23, 24, 25, 26, 27Safari 5.1, 6.0Opera 12.1, 12.5iOS Safari 3.2, 4.0, 4.1, 4.2, 4.3, 5.0, 5.1, 6.0Opera Mini 5.0, 6.0, 7.0Android Browser 2.1, 2.2, 2.3, 3.0, 4.0, 4.1, 4.2Blackberry Browser 7.0, 10.0



4 Installation

This section will discuss how to install the webRDP software in Gateway Mode. Please reviewthe Before You Start section before beginning.

Before You Start

Download the webRDP HTML5 Gateway software Verify that the system you are installing the gateway on meets the requirements specifiedin the requirements section

1. Start the webRDP Installation by clicking on the webRDP.exe 2. Introduction. Review the Introduction Screen (below) and select the NEXT button

3. Accept License. Review the license agreement and then select the I ACCEPT radio button ifyou agree to the terms. Select the NEXT button when complete.

Installation 13


4. Installation Directory. Use the CHOOSE button and select the directory where the webRDPsoftware will be installed. The default directory is webRDP. Hit the NEXT button whencomplete.

5. License File. Use the CHOOSE button to browse and select the webRDP license file. Thisfile should be sent to the customer after purchase of the product or can be downloadedthrough the Stoneware customer portal. Select the NEXT button when complete.



6. webRDP Port Configuration. Check the ENABLE SSL box if you want the gateway to supportHTTPS connections from the browser.

When the Enable SSL box is checked, you will either create a self-signed certificate orspecify an existing keystore with a signed certificate. The directions for each are below:

Installation 15


Self Signed Certificate

This option will create a keystore that will allow the gateway to support SSL. Thiskeystore is "self signed", therefore the user will be prompted with the warningabout the SSL certificate prior to connecting with the browser to the gateway. Seethe Adding a Signed SSL Certificate section on how to request and install a validSSL Certificate on the gateway.

6a. Enter the Internet domain name for the server (e.g. - stone-ware.com)

6b. Enter the Keystore password, since it is creating a new keystore, you aresetting a new password. Please write it down, remember it.

6c. Enter the Keystore password again, hope you remembered it.

Existing Keystore

Use this option when you have an existing keystore that has a valid importedcertificate.

6a. Select the BROWSE button and locate the keystore file

6b. Enter the Keystore's password

6c. Re-enter the Keystore's password

Select the NEXT button to continue.

7. Optional Settings. This option allows the administrator to customize the HTML5 gatewayconfiguration. The options are described below. When customization is complete, selectthe NEXT button to continue.



Custom Index.html Page

This option allows the administrator to replace the default index page with thestandard connection screen with another customized web page. The page can bereplaced to create new interfaces, automatically connect users to a specific system,add new logic into the connection process, automatically login, etc. Please see thesection on Integrating into a Web Page later in the chapter.

Custom Background Image

This option allows the administrator to specify a different default background on thewebRDP Gateway connection page. Check the CUSTOM BACKGROUND IMAGE andselect the BROWSE icon and select the image that will replace the default background. Background image guidelines are provided below:

Supports PNG and JPG image formatsRecommended image size should be 100k or lessRecommended dimensions are 1920x768 pixels

Custom Logo

This option allows the administrator to specify a different product logo. Organizationscan place their logo on. Check the CUSTOM LOGO IMAGE and select the BROWSE iconto select the image that will replace the default logo. Logo image guidelines areprovided below:

Installation 17


Supports PNG and JPG image formatsRecommended image size should be 50k or lessRecommended dimensions are 100x100 pixels

Select the NEXT button when complete.

8. Firewall Note. If you are installing the HTML5 Gateway in a DMZ, please review theSecurity Gateway section. Select the NEXT button to continue.

9. Pre-Installation Summary. Review the installation summary and select the INSTALL buttonto continue.



10. The file installation will proceed.

11. Select the DONE button when the file installation has completed.

Installation 19


-

The installation has been completed. The webRDP HTML5 Gateway has been installed asa Windows service and automatically started. To connect to the webRDP HTML5 Gateway,follow the steps below:

1. From another workstation or laptop, open a web browser2. Enter the IP address or DNS server name of the webRDP HTML5 Gateway server3. Enter the connection parameters of an existing Windows desktop with Remote

Desktop Support or a Terminal Server to test and verify the gateway is functional

5 Connecting to the HTML5 Gateway

By default, the webRDP HTML5 Gateway runs over HTTP on port 80. This is the default protocoland port for web traffic and therefore can be accessed by typing the IP address or DNS name ofthe server running the webRDP HTML5 Gateway.

If the person installing the webRDP HTML5 Gateway has selected a different protocol (i.e. -HTTPS) or port number (e.g. - 8088), the end user will need to connect using a different URL.

For HTTPS:

https:\\[IP Address]

For a Modified Port Number



http:\\[IP Address]:[Port Number]

When the user has successfully connected to the webRDP HTML5 Gateway, he should see thedefault screen below. This is the standard connection interface displayed by webRDP HTML5Gateway. A user can enter the connection parameters of the remote Windows desktop or remoteTerminal Server to connect through the gateway.

6 Branding the Gateway

The webRDP HTML5 Gateway can be branded as part of the installation process. Branding is theprocess by which the default background image and logo on the connection screen are replacedwith custom images. These images can be in the following formats:

PNG JPG GIF

Note:

Be careful when adding custom images. You should always try to minimize the size ofyour custom images to maximize the performance of the connection page loading insidethe user's browser. Stoneware recommends that the background image be less than100kb and the logo be less than 50kb.

During the installation process there will be an OPTIONAL SETTINGS screen that allows theinstaller to select either a custom background or custom logo.

Branding the Gateway 21


To change the default background, the installer can select the checkbox next to the CustomBackground option and then browse the local machine for the replacement background image.

To change the default logo, the installer can select the checkbox next to the Custom Logo optionand then browse the local machine for the replacement background image.

Advanced

The custom background and logo images are placed within the product directory during theinstallation process. If you wish to update or change these images at any time, follow the stepsbelow:

Updating the Image1. Navigate to the /webRDP-Gateway/jetty/webapps/root/images directory on the

webRDP HTML5 Gateway server2. Replace the current custom image with an update image

Changing the Image Name1. Navigate to the /webRDP-Gateway/jetty/config directory 2. modify the jetty.properties file with a text editor 3. Modify the customBG= line (or customLogo)



4. Change the file name at the end of the string

* Note - the file path requires each directory to be separated by \\

The custom image settings are stored in the Jetty.properties file. Sample provided below:

#Tue Feb 26 16:05:00 EST 2013port=80keyPassword=keystorePassword=SSLPort=443useCustomHTML=falseuseCustomBG=truecustomHTML=keystore=customBG=C\:\\webRDP-Gateway\\jetty\\webapps\\root\\images\\hero-1.pnguseCustomLogo=falsecustomLogo=SSL=false

To disable the custom image you must change the useCustomLogo and useCustomBG to FALSE.

7 Security Gateway

In addition to enabling any device with an HTML5 browser to connect to a remote Windowssystem, the webRDP HTML5 Gateway can act as a secure gateway to your Windows desktops,Terminal Servers, and VDI systems. As the diagram below demonstrates, the webRDP HTML5Gateway converts the HTML5 over HTTP(S) conversation to an RDP (remote desktop protocol)conversation on the inside of the network. This conversion of protocols is what makes theproduct a true "gateway". The user's session is terminated at the gateway inside the DMZ andthen converted to an RDP session that the remote Windows devices can understands. Thisfeature of the product means that organizations do not have to move their Terminal Servers andVDI systems into the DMZ or open holes from the outside world (Internet) into the data center.

Security Gateway 23


Setting up the webRDP HTML5 Gateway inside the firewall is very simple. The administratorshould follow the steps below:

1. Open ports 443 and 80 from the Internet to the webRDP HTML5 Gateway server in the DMZ

Port 80 does not need to be opened if the webRDP HTML5 Gateway has been configuredto support SSL

2. Open port 3389 from the webRDP HTML5 Gateway server to each device inside the datacenter

3. Follow the instructions for "hardening" the operating system on the server running thegateway. Your OS vendor should supply this information on their support site.

8 Adding a Signed SSL Certificate

By default, when enabling SSL (Secure Socket Layer) on the webRDP HTML5 Gateway the SSLcertificate is "unsigned". This means that it is not trusted by a Certificate of Authority and willdisplay a message to the end users stating the "site is untrusted/protected, do you wish tocontinue?". Stoneware recommends that customers acquire a signed SSL Certificate for thewebRDP HTML5 Gateway when enabling SSL. There are many vendors that provide SSLcertificates. The documentation below describes how to request and import an SSL certificate.



Before You Begin

This example will use Portecle, it is a tool for viewing and modifying keystores. You candownload this tool from the following URL: Download Portecle from http://sourceforge.net/projects/portecle

Enabling an SSL Certificate is a three step process:

1. Creating a Certifcate Request2. Importing Certificates from the Certificate of Authority3. Verifying SSL is enabled with a Trusted SSL Certificate

Creating a Certificate Request

This step will generate a certificate request that can be used by an SSL vendor to generate avalid SSL certificate.

1. Run the Portecle tool 2. Select FILE | OPEN KEYSTORE FILE3. Browse to the /webRDP-Gateway/jetty/etc directory4. Select the KEYSTORE file (file Type will be All Files)5. Select the OPEN button6. Enter the Password for the Keystore; this is the password you provided during installationof the product7. RIGHT-CLICK on the WEBRDP key8. Select GENERATE CERTIFICATE REQUEST9. Enter the Password for the Keystore; this is the password you provided during installationof the product10. Save the Certificate Request file to your desktop using the GENERATE button to save therequest file

Requesting an SSL Certificate

There are several SSL Certificate vendors to select from including GoDaddy, RapidSSL,GeoTrust, Thawte, etc. In each case you will need to provide the vendor with the contents ofthe certificate request file created in the previous steps and the type of keystore you areusing. When asked by the vendor for the type of keystore, you can reply with TOMCAT orJETTY.

Importing the SSL Certificate

Once the SSL vendor has successfully fulfilled your request for an SSL certificate, they will

http://sourceforge.net/projects/portecle

http://sourceforge.net/projects/portecle

Adding a Signed SSL Certificate 25


respond back with a set of one or more files. These files will include the actual certificateresponse and one or more root/intermediate certificates. Follow the instructions below toimport the certificate response and the intermediate certificates into the keystore.

If your CA sent you one or more intermediate or root certificates then those will need to beimported.

1. From Portecle (with the keystore open) click on TOOLS, and then IMPORT TRUSTEDCERTIFICATE 2. Select your Intermediate / Root certificates that you were sent via email or told todownload

IMPORTANT: If you get any errors, it may be easier to import the SSL certificates into InternetExplorer and then export them from Internet Explorer. Once complete, you are ready to import them into theKEYSTORE.

**note - If you are obtaining a certificate from DigiCert, you will need to make sure youhave their proper Intermediate Certificate in IE. The easiest method for this is to usetheir Certificate Management Tool: https://www.digicert.com/util/ With this tool, youcan easily import the correct intermediate certificate, which is necessary to build theproper certificate chain.

Take the certificate you were sent, open Internet Explorer and go to :1. Tool | Internet Options | Content | Certificates |Import2. Select the certificate you were sent from your CA.3. Once imported, find the certificate usually located under the Other People tab.4. Right click on it and choose Export, select Cryptographic Message Syntax Standard PKCS

#7 option. 5. Select Include all certificates in the certification path if possible. 6. Save this file so you can import it into Keystore.

3. From the Portecle tool, right click on your webRDP keypair and choose IMPORT CA REPLY 4. Select the file from the SSL vendor or the P7B file that you just exported from InternetExplorer 5. You may get a message that says: Click OK, Verify the information about the SSL Certificate;click OK. 6. Select YES when it asks if you want to accept the CA Reply 7. You should see a message that the CA Reply Import Successful. 8. Click FILE | SAVE to save your changes to the keystore 9. You are now done; restart your webRDP HTML5 Gateway



9 Customizing the Interface

The webRDP HTML5 Gateway has been designed to allow organizations such as MSPs, hostedproviders, and IT shops to customize the gateway to create their own unique solution. This allowsorganizations to add their own business logic to the connection process for improved security,device selection, simplified login, etc. with HTML, Javascript, or Java Server Page (JSP) code.

Out of the box, the standard webRDP HTML5 Gateway connection process is displayed below. Theuser's enters the IP address or DNS name of the webRDP HTML5 Gateway. The gateway displaysthe connection screen to the end user. The user must enter the information required to connectto the remote Windows device (i.e. - Remote Windows IP address, username, password, etc.). Once the correct information has been entered, the webRDP HTML5 Gateway will connect theuser to the remote Windows device. In each case, the user must know which Windows devicethey wish to connect to, its address, and the proper authentication credentials.

Customizing the interface allows the customer to change the logic surrounding the connectionprocess. As shown below, the standard connection screen is replaced by a custom connectionpage (HTML or JSP) that executes its own logic before connecting to the back-end Windowsdevice.

The rest of this chapter will discuss how to enable a custom connection page on the webRDPHTML5 Gateway and how to create a custom JSP or HTML page.

Enabling the Custom Connection Page Through the Install Process

During the installation process the Optional Settings screen will be presented with the ability toenable a custom connection screen (see below).

Customizing the Interface 27


1. Check the USE CUSTOM INDEX.HTML Page

2. Select the BROWSE (...) button

3. Browse and select the custom HTML or JSP page

4. Select the OK button

5. Select the NEXT button

Enabling the Custom Connection Page After the Installation

Enabling a custom connection page after the standard installation process can be accomplished byfollowing the steps below:

1. Stop the webRDP HTML5 Gateway Service 2. Copy your custom HTML or JSP page to /webRDP-Gateway/Jetty/webapps/root3. Modify the existing INDEX.HTML page under /webRDP-Gateway/Jetty/webapps/root/4. Change the META tag to redirect to your custom HTML or JSP page5. Save the changes to INDEX.HTML6. Restart the webRDP HTML5 Gateway service



9.1 Custom Page Tags

The webRDP HTML5 Gateway was specifically designed to be embedded within other webapplications and web pages. Any developer can invoke the webRDP HTML5 Gateway from theirweb application or web page by calling the tags below and passing the appropriate parameters.

Parameters can be passed by adding the attributes between the tags:

<param name='username' value='<%= user %>'>

The parameters that can be passed to the applet tag are listed below:

<host=> = host IP address or DNS name<port=> = host RDP port (default is 3389)<username=> = username <password=> = user's password<domain=> = Terminal Server Domain (optional)<program=> = program automatically launched (Terminal Server only)<directory=> = set programs working directory (optional)<maxwidth=> = desktop screen maximum width in pixels<maxheight=> = desktop screen maximum height in pixels<bpp=> = desktop color depth (8/15/16/24)<keepalive=> = number of seconds between keep alive events (10-300)<onlogout=> = javascript function to execute on Terminal Server logout event<admin=> = whether or not to connect to the admin session on a MS Terminal Server( to enable = Y, T, or 1 )<setoption=> = suppress messages from an unexpected disconnect (to enable = setclose-messages-off) <pf=> = performance flags (add the values to apply multiple performance flags)

Disable Wallpaper: 1Disable Full Window Drag: 2Disable Menu Animations: 4Disable Theming: 8Disable Cursor Shadow: 32Disable Cursor Settings: 64

Example: a setting of 96 would mean Cursor Shadow and Cursor Settings were disabled.

The advanced parameters that can be passed to the applet tag are listed below:

<epassword=> = encrypted user password



Use the PassGen utility that ships with the advanced client to create theencrypted password. To create an encrypted password, follow the steps below:

1. copy the webRDP.jar, license, and PassGen.jar file into the same directory2. Run the PassGen utility at a command line (i.e. - java - jar PassGen.jar)3. Enter the password to be encrypted and hit ENTER4. Enter the FROM date (0 is a perpetual password that does not expire) and

hit ENTER5. An encrypted password will be displayed. Copy the password onto the /ep

parameter.

<ss-version=> = version number of session selection method (supports either 1or 2)<ss-id=> = the connection ID (must be an integer)<ss-string=> = string that will be passed to the connection broker (version 2only)<proxy=> = proxy server used to connect to Terminal Server or remotedesktop

Proxy format = (http | https | socks )://user:password@address:[port]Example = https://fred:[email protected]:8080

9.2 Sample HTML Page

Sample HTML Page

A sample of an HTML is given below:

<html> <head> <title>webRDP</title> <meta http-equiv='content-type' content='text/html; charset=iso-8859-1'> <meta http-equiv='content-style-type' content='text/css'> <meta http-equiv='expires' content='Wed, 26 Feb 1997 08:21:57 GMT'> <meta http-equiv='pragma' content='no-cache'>

 <style> body.swproxyBody { margin:4px;; } </style>

<script type='text/javascript'>



// The script below is used to move and resize the browser to the full size of themonitor. Uncomment the two lines below to activate.

// window.moveTo(0,0);// window.resizeTo( screen.availWidth, screen.availHeight );

// The script below is used to center and resize the browser to a 800 x 600 px

window. Uncomment the lines below to activate.// var height = 600;// var width = 800;// var left = parseInt( ( screen.availWidth/2 ) - ( width /2 ) );// var top = parseInt( ( screen.availHeight/2 ) - ( height /2 ) );// window.moveTo( left, top );// window.resizeTo( width, height );

// This method is called after the user logs out of their RDP session. The method

name is a congfigurable applet parameter. function rdpOnLogout() { alert ( ' User has Logged out ' ); }

</script> </head>

<body class='swproxyBody'>

 <applet name='rdp' code='com.webinflection.webrdp.MainApplet' archive='webRDP.jar'width='100%' height='100%'>

  <param name='host' value='10.1.1.25'>

  <param name='port' value='3389'>   <param name='username' value='joe'>

 



<param name='password' value='cat1dog2'>

  <param name='domain' value=''>

 <param name='program' value='c%3A%5Cwindows%5Csystem32%5Cnotepad.exe'>

 <param name='directory' value='c%3A%5Cwindows%5Csystem32%5C'>



 <param name='onlogout' value='rdpOnLogout'>

</applet> </body></html>

9.3 Sample JSP

Sample JSP is given below:

<%@page import="java.net.*"%>

<%

// This example modifies the HTML example and uses the JSP to pass the parameters to theapplet// We are not really dynamically creating the parameters, but this is where you would makecalls to your configuration apis to get the parmeter values

String host = "10.1.1.25";String port = "3389";

// Single Sign-on Parameters.

String user = "administrator";



String pass = "stoneware";String domain = "";

// Published Application Parameters. Remember to URLEncode the program and the directory

String program = URLEncoder.encode( "c:\\windows\\system32\\notepad.exe" );String directory = URLEncoder.encode( "c:\\windows\\system32\\" );

%>



<html><head> <title>webRDP</title> <meta http-equiv='content-type' content='text/html; charset=iso-8859-1'> <meta http-equiv='content-style-type' content='text/css'> <meta http-equiv='expires' content='Wed, 26 Feb 1997 08:21:57 GMT'> <meta http-equiv='pragma' content='no-cache'>

 <style> body.swproxyBody { margin:4px;; } </style>

<script type='text/javascript'> // The script below is used to move and resize the browser to the full size of themonitor. Uncomment the two lines below to activate.

// window.moveTo(0,0);// window.resizeTo( screen.availWidth, screen.availHeight );

// The script below is used to center and resize the browser to a 800 x 600 px

window. Uncomment the lines below to activate.// var height = 600;// var width = 800;// var left = parseInt( ( screen.availWidth/2 ) - ( width /2 ) );// var top = parseInt( ( screen.availHeight/2 ) - ( height /2 ) );// window.moveTo( left, top );// window.resizeTo( width, height );



// This method is called after the user logs out of their RDP session. The methodname is a congfigurable applet parameter. function rdpOnLogout() { alert ( ' User has Logged out ' ); }

</script> </head><body class='swproxyBody'>

 <applet name='rdp' code='com.webinflection.webrdp.MainApplet' archive='webRDP.jar'width='100%' height='100%'>

  <param name='host' value='<%= host %>'>

  <param name='port' value='<%= port %>'>

  <param name='username' value='<%= user %>'>

  <param name='password' value='<%= pass %>'>

  <param name='domain' value='<%= domain %>'>

 <param name='program' value='<%= program %>'>

 <param name='directory' value='<%= directory %>'>

 <param name='onlogout' value='rdpOnLogout'>

</applet></body>



</html>

Documents

webRDP HTML5 Gateway - Amazon Web Servicesstoneware-docs.s3.amazonaws.com/webRDP-HTML5-Gateway...webRDP HTML5 Gateway will make requests to the backend Terminal Server or remote desktop