This section includes information about the two different client types that can be used in conjunction with a Web Browser. The two client types, as well as the common CGI script, are described below.
The Java Browser Client is based on the Open Source project called "SSHVnc". It features a Java applet which includes both a VNC viewer as well as a SSH implementation. The applet is launched by calling the CGI script tlclient.cgi. See Section 8.9.5, “ The CGI Script tlclient.cgi ” for more information.
The Java Browser Client can be used with any browser that supports SSL and Java 1.4.2 or newer. This version is also required by the Native Client Verification Applet.
Most of the work to install the Java client is actually done on the servers. The client files must be installed on each terminal server. This is done automatically if you use the installation program on the server and select support for Java Browser Clients.
If you have a firewall between the clients and the terminal servers you have to open for HTTP over SSL (port 443) communication to the terminal servers.
To use the Java Browser Client, you need a Java plug-in 1.4.2 or later. The client is accessed with your web browser through https://thinlinc-master.example.com/thinlinc/tlclient.cgi. Change the domain name to the name of your master terminal server. Make sure you confirm the SSL Certificate sent out by the server, or you will be vulnerable to man in the middle attacks.
Beginning with ThinLinc 2.0.0, it's possible to launch the native client from a web page. The process works like this:
The CGI script is called with the desired parameters.
(optional) A web page containing the Native Client Verification Applet is generated. This applet is used to verify that the native client is installed. If not, the applet allows the user to install the client.
The CGI script generates a "launch file", which is a normal client configuration file. When the browser recieves this file, it launches the locally installed ThinLinc client.
Only the Windows and Linux client packages configures the system to recognize launch files, and the Native Client Verification Applet can only verify if the client is installed on Windows and modern Linux systems.
The launch file delivered to the client is generated from the template /opt/thinlinc/etc/tlclient.conf.webtemplate. The CGI script performs some substitutions on this file, before sending it to the client. Currently, the following variables are substituted:
The server name where the CGI script resides.
The user name, specified by the username CGI parameter.
The password in hexadecimal ASCII notation, specified by the password or hexpassword CGI parameters.
The value of the autologin CGI parameter.
The CGI script tlclient.cgi is used to start both the Java Browser Client as well the native client, when launched from a web page. It accepts many parameters which affects its operation. These are described below:
The desired user name. No default.
The desired password, in plain text. No default.
The desired password, in hexadecimal ASCII notation. This parameter overrides the password parameter. No default.
Used by the Native Client Verification Applet. Specifies the URL to redirect to when the user initiates a client installation, on operating systems other than Linux and Windows. Default value: http://www.cendio.com/downloads/clients
Used by the Native Client Verification Applet. Specifies the URL to redirect to when the user initiates a client installation, on Linux. Default value: https://www.cendio.com/downloads/clients/thinlinc-client-latest.i686.rpm
Used by the Native Client Verification Applet. Specifies the URL to redirect to when the user initiates a client installation, on Windows. Default value: https://www.cendio.com/downloads/clients/tl-latest-client-windows.exe
A boolean value which specifies if the Native Client Verification Applet should be used. Only relevant for the native client type. Default value: 1
A boolean value which specifies if the user should be able to select the client type on the login form. Default value: 1
After launching the native client, the browser will redirect to the web page specified by this parameter. Default value: the empty string.
This parameter specifies the client type. Valid values are "java" and "native. Default value: java.
This boolean parameter specifies if a login should be directly executed, instead of showing a login form. Default value: 0
This boolean parameter specifies if the native client should automatically connect to the specified server at startup. Default value: 1
This boolean parameter specifies if the native client should request that the server starts the session with the command supplied by the client, as indicated by the start_program_command parameter. Default value: 0.
This parameter specifies the command to use when starting the session. Default value: "firefox".
This boolean parameter can be used for debugging and development purposes. It will display and URL with all submitted parameters, and do nothing else. Default value: 0
This boolean parameter specifies if the native client should activate shadowing. Default value: 0
This parameter specifies the user to shadow. Default value is the empty string.
To make it easier to test various parameters, the HTML file cgitest.html is included, in the same location as tlclient.cgi. It also demonstrates how to create icons on web pages, which launches ThinLinc sessions.