6.1. The SGD Client

The SGD Client is the part of SGD that is installed on client devices. The SGD Client is required to run applications.

This section includes details of how you can install and run the SGD Client.

This section includes the following topics:

6.1.1. Overview of the SGD Client

The SGD Client operates by using a browser to display a special web page, called a webtop. The webtop lists the applications a user can run through SGD and provides controls for managing application sessions and printing. This is the default way of using SGD.

See the Oracle Secure Global Desktop User Guide for Release 4.7 for more details about the webtop.

Depending on the client platform, users see an icon in the System tray or Workspace switcher when the SGD Client is running.

The SGD Client performs the following functions:

  • Gets information about the client device, such as the operating system, local printers, and client drives.

  • Manages the display of applications.

  • Maintains a communication connection with the SGD server, using the Adaptive Internet Protocol (AIP) protocol.

  • Receives and acts on events from the SGD server. For example, the arrival of a print job.

6.1.1.1. Configuring the SGD Client

The SGD Client needs to be configured so that it can connect to an SGD server. The connection settings for the SGD Client are defined in a client profile. The client profile is stored on the client device.

The client profile controls things such as the Uniform Resource Locator (URL) that the SGD Client connects to when it starts, and the operating mode of the SGD Client.

See Section 6.2, “Client Profiles” for more information about how SGD uses client profiles and the settings you can configure for a client profile.

6.1.1.2. The SGD Client Helper

When using a browser with Java technology enabled, the SGD Client is supported by the SGD Client Helper.

The SGD Client Helper is a Java applet that performs the following functions:

  • Downloads and installs the SGD Client. This only applies if automatic installation is used. See also Section 6.1.3, “Automatic Installation of the SGD Client”.

  • Obtains proxy server settings from the browser and sends them to the SGD Client. This depends on the settings in the user's client profile.

  • Starts the SGD Client. This only happens when a user starts a browser and goes to the login URL.

  • Responds to instructions received from the SGD Client. For example, prompting the browser to redraw the screen.

Use of the SGD Client Helper is optional. See Section 6.1.7.1, “How to Use SGD Without Java Technology”.

6.1.2. Installing the SGD Client

The SGD Client can be installed in the following ways:

6.1.3. Automatic Installation of the SGD Client

If you are using a browser with Java technology enabled, the SGD Client is installed automatically when you visit the https://server.example.com/sgd URL, where server.example.com is the name of an SGD server.

With automatic installation of the SGD Client, different versions of the SGD Client are installed in separate directories. This means the following:

  • Users only have to log in to an upgraded SGD server in order to upgrade the SGD Client

  • Users who log in to different SGD servers always run the correct SGD Client for the version of SGD

The SGD Client is installed in the following directories:

  • Microsoft Windows client devices. A user-specific writeable directory.

    On Microsoft Windows XP platforms, for example:

    C:\Documents and Settings\username\Local Settings\Temp\Oracle Secure Global Desktop\clients\version

    On Microsoft Windows 7 platforms, for example:

    C:\Users\username\AppData\Local\Temp\Oracle Secure Global Desktop\clients\version

    The actual location depends on the user's privileges, the operating system, and the version of the Java Plug-in software being used.

    Users with Microsoft Windows client devices can have roaming user profiles. Roaming user profiles provide the user with the same working environment, no matter which Microsoft Windows computer they use.

    If Microsoft Windows users have roaming user profiles, the SGD Client is installed in one of the following directories:

    On Microsoft Windows XP platforms:

    C:\Documents and Settings\username\Application Data\Temp\Oracle Secure Global Desktop\clients\version

    On Microsoft Windows 7 platforms:

    C:\Users\username\AppData\Roaming\Temp\Oracle Secure Global Desktop\clients\version

    For details of how to configure SGD to work with roaming user profiles, see Section 6.1.4, “How to Enable Automatic Installation for Roaming User Profiles”.

  • UNIX, Linux, or Mac OS X platform client devices. The user's home directory:

    $HOME/.tarantella/clients/arch/version

    where arch is the client architecture.

If you want to use automatic installation and have more control over where the SGD Client is installed, you can develop your own web application for installing the SGD Client and use SGD web services to specify the installation location.

See the Oracle Secure Global Desktop Installation Guide for Release 4.7 for more details about automatic installation of the SGD Client.

6.1.4. How to Enable Automatic Installation for Roaming User Profiles

To enable the SGD Client to be installed automatically in a directory that is roamed, perform the following procedure on each SGD server in the array.

Ensure that no users are logged in to the SGD server, and that there are no application sessions, including suspended application sessions, running on the SGD server.

  1. Log in as superuser (root) on the SGD host.

  2. Change to the jsp directory.

    # cd /opt/tarantella/webserver/tomcat/tomcat-version/webapps/sgd/resources/jsp
    
  3. Edit the webtopsession.jsp file.

    Change the tccRoaming line in webtopsession.jsp, as follows:

    String tccRoaming="true";

    Save the change.

  4. Restart the SGD web server.

    # tarantella restart webserver

6.1.5. Manual Installation of the SGD Client

With manual installation, you have full control over where the SGD Client is installed.

Different versions of the SGD Client are installed in separate directories.

You can install the SGD Client manually in the following ways:

You download and install the SGD Client from the SGD web server Welcome Page. The SGD web server Welcome Page is at https://server.example.com, where server.example.com is the name of an SGD server.

Click the Install the Oracle Secure Global Desktop Client link on the Welcome Page. The Oracle Secure Global Desktop Client download page has instructions for downloading and installing the SGD Client.

On Microsoft Windows client devices, a shortcut for the SGD Client is added to the Windows Start Menu.

6.1.5.1. User-Specific Installation

For a user-specific installation, the user must have permissions to write to the install location.

The default locations for a user-specific installation are as follows:

  • Microsoft Windows client devices. A user-specific writeable directory.

    On Microsoft Windows XP platforms, for example:

    C:\Documents and Settings\username\Local Settings\Application Data\Programs\Oracle\Secure Global Desktop Client\clients\version

    On Microsoft Windows 7 platforms, for example:

    C:\Users\username\AppData\Local\Programs\Oracle\Secure Global Desktop Client\clients\version

  • UNIX or Linux platform client devices. The user's home directory:

    $HOME/Oracle Secure Global Desktop/clients/arch/version

    where arch is the client architecture.

    A configuration file containing a list of SGD Clients installed on the system is created at $HOME/.tarantella/clients.conf. See Section 6.1.5.3, “Installing the SGD Client in a Non-Default Location” for more details about this file.

  • Mac OS X platform client devices. The user's home directory:

    $HOME/Applications/Oracle Secure Global Desktop Client/version/Oracle Secure Global Desktop Client.app

6.1.5.2. System-Wide Installation

This installation method can be used on a shared file system.

The default locations for a system-wide installation are as follows:

  • Microsoft Windows client devices:

    C:\Program Files\Oracle\Secure Global Desktop Client\clients\version

  • UNIX or Linux platform client devices:

    /opt/Oracle Secure Global Desktop/clients/arch/version

    where arch is the client architecture.

    A system-wide configuration file containing a list of SGD Clients installed on the system is created at /etc/opt/Oracle Secure Global Desktop/clients.conf. See Section 6.1.5.3, “Installing the SGD Client in a Non-Default Location” for more details about this file.

  • Mac OS X platform client devices:

    /Applications/Oracle Secure Global Desktop Client/version/Oracle Secure Global Desktop Client.app

6.1.5.3. Installing the SGD Client in a Non-Default Location

With manual installation, you can install the SGD Client in a non-default location.

When you are connecting to an SGD server using a browser with Java technology enabled, the SGD Client Helper looks for the SGD Client on the client device. To enable this, SGD maintains a record of the location of all SGD Clients installed manually on the client device.

SGD Client locations are recorded on the client device as follows:

  • Microsoft Windows platforms. A key in the registry, as follows:

    • User-specific installation: HKEY_CURRENT_USER\\Software\\Oracle\\Secure Global Desktop Client\\VERSION

    • System-wide installation: HKEY_LOCAL_MACHINE\\Software\\Oracle\\Secure Global Desktop Client\\VERSION

  • UNIX and Linux platforms. A configuration file, as follows:

    • User-specific installation: $HOME/.tarantella/clients.conf

    • System-wide installation: /opt/Oracle Secure Global Desktop/clients.conf

  • Mac OS X platforms. Non-default install locations are not recorded on the client device. So, the SGD Client Helper is not able to find SGD Clients installed in non-default locations.

Before attempting to download the SGD Client from an SGD server, the SGD Client Helper checks the above locations to see if the same version of the SGD Client is already installed on the client device.

The above locations are also searched if the SGD Client Helper is unable to download and install the SGD Client automatically. For example, if there is a network problem. In this case, the SGD Client Helper checks if there is a compatible version of the SGD Client already installed on the client device, by looking in one of the locations shown.

6.1.6. Running the SGD Client From the Command Line

Typically, users log in to SGD by starting a browser and visiting the https://server.example.com/sgd URL, where server.example.com is the name of an SGD server.

Connecting to SGD in this way, automatically downloads and starts the SGD Client. However, you can also start the SGD Client from the command line and connect to an SGD server.

You start the SGD Client with the tcc command on Microsoft Windows client platforms, or the ttatcc command on UNIX, Linux, or Mac OS X client platforms, as follows:

tcc
  [ -profile name ]
  [ -loginurl url ]
  [ -prompt ]
  [ -preferredlanguage lang ]
  [ -logdir file ]
  [ -use-java ]
  [ -version ]

The following table lists the arguments for the tcc and ttatcc commands.

Argument

Description

-profile name

The name of the profile to use when starting the SGD Client.

Currently there is only one profile for each SGD server, called Default.

To specify the profile for a particular server, use -profile server.example.com::Default where server.example.com is the name of an SGD server.

Note

Profile names are case sensitive.

-loginurl URL

The login URL. This overrides the URL defined in the profile.

Use a fully qualified domain name.

-prompt

Display the connection dialog, showing a list of SGD servers that the SGD Client has previously connected to. The user can select a server from the list.

-preferredlanguage lang

The language to use in any dialogs and messages displayed by the SGD Client. This overrides the language defined in the profile. The following are the supported languages:

  • en for English

  • de for German

  • es for Spanish

  • fr for French

  • it for Italian

  • ja for Japanese

  • ko for Korean

  • pt_BR for Portuguese (Brazilian)

  • zh_CN for Simplified Chinese

  • zh_TW for Traditional Chinese

-logdir file

The directory where the SGD Client log file is created.

-use-java

Enable the detection of Java technology in the SGD Client.

-version

Displays the version number of the SGD Client.

-help

Displays help information. This option is only available on UNIX, Linux, or Mac OS X client platforms.

Note

The arguments are case-sensitive.

The command line does not allow you to supply a user name and password.

6.1.6.1. Command-Line Examples

The command line for the SGD Client can be used to create your own shortcuts and shell scripts.

The following are some examples of running the SGD Client from the command line.

6.1.6.1.1. Starting the SGD Client Without Any Arguments

The following example starts the SGD Client and uses the settings defined in the Default profile, available from the user's profile cache.

$ ttatcc

If there is no profile, or the profile does not contain a login URL, the SGD Client starts but it cannot connect to an SGD server.

If the user has previously connected to more than one SGD server, the SGD Client connects to the last SGD server the user connected to, using the profile for that server.

Use this command to start the SGD Client if the user always connects to the same SGD server.

6.1.6.1.2. Connecting to a Particular SGD Server

The following example starts the SGD Client and uses the settings defined in the profile for server.example.com, available from the user's profile cache.

$ ttatcc -profile server.example.com::Default

If there is no profile available in the cache for server.example.com, the SGD Client prompts for connection settings.

Use this command to start the SGD Client if the user might connect to different SGD servers.

6.1.6.1.3. Overriding the Login URL

The following example starts the SGD Client and uses the settings defined in the Default profile, available from the user's profile cache, but connects to the specified URL.

$ tcc -loginurl url

where url is the URL of a login page on an SGD server, for example http://server.example.com/sgd.

Depending on the URL, this can be used to start an application.

Use this command to start the SGD Client and connect to a single SGD server, but connect to different web applications on that server.

6.1.6.2. Web Services Developer Options

The SGD Client also supports the following command-line arguments. These arguments are useful only when developing applications with SGD web services.

Argument

Description

-port tcp

The port on which the SGD Client connects to the SGD server. Usually, this is TCP port 5307 when the user has a secure connection to SGD.

-baseroute

The base network route the SGD Client uses to traverse a SOCKS proxy server.

-firewalltraversal

Indicates that the SGD server is using firewall traversal. Connections to the SGD server and the webtop both use the same port, usually TCP port 443.

-connectioncookie cookie

Supplies the cookie used by the SGD server to identify the user session which the SGD Client is being used for.

-portfile file

The name of a file where the SGD Client writes its listening port number.

-psn

For use with Mac OS X client devices only. Ensures an X server is running.

-server server

The fully-qualified Domain Name System (DNS) name of the SGD server.

-no-browser

Do not start a browser when starting the SGD Client.

Note

The arguments are case-sensitive.

6.1.7. Using SGD Without Java Technology

If your organization prefers not to use Java technology, you can still use SGD, but with the following limitations:

  • The SGD Client must be manually downloaded and installed.

  • To log in to SGD, users must start the SGD Client first, either from the command line or from the shortcut in the desktop Start menu. Users cannot log in by starting a browser first.

  • Proxy server settings must be configured in users' client profiles. The settings cannot be obtained automatically from a browser.

  • The webtop must be reloaded manually to show the current state.

The following procedure describes the steps needed to use SGD without Java.

6.1.7.1. How to Use SGD Without Java Technology

  1. Download and install the SGD Client.

    You download the SGD Client from the SGD web server Welcome Page, for example at https://server.example.com, where server.example.com is the name of an SGD server.

    Click the link to Install the Oracle Secure Global Desktop Client.

    The download page and the Oracle Secure Global Desktop User Guide for Release 4.7 have details of how to install the SGD Client.

  2. Start the SGD Client and connect to SGD.

    Use either of the following methods:

    • Start the SGD Client from the shortcut in the desktop Start menu.

      The first time you start the SGD Client, it prompts you for the URL to connect to. This is normally https://server.example.com/sgd, where server.example.com is the name of an SGD server. The SGD Client also prompts you for the proxy server settings to use.

      When the SGD Client connects, it starts your default browser and displays the SGD login page.

    • Start the SGD Client from the command line.

      See Section 6.1.6, “Running the SGD Client From the Command Line” for more details.

  3. Log in to SGD.

    The SGD webtop is displayed.

  4. Edit the profile for your client device.

    On the webtop, click the Edit button in the Applications area of the webtop. Go to the Client Settings tab and edit the client profile.

    See also Section 6.2.4, “Client Profile Settings”.

    1. Configure the proxy server settings.

      You must specify the proxy server settings in the profile, because these settings cannot be obtained from the browser. See Section 1.3.2, “Configuring Client Proxy Settings”.

    2. Click Save.

    Note

    SGD Administrators can preconfigure many of these settings for users, by editing the profile for an organization or organizational unit.

  5. Log out of SGD.