1.2 Changes in Release 5.4

This section describes the changes for the SGD 5.4 release.

1.2.1 HTML5 Workspace Improvements

The following improvements have been made for the HTML5 workspace. The HTML5 workspace is shown when users connect from a tablet device, for example.

  • Multiple application instances. In prevous releases, users could only run a single instance of an application at any one time. Any running application instances were suspended automatically. This limitation has been removed.

  • Character applications. Character applications are now supported on the HTML5 workspace.

    • Character applications are not supported on Android tablet devices.

    • Users can copy text from a character application running on the HTML5 workspace. However, pasting of text into a character application window is not supported.

      The Copy icon on the side toolbar of the HTML5 workspace is not required for character applications.

1.2.2 Forced Authentication Changes

Users can force SGD to display the Application Authentication dialog box by holding down the Shift key when they click an application's link on the workspace. This is called forced authentication.

From this release, users can now display the Application Authentication dialog box for all applications that they start, by selecting the Force Authentication check box on the SGD workspace.

On the HTML5 workspace, the new Force Authentication check box replaces the Force Authentication icon.

The forced authentication changes make it easier for users to select the required authentication method when starting an application.

1.2.3 64-bit SGD Client for Linux Platforms

64-bit package versions of the SGD Client are now available for manual installation on the following Linux platforms:

  • Oracle Linux 6

  • Oracle Linux 7

  • Ubuntu Linux 16.04

In previous releases, the only available version of the SGD Client for Linux platforms was a 32-bit binary. This meant that users on 64-bit Linux platforms had to install compatibility libraries on their client device.


User-specific installation is not available for 64-bit Linux versions of the SGD Client. Packages are installed by default in the following system-wide location: /opt/oracle/sgdclient.

1.2.4 Improvements for Load-Balanced Gateway Deployments

The SGD Gateway now works better in mixed traffic environments, where the load balancer handles both SGD traffic and non-SGD traffic.

For best results in a load-balanced Gateway deployment, use an HTTP load balancer that is configured for sticky sessions.

When using an HTTP load balancer, specify the /sgd domain string for the --security-gateway attribute. For example:

# tarantella config edit --security-gateway *:sgdg:lb.oracle.com:443/sgd

1.2.5 SGD Server Performance Improvements

The following performance improvements have been made:

  • The X Protocol Engine (XPE) in this release provides improved performance over low bandwidth or high latency connections.

  • UNIX platform CDM (client drive mapping) performance is improved for applications that run on UNIX or Linux platform application servers.

1.2.6 Installation Program Changes for the SGD Client

The installation program for the SGD Client has been modified, resulting in the following changes for manual installations:

  • Default installation directory: On Windows and Mac OS X platforms, the default location for manual installations of the SGD Client has changed.

    From this release, the installation program will remove any previous instances of the SGD Client that have a version of 5.4 or later.

    See Manual Installation of the SGD Client in the Oracle Secure Global Desktop Administration Guide.

  • Installation changes for Mac OS X: You no longer require administrator privileges to install the SGD Client manually on Mac OS X platforms.

    This means that the SGD Client can now be installed in a non-default location that does not require administrator privileges.

    See Installing the SGD Client Manually on Mac OS X Platforms in the Oracle Secure Global Desktop User Guide

1.2.7 Enhanced Client IP Address Information for SGD Gateway Deployments

The tarantella webtopsession list and tarantella emulatorsession list commands have been modified to provide enhanced client IP address information for SGD Gateway deployments, including deployments that use a load balancer. The output from these commands now shows the client IP address reported at various points in the Gateway deployment.


This feature works best with load balancers that use SSL termination.

Enhanced Client IP Address Information for an SGD Gateway Deployment in the Oracle Secure Global Desktop Gateway Administration Guide includes examples of command output for a load-balanced Gateway deployment.

1.2.8 X11 Forwarding Enabled for New X Application Objects

X11 forwarding is now enabled by default for an X application object created using the Administration Console or the tarantella object new_xapp command.

The default Connection Method: SSH Arguments (--ssharguments) attribute for a new X application object is now -X.

1.2.9 Changes for the SGD Enhancement Module

The following changes have been made for the Linux and Oracle Solaris versions of the SGD Enhancement Module:

  • Required users. For installation on these platforms, a temsys user and a temserv group are now required on the host. The user and group are created automatically during installation.

  • New commands. The tem startloadprobe and tem stoploadprobe commands have been introduced for controlling the advanced load balancing module.

See the Oracle Secure Global Desktop Enhancement Module Administration Guide for more details.

1.2.10 Changes for Kerberos Authentication

This release of SGD does not include shared Kerberos libraries. Instead, SGD uses the native Kerberos libraries on the host operating system. Any required dependencies are indicated during installation of SGD.

This results in the following changes when configuring SGD for Kerberos authentication:

  • SGD servers now automatically use the system default Kerberos configuration file /etc/krb5.conf.

  • The SGD Kerberos configuration file /opt/tarantella/bin/jre/lib/security/krb5.conf is no longer used.

If you are upgrading an SGD deployment that uses the SGD Kerberos configuration file, you may need to update the system default Kerberos configuration file /etc/krb5.conf on each SGD server in the array.

See also Configuring SGD for Kerberos Authentication in the Oracle Secure Global Desktop Administration Guide.

1.2.11 SecurID Agent Software Installation Requirement

SecurID agent software is no longer included as part of the SGD installation package.

If you wish to use SecurID authentication, you must download the RSA SecurID Authentication Agent software and install it on each SGD host.

RSA Authentication Agent software and documentation are available from the following page on the RSA web site:


Section, “Supported Versions of SecurID” lists the SecurID versions tested with this release.

1.2.12 Retirement of TeemTalk Emulator Software

The TeemTalk for Unix software is no longer supplied with SGD. In previous releases, TeemTalk was used as the terminal emulator application for 3270 and 5250 applications.

To display 3270 and 5250 applications, you have the following options:

  • Obtain the TeemTalk software and install on the SGD host.

    Use this option if you have legacy 3270 and 5250 applications that use specific TeemTalk features.

    The required binary paths are /opt/tarantella/bin/bin/tta3270 and /opt/tarantella/bin/bin/tta5250.

  • Install an alternative terminal emulator application. For example, you can use the x3270 and tn5250 open-source software packages. These packages are available on the supported SGD installation platforms.

    Note that such emulator applications may have a reduced feature set, when compared to TeemTalk.

From this release, the 3270 and 5250 application objects, and their related attributes and commands, are deprecated. These object types should no longer be created using the Administration Console or command line.

To configure a new terminal emulator application, you must now use an X application object. See 3270 and 5250 Terminal Emulators in the Oracle Secure Global Desktop Administration Guide.

1.2.13 Documentation Changes

The following changes to the documentation set have been made for this release:

  • SGD Enhancement Module documentation. A new manual, the Oracle Secure Global Desktop Enhancement Module Administration Guide, has been introduced to help administrators to install and use the SGD Enhancement Module. In previous releases, these topics were covered in the Oracle Secure Global Desktop Installation Guide.

  • Translated documentation. The scope of localized documentation has been extended, to cover the following manuals:

    • Oracle Secure Global Desktop Quick Start Guide

    • Oracle Secure Global Desktop Deployment Guide

    • Oracle Secure Global Desktop Enhancement Module Administration Guide