The SGD Client is the part of SGD that is installed on client devices. The SGD Client is required to run applications.
This section includes details of how you can install and run the SGD Client.
This section includes the following topics:
The SGD Client operates by using a browser to display a special web page, called a webtop. The webtop lists the applications a user can run through SGD and provides controls for managing application sessions and printing. This is the default way of using SGD.
See the Oracle Secure Global Desktop User Guide for Release 4.7 for more details about the webtop.
Depending on the client platform, users see an icon in the System tray or Workspace switcher when the SGD Client is running.
The SGD Client performs the following functions:
Gets information about the client device, such as the operating system, local printers, and client drives.
Manages the display of applications.
Maintains a communication connection with the SGD server, using the Adaptive Internet Protocol (AIP) protocol.
Receives and acts on events from the SGD server. For example, the arrival of a print job.
The SGD Client needs to be configured so that it can connect to an SGD server. The connection settings for the SGD Client are defined in a client profile. The client profile is stored on the client device.
The client profile controls things such as the Uniform Resource Locator (URL) that the SGD Client connects to when it starts, and the operating mode of the SGD Client.
See Section 6.2, “Client Profiles” for more information about how SGD uses client profiles and the settings you can configure for a client profile.
When using a browser with Java technology enabled, the SGD Client is supported by the SGD Client Helper.
The SGD Client Helper is a Java applet that performs the following functions:
Downloads and installs the SGD Client. This only applies if automatic installation is used. See also Section 6.1.3, “Automatic Installation of the SGD Client”.
Obtains proxy server settings from the browser and sends them to the SGD Client. This depends on the settings in the user's client profile.
Starts the SGD Client. This only happens when a user starts a browser and goes to the login URL.
Responds to instructions received from the SGD Client. For example, prompting the browser to redraw the screen.
Use of the SGD Client Helper is optional. See Section 6.1.7.1, “How to Use SGD Without Java Technology”.
The SGD Client can be installed in the following ways:
Automatic installation. Download and installation of the SGD Client can be handled automatically, using a browser with Java technology enabled. See Section 6.1.3, “Automatic Installation of the SGD Client”.
Manual installation. The SGD Client can be downloaded to the client device and installed manually. See Section 6.1.5, “Manual Installation of the SGD Client”.
If you are using a browser with Java technology enabled, the
SGD Client is installed automatically when you
visit the
https://
URL, where server.example.com
/sgdserver.example.com
is the
name of an SGD server.
With automatic installation of the SGD Client, different versions of the SGD Client are installed in separate directories. This means the following:
Users only have to log in to an upgraded SGD server in order to upgrade the SGD Client
Users who log in to different SGD servers always run the correct SGD Client for the version of SGD
The SGD Client is installed in the following directories:
Microsoft Windows client devices. A user-specific writeable directory.
On Microsoft Windows XP platforms, for example:
C:\Documents and
Settings\
username
\Local
Settings\Temp\Oracle Secure Global
Desktop\clients\version
On Microsoft Windows 7 platforms, for example:
C:\Users\
username
\AppData\Local\Temp\Oracle
Secure Global
Desktop\clients\version
The actual location depends on the user's privileges, the operating system, and the version of the Java Plug-in software being used.
Users with Microsoft Windows client devices can have roaming user profiles. Roaming user profiles provide the user with the same working environment, no matter which Microsoft Windows computer they use.
If Microsoft Windows users have roaming user profiles, the SGD Client is installed in one of the following directories:
On Microsoft Windows XP platforms:
C:\Documents and
Settings\
username
\Application
Data\Temp\Oracle Secure Global
Desktop\clients\version
On Microsoft Windows 7 platforms:
C:\Users\
username
\AppData\Roaming\Temp\Oracle
Secure Global
Desktop\clients\version
For details of how to configure SGD to work with roaming user profiles, see Section 6.1.4, “How to Enable Automatic Installation for Roaming User Profiles”.
UNIX, Linux, or Mac OS X platform client devices. The user's home directory:
$HOME/.tarantella/clients/
arch
/version
where arch
is the client
architecture.
If you want to use automatic installation and have more control over where the SGD Client is installed, you can develop your own web application for installing the SGD Client and use SGD web services to specify the installation location.
See the Oracle Secure Global Desktop Installation Guide for Release 4.7 for more details about automatic installation of the SGD Client.
To enable the SGD Client to be installed automatically in a directory that is roamed, perform the following procedure on each SGD server in the array.
Ensure that no users are logged in to the SGD server, and that there are no application sessions, including suspended application sessions, running on the SGD server.
Log in as superuser (root) on the SGD host.
Change to the jsp
directory.
# cd /opt/tarantella/webserver/tomcat/tomcat-version
/webapps/sgd/resources/jsp
Edit the webtopsession.jsp
file.
Change the tccRoaming
line in
webtopsession.jsp
, as follows:
String tccRoaming="true";
Save the change.
Restart the SGD web server.
# tarantella restart webserver
With manual installation, you have full control over where the SGD Client is installed.
Different versions of the SGD Client are installed in separate directories.
You can install the SGD Client manually in the following ways:
User-specific installation. The SGD Client is installed in a user-specified location.
See Section 6.1.5.1, “User-Specific Installation” for more details.
System-wide installation. The SGD Client is installed in a system-wide location. This option is available for Administrators only.
See Section 6.1.5.2, “System-Wide Installation” for more details.
You download and install the SGD Client from the
SGD web server Welcome Page. The SGD
web server Welcome Page is at
https://
,
where server.example.com
server.example.com
is the name
of an SGD server.
Click the Install the Oracle Secure Global Desktop Client link on the Welcome Page. The Oracle Secure Global Desktop Client download page has instructions for downloading and installing the SGD Client.
On Microsoft Windows client devices, a shortcut for the SGD Client is added to the Windows Start Menu.
For a user-specific installation, the user must have permissions to write to the install location.
The default locations for a user-specific installation are as follows:
Microsoft Windows client devices. A user-specific writeable directory.
On Microsoft Windows XP platforms, for example:
C:\Documents and
Settings\
username
\Local
Settings\Application Data\Programs\Oracle\Secure Global
Desktop
Client\clients\version
On Microsoft Windows 7 platforms, for example:
C:\Users\
username
\AppData\Local\Programs\Oracle\Secure
Global Desktop
Client\clients\version
UNIX or Linux platform client devices. The user's home directory:
$HOME/Oracle Secure Global
Desktop/clients/
arch
/version
where arch
is the client
architecture.
A configuration file containing a list of SGD
Clients installed on the system is created at
$HOME/.tarantella/clients.conf
. See
Section 6.1.5.3, “Installing the SGD Client in a Non-Default Location” for more
details about this file.
Mac OS X platform client devices. The user's home directory:
$HOME/Applications/Oracle Secure Global Desktop
Client/
version
/Oracle Secure
Global Desktop Client.app
This installation method can be used on a shared file system.
The default locations for a system-wide installation are as follows:
Microsoft Windows client devices:
C:\Program Files\Oracle\Secure Global Desktop
Client\clients\
version
UNIX or Linux platform client devices:
/opt/Oracle Secure Global
Desktop/clients/
arch
/version
where arch
is the client
architecture.
A system-wide configuration file containing a list of
SGD Clients installed on the system is
created at /etc/opt/Oracle Secure Global
Desktop/clients.conf
. See
Section 6.1.5.3, “Installing the SGD Client in a Non-Default Location”
for more details about this file.
Mac OS X platform client devices:
/Applications/Oracle Secure Global Desktop
Client/
version
/Oracle Secure
Global Desktop Client.app
With manual installation, you can install the SGD Client in a non-default location.
When you are connecting to an SGD server using a browser with Java technology enabled, the SGD Client Helper looks for the SGD Client on the client device. To enable this, SGD maintains a record of the location of all SGD Clients installed manually on the client device.
SGD Client locations are recorded on the client device as follows:
Microsoft Windows platforms. A key in the registry, as follows:
User-specific installation:
HKEY_CURRENT_USER\\Software\\Oracle\\Secure
Global Desktop Client\\VERSION
System-wide installation:
HKEY_LOCAL_MACHINE\\Software\\Oracle\\Secure
Global Desktop Client\\VERSION
UNIX and Linux platforms. A configuration file, as follows:
User-specific installation:
$HOME/.tarantella/clients.conf
System-wide installation: /opt/Oracle Secure
Global Desktop/clients.conf
Mac OS X platforms. Non-default install locations are not recorded on the client device. So, the SGD Client Helper is not able to find SGD Clients installed in non-default locations.
Before attempting to download the SGD Client from an SGD server, the SGD Client Helper checks the above locations to see if the same version of the SGD Client is already installed on the client device.
The above locations are also searched if the SGD Client Helper is unable to download and install the SGD Client automatically. For example, if there is a network problem. In this case, the SGD Client Helper checks if there is a compatible version of the SGD Client already installed on the client device, by looking in one of the locations shown.
Typically, users log in to SGD by starting a
browser and visiting the
https://
URL, where server.example.com
/sgdserver.example.com
is the
name of an SGD server.
Connecting to SGD in this way, automatically downloads and starts the SGD Client. However, you can also start the SGD Client from the command line and connect to an SGD server.
You start the SGD Client with the
tcc
command on Microsoft Windows client
platforms, or the ttatcc
command on UNIX,
Linux, or Mac OS X client platforms, as follows:
tcc [ -profilename
] [ -loginurlurl
] [ -prompt ] [ -preferredlanguagelang
] [ -logdirfile
] [ -use-java ] [ -version ]
The following table lists the arguments for the tcc and ttatcc commands.
Argument | Description |
---|---|
| The name of the profile to use when starting the SGD Client. Currently there is only one profile for each SGD server, called Default.
To specify the profile for a particular server, use
Note Profile names are case sensitive. |
| The login URL. This overrides the URL defined in the profile. Use a fully qualified domain name. |
| Display the connection dialog, showing a list of SGD servers that the SGD Client has previously connected to. The user can select a server from the list. |
| The language to use in any dialogs and messages displayed by the SGD Client. This overrides the language defined in the profile. The following are the supported languages:
|
| The directory where the SGD Client log file is created. |
| Enable the detection of Java technology in the SGD Client. |
| Displays the version number of the SGD Client. |
| Displays help information. This option is only available on UNIX, Linux, or Mac OS X client platforms. |
The arguments are case-sensitive.
The command line does not allow you to supply a user name and password.
The command line for the SGD Client can be used to create your own shortcuts and shell scripts.
The following are some examples of running the SGD Client from the command line.
The following example starts the SGD Client and uses the settings defined in the Default profile, available from the user's profile cache.
$ ttatcc
If there is no profile, or the profile does not contain a login URL, the SGD Client starts but it cannot connect to an SGD server.
If the user has previously connected to more than one SGD server, the SGD Client connects to the last SGD server the user connected to, using the profile for that server.
Use this command to start the SGD Client if the user always connects to the same SGD server.
The following example starts the SGD Client and
uses the settings defined in the profile for
server.example.com
, available
from the user's profile cache.
$ ttatcc -profile server.example.com
::Default
If there is no profile available in the cache for
server.example.com
, the
SGD Client prompts for connection settings.
Use this command to start the SGD Client if the user might connect to different SGD servers.
The following example starts the SGD Client and uses the settings defined in the Default profile, available from the user's profile cache, but connects to the specified URL.
$ tcc -loginurl url
where url
is the URL of a login
page on an SGD server, for example
http://server.example.com/sgd
.
Depending on the URL, this can be used to start an application.
Use this command to start the SGD Client and connect to a single SGD server, but connect to different web applications on that server.
The SGD Client also supports the following command-line arguments. These arguments are useful only when developing applications with SGD web services.
Argument | Description |
---|---|
| The port on which the SGD Client connects to the SGD server. Usually, this is TCP port 5307 when the user has a secure connection to SGD. |
| The base network route the SGD Client uses to traverse a SOCKS proxy server. |
| Indicates that the SGD server is using firewall traversal. Connections to the SGD server and the webtop both use the same port, usually TCP port 443. |
| Supplies the cookie used by the SGD server to identify the user session which the SGD Client is being used for. |
| The name of a file where the SGD Client writes its listening port number. |
| For use with Mac OS X client devices only. Ensures an X server is running. |
| The fully-qualified Domain Name System (DNS) name of the SGD server. |
| Do not start a browser when starting the SGD Client. |
The arguments are case-sensitive.
If your organization prefers not to use Java technology, you can still use SGD, but with the following limitations:
The SGD Client must be manually downloaded and installed.
To log in to SGD, users must start the SGD Client first, either from the command line or from the shortcut in the desktop Start menu. Users cannot log in by starting a browser first.
Proxy server settings must be configured in users' client profiles. The settings cannot be obtained automatically from a browser.
The webtop must be reloaded manually to show the current state.
The following procedure describes the steps needed to use SGD without Java.
Download and install the SGD Client.
You download the SGD Client from the
SGD web server Welcome Page, for example at
https://
,
where server.example.com
server.example.com
is the
name of an SGD server.
Click the link to Install the Oracle Secure Global Desktop Client.
The download page and the Oracle Secure Global Desktop User Guide for Release 4.7 have details of how to install the SGD Client.
Start the SGD Client and connect to SGD.
Use either of the following methods:
Start the SGD Client from the shortcut in the desktop Start menu.
The first time you start the SGD Client,
it prompts you for the URL to connect to. This is
normally
https://
,
where server.example.com
/sgdserver.example.com
is
the name of an SGD server. The
SGD Client also prompts you for the proxy
server settings to use.
When the SGD Client connects, it starts your default browser and displays the SGD login page.
Start the SGD Client from the command line.
See Section 6.1.6, “Running the SGD Client From the Command Line” for more details.
Log in to SGD.
The SGD webtop is displayed.
Edit the profile for your client device.
On the webtop, click the Edit button in the Applications area of the webtop. Go to the Client Settings tab and edit the client profile.
See also Section 6.2.4, “Client Profile Settings”.
Configure the proxy server settings.
You must specify the proxy server settings in the profile, because these settings cannot be obtained from the browser. See Section 1.3.2, “Configuring Client Proxy Settings”.
Click Save.
SGD Administrators can preconfigure many of these settings for users, by editing the profile for an organization or organizational unit.
Log out of SGD.