|
JSup v6 is able to provide most of its graphics features to web clients.
Configuration of HTML5 web server
This features has to be licensed (or it will run only in demo mode) and must be enabled and configured via application properties:
- web.server.port
- Request to start the web server with HTML5 graphics at the specified port (this property is requested to start the web server). Use a port like 433 or 8433 if TLS is enabled or 80 / 8080 otherwise.
- web.login.requestedSecurityGroupName
- Define the security group name a JSup user must belong to be able to login to JSup via web browser (default is web).
- web.session.timeout.min
- Set the timeout of unused web sessions (in minutes) before a new login is requested; default is 10080 minutes (one week).
- web.server.showDelayMs
- Set the initial delay before the home window is displayed on a web client connection (in ms, default 2000) - can be usefully increased for slow JSup server.
Communication security
JSup is able to provide cryptographic communication security and server authentication via  Transport Layer Security.
See - Client certificates for certificate creation parameters corresponding to following application properties:
- web.server.TLS
- A value of true will enable encrypted comunication between browser and JSup web server and server authentication (you must provide server certificate).
- web.server.keystore.file
- Name of the keystore file (full file path or the file name only, in this case the location is application setting dir); default is tomcat.jks
- web.server.keystore.pass
- Password of the keystore specified by web.server.keystore.file property (see provide server certificate); this value is required.
- web.server.keyAlias
- The key alias within the keystore specified by web.server.keystore.file; default is JSupTomcat.
- web.server.keyAlias
- The private key password of the web server key identified by web.server.keyPass property within the keystore specified by web.server.keystore.file
- web.server.maxThreads
- The maximum number of threads that will serve the web server (default is 10, this property is considered only if web.server.TLS=true)
- web.server.TLS.fallbackPort
- The port where a non SSL listening socket is opened if SSL configuration is invalid (for missing files for example) and current host is in web.server.TLS.fallbackHostList property. Usefull during improvement of an application already in production to test some changes from a web client.
- web.server.TLS.fallbackHostList
- A comma separated list of hostnames where an invalid TLS configuration is replaced with a non SSL connection at web.server.TLS.fallbackPort
Example of properties for server security/encription:
web.server.keyAlias=JSupTomcat
web.server.keyPass=changeit
web.server.keystore.file=tomcat.jks
web.server.keystore.pass=test
web.server.port=8443
web.server.TLS=true
web.server.TLS.fallbackHostList=devPC1,devPC2
web.server.TLS.fallbackPort=2080
See also Certification autority management.
Client certificates
This application properties configure the client certification validation:
- web.client.auth
- Set to true if you want the SSL stack to require a valid certificate chain from the client before accepting a connection. Set to optional if you want the SSL stack to request a client certificate, but not fail if one isn't presented. A false value (which is the default) will not require a certificate chain.
- web.client.trustStoreFile
- The name (and path if not in the application setting dir) of trust store file to use to validate client certificates (default value is tomcat-CA-certs.jks)
- web.client.trustStorePass
- The password to access the trust store
- web.client.certCN_user- <CommonName>
- associate a client certificate common name (CN) to a JSup application user name. This bind will eliminate the login request, the user will be recognized by the client certificate.
- web.client.crlFile
- The http/https URL of CA CRL or the name (and path if not in the application setting dir) of the Certificate Revocation List (CRL) for client revoked certificate check.
Example of client certificate properties:
web.client.auth=optional
web.client.certCN_user-John Smith=Smith
web.client.trustStoreFile=tomcat-CA-certs.jks
web.client.trustStorePass=changeit
web.client.crlFile=http://www.domain.com/ca/myCA-crl.pem
Custom client experience
It's possible to set some custom CSS for specific client using a JavaCode functions defined as Properties getCssRulesForWebClient( Map v ) throws JException in the shared domain.
This method receives a map of value the can be used to determine the type of client and define the css for his user experience if necessary.
The value in v are:
|
|
Property
|
Type
|
Description
|
Example
|
|---|
|
agent
|
String
|
the user agent type
|
MobileWebKitiPhone
| |
certCN
|
String
|
the common name of the client certificate
|
John Smith
| |
clientAddress
|
String
|
the client address
|
192.168.50.53
| |
dpiScale
|
Double
|
the browser-side DPI scaling factor
|
1.0
| |
hostName
|
String
|
the server host name that is used by the client
|
10.51.50.0:8080
| |
locale
|
java.util.Locale
|
the preferred language indicated in the request header
|
it_IT
| |
screenHeight
|
Integer
|
the vertical resolution of the client's screen in pixel
|
736
| |
screenWidth
|
Integer
|
the horizontal resolution of the client's screen in pixel. This is not the width of the browser client area, but of the device screen. For a mobile device it could not match the real screen size.
|
414
| |
timeZoneName
|
String
|
the time zone name as reported by the client
|
Europe/Rome
| |
timeZoneOffset
|
Integer
|
the time zone offset as reported by the client (in minutes)
|
120
| |
urlScheme
|
String
|
the URL scheme used for the request
|
http
| |
userAgent
|
String
|
the user agent
|
Mozilla/5.0 (iPhone; CPU iPhone OS 15_7_6
like Mac OS X) AppleWebKit/605.1.15 (KHTML,
like Gecko) Version/15.6.4 Mobile/15E148
Safari/604.1
|
The method must return a Properties object (or null), each property defines the css scope in the key and the css rules in the value.
Map keys are processed in alphabetic order and this order can be used to force the order the css rules will be defined: a prefix like " (001) " can be used in keys to force the order (the number of digit between the brackets may vary - please note the space before and after the brackets).
Special keys can be used to define some properties for the client:
- “:bodyZoomPercent” to define a percent zoom, for example 150 increases the size to one and a half times. This property will also be used to scale the mouse event to match the zoomed window content.
- “:customWidth” for WebGPanel
- “:customHeigth” for WebGPanel
- “:homeWindows” a '|' separated list of window names (or a singole one) to be shown as starting page(s). This permit to have a home page(s) for web clients or even a custom home page(s) for a specific web client.
| 
Non hai un account?
