This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
x2gobroker:inifilebackend [2013/05/12 22:23] sunweaver created |
x2gobroker:inifilebackend [2013/07/02 00:36] (current) sunweaver |
||
---|---|---|---|
Line 3: | Line 3: | ||
The default version of the ''/ | The default version of the ''/ | ||
- | The file format is the INI file format. It falls in to a [DEFAULT] section and one or more session profile sections: | + | ===== Basic Configuration File ===== |
+ | |||
+ | The file format is the INI file format. It falls in to a [DEFAULT] section and one or more session profile sections. A minimal setup could look like this. | ||
< | < | ||
Line 22: | Line 24: | ||
height=768 | height=768 | ||
</ | </ | ||
+ | |||
+ | Note that every X2Go Client parameter not given here gets filled in from a [[http:// | ||
+ | |||
+ | ===== Special Broker Functionalities ===== | ||
+ | |||
+ | Some options in the '' | ||
+ | |||
+ | ==== Provisioning of SSH keys to X2Go Client / Servers ==== | ||
+ | |||
+ | X2Go Session Broker normally requires two consecutive logins. One against the session broker, the second against the X2Go Server that the X2Go session will be launched on. The second login (SSH login against X2Go Server) can be automated via the session broker and its agent. For activation of this feature, the special session profile option '' | ||
+ | |||
+ | * '' | ||
+ | * '' | ||
+ | |||
+ | If '' | ||
+ | |||
+ | ===== Filtering through Access Control List ===== | ||
+ | |||
+ | If a user has been successfully authenticated against the X2Go Session Broker (or a user name has been given via the http request for cases where '' | ||
+ | |||
+ | < | ||
+ | [DEFAULT] | ||
+ | command=XFCE | ||
+ | fullscreen=true | ||
+ | |||
+ | [staff-server] | ||
+ | host=x2go-staff.intern | ||
+ | acl-groups-allow=staff, | ||
+ | acl-groups-deny=ALL | ||
+ | acl-any-order=deny-allow | ||
+ | |||
+ | [student-server] | ||
+ | host=x2go-student-01.intern | ||
+ | acl-groups-allow=students, | ||
+ | acl-groups-deny=ALL | ||
+ | acl-any-order=deny-allow | ||
+ | |||
+ | [admin-server] | ||
+ | host=x2go-admin.intern | ||
+ | fullscreen=false | ||
+ | width=1280 | ||
+ | height=768 | ||
+ | acl-groups-allow=admins | ||
+ | acl-groups-deny=ALL | ||
+ | acl-any-order=deny-allow | ||
+ | </ | ||
+ | |||
+ | ==== List of ACL rules ==== | ||
+ | |||
+ | The ACL rules work very similar to Apache ACL rules (allow, deny statements in '' | ||
+ | |||
+ | To set the order (deny, allow vs. allow, deny), use this parameter | ||
+ | |||
+ | * '' | ||
+ | * '' | ||
+ | * '' | ||
+ | * '' | ||
+ | |||
+ | Furthermore, | ||
+ | |||
+ | **User ACLs:** | ||
+ | |||
+ | * '' | ||
+ | * '' | ||
+ | |||
+ | **Group ACLs:** | ||
+ | |||
+ | * '' | ||
+ | * '' | ||
+ | |||
+ | **Client ACLs:** | ||
+ | |||
+ | * '' | ||
+ | * '' | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ |