Commit Graph

6 Commits

Author SHA1 Message Date
Bernardo De Marco Gonçalves 501d8c1e09
Add logs to CPVM connection process (#8924)
* increment cpvm connection logs

* remove sourceIp variable

* increment cpvm connection logs

* extract duplicate error messages to variables

* change logs level from trace to debug in authenticateToVNCServer

* add logs in trace level inside of connection loop

* remove redundant trace log

* add logs to ConsoleProxyNoVNCHandler class

* retrieve client source IP

* add periods to log messages

* change log levels from warn to error inside of catch blocks

* add client IP to successful authentication log

* replace concatenation with String.format()

* remove String.format() and use log4j2 new features instead

* remove String.format() and use log4j2 new features instead

* apply Daan's suggestion

Co-authored-by: dahn <daan.hoogland@gmail.com>

* resolve conflicts

* fix logs with three parameters

* get correct client IP

* use log4j dependencies directly

* apply winterhazel's suggestion

Co-authored-by: Fabricio Duarte <fabricio.duarte.jr@gmail.com>

* remove log proxy

* address winterhazel's suggestions on ConsoleProxyNoVncClient class

* address winterhazel's suggestions on ConsoleProxyNoVNCHandler class

* address winterhazel's suggestions on ConsoleProxyNoVNCHandler class

Co-authored-by: Fabricio Duarte <fabricio.duarte.jr@gmail.com>

---------

Co-authored-by: dahn <daan.hoogland@gmail.com>
Co-authored-by: Fabricio Duarte <fabricio.duarte.jr@gmail.com>
2024-09-09 15:39:42 -03:00
Nicolas Vazquez eac357cb77
kvm: Secure KVM VNC Console Access Using the CA Framework (#7015)
This PR allows securing the console access through CloudStack to the virtual machines running on KVM. The secure access is achieved through the generated certificates for the CA Framework in CloudStack, that provides mutual TLS connections between agents. These certificates are used to also secure the connection between the console proxies and the VNC ports for VM console access.

This feature is only supported on the KVM hypervisor

Design Document: https://cwiki.apache.org/confluence/display/CLOUDSTACK/Secure+KVM+VNC+connection+using+the+CA+framework
2023-01-27 17:22:06 +05:30
Nicolas Vazquez b2fbe7bb12
console: Console access enhancements (#6577)
This PR creates a new API createConsoleAccess to create VM console URL allowing it to connect using other UI implementations. To avoid reply attacks, the console access is enhanced to use a one time token per session

New configuration added:
consoleproxy.extra.security.validation.enabled: Enable/disable extra security validation for console proxy using a token

Documentation PR: apache/cloudstack-documentation#284
2022-09-14 12:39:59 +05:30
Rohit Yadav 0302750aac
vmware: Add support for VMware 7 (#4300) 2021-04-15 16:10:14 +05:30
Wei Zhou df4103f0d1
novnc: Add source IP check (#4736)
* novnc: Add client IP check for novnc console in cloudstack 4.16

* novnc ip check : Fix restart CPVM or mgt server does not update novnc param

* novnc ip check: move to method
2021-03-06 15:08:34 +05:30
Marc-Aurèle Brothier 893a88d225 CLOUDSTACK-10105: Use maven standard project structure in all projects (#2283)
Remove maven standard module (which only a few were using) and get ride of maven customization for the projects structure.

- moved all directories to src/main/java, src/main/resources, src/main/scripts, src/test/java, src/test/resources
- grep scan to search for src/com and src/org left over
- grep for <project>/scripts to fix pom.xml configuration
- remove custom <build> configuration in pom.xml

Signed-off-by: Marc-Aurèle Brothier <m@brothier.org>
2018-01-20 03:19:27 +05:30