Difference between revisions of "Features/Proxy Settings"
(Merged!) |
|||
(31 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
− | <noinclude> | + | <noinclude> |
[[Category:Feature|Proxy Settings]] | [[Category:Feature|Proxy Settings]] | ||
</noinclude> | </noinclude> | ||
Line 9: | Line 9: | ||
== Owner == | == Owner == | ||
− | [[User:sascha_silbe|Sascha Silbe]] | + | |
+ | [[User:sascha_silbe|Sascha Silbe]], [[User:ajay_garg|Ajay Garg]] (ajay@activitycentral.com), [[User:ManashRaja|Manash Pratim Das]] | ||
== Current status == | == Current status == | ||
− | * Targeted release: 0. | + | * Targeted release: 0.110 |
− | * Last updated: | + | * Last updated: 2016-04-18 |
− | * Percentage of completion: | + | * Percentage of completion: 100% and merged |
+ | |||
+ | Merged into something that will probably be 0.110 | ||
== Detailed Description == | == Detailed Description == | ||
Line 22: | Line 25: | ||
Sugar and activities to use. While we'd like the system to work that all | Sugar and activities to use. While we'd like the system to work that all | ||
out automatically (e.g. using [https://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol WPAD]), this often isn't possible. Common | out automatically (e.g. using [https://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol WPAD]), this often isn't possible. Common | ||
− | reasons include legacy ("inherited") setups and network uplinks | + | reasons include legacy ("inherited") setups and network uplinks being |
− | out of control of the user | + | out of control of the user. |
The existing Network Control Panel is enhanced by adding a new section for the | The existing Network Control Panel is enhanced by adding a new section for the | ||
proxy settings. For consistency between Sugar and Gnome, the basic layout of | proxy settings. For consistency between Sugar and Gnome, the basic layout of | ||
the Gnome 3 proxy settings has been mirrored: A combo box allows the user to | the Gnome 3 proxy settings has been mirrored: A combo box allows the user to | ||
− | select how the proxy setting should be determined (None= | + | select how the proxy setting should be determined (None=no proxy settings, |
− | Automatic=WPAD or PAC, Manual=enter host names and ports for each protocol). | + | Use system proxy=let proxy be set by other means, Automatic=WPAD or PAC, |
+ | Manual=enter host names and ports for each protocol). | ||
Based on which method was selected, additional configuration options are | Based on which method was selected, additional configuration options are | ||
presented to the user. | presented to the user. | ||
− | The settings are stored | + | The settings are stored in 'GSettings' and passed to activities using the 'http_proxy' and similar variables. |
== Benefit to Sugar == | == Benefit to Sugar == | ||
− | + | Widens the environment where Sugar may be used, by removing a reason why Sugar cannot be used in managed information technology environments. | |
== Scope == | == Scope == | ||
Line 43: | Line 47: | ||
Modifying the existing Network Control Panel. | Modifying the existing Network Control Panel. | ||
− | == | + | == "Manual" mode== |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | [[File: | + | * Fill in the settings "manually", and restart when prompted so. |
+ | :[[File:Manual1-proxy.png|1200px]] | ||
− | * | + | * Now open "www.google.com" shoud open. |
+ | :[[File:Google-proxy.png|1200px]] | ||
− | |||
+ | == Automatic mode - PAC== | ||
− | * | + | * Fill in the URL of the proxy-file, and restart when prompted so. |
+ | :[[File:Auto-proxy.png|1200px]] | ||
− | |||
+ | * Now open "www.google.com" shoud open. | ||
+ | :[[File:Google-proxy.png|1200px]] | ||
− | |||
− | |||
− | + | ==Automatic mode - WPAD== | |
− | |||
− | |||
− | |||
* Motive | * Motive | ||
− | ** To provide proxy-configuration, without needing the client-user to enter the location of proxy-configuration file herself. | + | ** To provide proxy-configuration, without needing the client-user |
+ | *** to manualyy enter the proxy-settings ('''Manual''' mode) | ||
+ | *** to manually enter the location of proxy-configuration file herself ('''Automatic (PAC)''' mode). | ||
* Benefits | * Benefits | ||
− | ** By not needing the client-user to manually specify the | + | ** By not needing the client-user to manually specify the settings, every client-user is saved a headache :) Instead, all the configuration is done via a network-administrator, on the server-side. |
** By delegating the responsibility of specifying every proxy-rule (even the proxy-configuration file) to the network-administrator, security is increased dramatically. | ** By delegating the responsibility of specifying every proxy-rule (even the proxy-configuration file) to the network-administrator, security is increased dramatically. | ||
* Notes | * Notes | ||
− | ** Setting this particular mode( | + | ** Setting this particular mode ('''Automatic-WPAD''' Proxy) is quite complicated; and many possibilities exist. '''However, the bottom-rule is, client should himself not need to specifiy the location of proxy-configuration file as per say'''. |
* Testing (one of the possible ways :) ) | * Testing (one of the possible ways :) ) | ||
− | ** To verify that current dextrose-4 supports Auto-WPAD mode, we test using the method, as per the following 4 requirements, as listed at http://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol#Requirements :: | + | ** '''(For those not interested in the technicalities, please proceed to the next bullet :D)''' To verify that current dextrose-4 supports Auto-WPAD mode, we test using the method, as per the following 4 requirements, as listed at http://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol#Requirements :: |
***In order to use the DNS only method, a DNS entry is needed for a host named WPAD. | ***In order to use the DNS only method, a DNS entry is needed for a host named WPAD. | ||
***The host at the WPAD address must be able to serve a Web page. | ***The host at the WPAD address must be able to serve a Web page. | ||
Line 111: | Line 93: | ||
***If the DNS method is used, a file named wpad.dat must be located in the WPAD Web site's root directory. | ***If the DNS method is used, a file named wpad.dat must be located in the WPAD Web site's root directory. | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | * | + | * Select "Automatic" mode in "My Settings" -> "Proxy" (without specifying anything else), and restart when prompted so. |
− | :[[File: | + | :[[File:Wpad-proxy.png|1200px]] |
− | |||
− | |||
− | + | * The above step is all that is needed for "Automatic (WPAD)" mode to take effect; the WPAD-configuration-file will be located by the DHCP/DNS Server. However, for easy QA testing, we specify an easy way to replicate this DNS behavior :: | |
− | : | ||
− | * | + | ** Add the line "build.activitycentral.com wpad" to the file "/etc/hosts" on the XO, and reboot. '''It is repeated innumerable times, that this step is required just for easy testing; in actual deployments, the DNS-name resolution will be provided by network-administrators/School-Server-running-DHCPD''' |
− | + | ** Also, thanks a ton to '''Santiago Rodriguez (scollazo@activitycentral.com)''' for setting up the proxy-configuration-files at build.activitycentral.com. | |
− | |||
+ | * Open "Browse", and type in "www.google.com". You should be prompted for credentials (suppose as required by the WPAD-configuration-file) | ||
+ | :[[File:proxy2.png|640px]] | ||
− | |||
− | |||
− | |||
+ | * Entering wrong credentials in the previous step, re-prompts :). This time, enter correct credentials. | ||
+ | :[[File:proxy3.png|640px]] | ||
− | |||
− | [[File: | + | * The page opens successfully. |
+ | :[[File:Google-proxy.png|1200px]] | ||
+ | ==Settings verification== | ||
− | * | + | The proxy settings entered by user are verified before saving to prevent accidental change in proxy settings. |
+ | * For "manual" type the proxy host addresses are pinged to check for their existence. | ||
+ | * For "auto" type the existence of the *.pac file is checked. | ||
+ | If the above verification fails then the user is prompted with an alert message and option to either "Break the Internet connection" or "Reset". | ||
− | [[File: | + | * Manual proxy verification failed: |
+ | :[[File:Manual-proxy-error.png|640px]] | ||
− | :: | + | * Auto proxy verification failed: |
+ | :[[File:Auto-proxy-error.png|640px]] | ||
== User Experience == | == User Experience == |
Latest revision as of 06:02, 9 May 2016
Summary
Allow the user to configure proxy settings using the Sugar Control Panel.
Owner
Sascha Silbe, Ajay Garg (ajay@activitycentral.com), Manash Pratim Das
Current status
- Targeted release: 0.110
- Last updated: 2016-04-18
- Percentage of completion: 100% and merged
Merged into something that will probably be 0.110
Detailed Description
Both individual users and deployments need to be able to set a proxy for Sugar and activities to use. While we'd like the system to work that all out automatically (e.g. using WPAD), this often isn't possible. Common reasons include legacy ("inherited") setups and network uplinks being out of control of the user.
The existing Network Control Panel is enhanced by adding a new section for the proxy settings. For consistency between Sugar and Gnome, the basic layout of the Gnome 3 proxy settings has been mirrored: A combo box allows the user to select how the proxy setting should be determined (None=no proxy settings, Use system proxy=let proxy be set by other means, Automatic=WPAD or PAC, Manual=enter host names and ports for each protocol). Based on which method was selected, additional configuration options are presented to the user.
The settings are stored in 'GSettings' and passed to activities using the 'http_proxy' and similar variables.
Benefit to Sugar
Widens the environment where Sugar may be used, by removing a reason why Sugar cannot be used in managed information technology environments.
Scope
Modifying the existing Network Control Panel.
"Manual" mode
- Fill in the settings "manually", and restart when prompted so.
- Now open "www.google.com" shoud open.
Automatic mode - PAC
- Fill in the URL of the proxy-file, and restart when prompted so.
- Now open "www.google.com" shoud open.
Automatic mode - WPAD
- Motive
- To provide proxy-configuration, without needing the client-user
- to manualyy enter the proxy-settings (Manual mode)
- to manually enter the location of proxy-configuration file herself (Automatic (PAC) mode).
- To provide proxy-configuration, without needing the client-user
- Benefits
- By not needing the client-user to manually specify the settings, every client-user is saved a headache :) Instead, all the configuration is done via a network-administrator, on the server-side.
- By delegating the responsibility of specifying every proxy-rule (even the proxy-configuration file) to the network-administrator, security is increased dramatically.
- Notes
- Setting this particular mode (Automatic-WPAD Proxy) is quite complicated; and many possibilities exist. However, the bottom-rule is, client should himself not need to specifiy the location of proxy-configuration file as per say.
- Testing (one of the possible ways :) )
- (For those not interested in the technicalities, please proceed to the next bullet :D) To verify that current dextrose-4 supports Auto-WPAD mode, we test using the method, as per the following 4 requirements, as listed at http://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol#Requirements ::
- In order to use the DNS only method, a DNS entry is needed for a host named WPAD.
- The host at the WPAD address must be able to serve a Web page.
- In both cases, the Web server must be configured to serve the WPAD file with a MIME type of "application/x-ns-proxy-autoconfig".
- If the DNS method is used, a file named wpad.dat must be located in the WPAD Web site's root directory.
- (For those not interested in the technicalities, please proceed to the next bullet :D) To verify that current dextrose-4 supports Auto-WPAD mode, we test using the method, as per the following 4 requirements, as listed at http://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol#Requirements ::
- Select "Automatic" mode in "My Settings" -> "Proxy" (without specifying anything else), and restart when prompted so.
- The above step is all that is needed for "Automatic (WPAD)" mode to take effect; the WPAD-configuration-file will be located by the DHCP/DNS Server. However, for easy QA testing, we specify an easy way to replicate this DNS behavior ::
- Add the line "build.activitycentral.com wpad" to the file "/etc/hosts" on the XO, and reboot. It is repeated innumerable times, that this step is required just for easy testing; in actual deployments, the DNS-name resolution will be provided by network-administrators/School-Server-running-DHCPD
- Also, thanks a ton to Santiago Rodriguez (scollazo@activitycentral.com) for setting up the proxy-configuration-files at build.activitycentral.com.
- Open "Browse", and type in "www.google.com". You should be prompted for credentials (suppose as required by the WPAD-configuration-file)
- Entering wrong credentials in the previous step, re-prompts :). This time, enter correct credentials.
- The page opens successfully.
Settings verification
The proxy settings entered by user are verified before saving to prevent accidental change in proxy settings.
- For "manual" type the proxy host addresses are pinged to check for their existence.
- For "auto" type the existence of the *.pac file is checked.
If the above verification fails then the user is prompted with an alert message and option to either "Break the Internet connection" or "Reset".
- Manual proxy verification failed:
- Auto proxy verification failed:
User Experience
See UI Design
Dependencies
There are no new dependencies.
Contingency Plan
Users can continue to use the Gnome Control Center to configure proxy settings.
Documentation
There is no documentation beyond this page.
Release Notes
There have been no changes to public API. The Release Notes merely need to mention that users can now configure proxy settings from within Sugar. As detailed above, the UI is very similar to the Gnome UI.