9 Advanced topics

External authentication is the most flexible as the external handler can both choose to grant access to everyone (like the “null” authentication method would) and delegate the request to the guest authentication component. When delegating the request to the guest component, it will still be called afterwards with the option to override the result.

A VRDP authentication library is required to implement exactly one entry point:

#include "VRDPAuth.h"

/**

*Authentication library entry point. Decides whether to allow

*a client connection.

*

 

 

 

* Parameters:

 

 

*

pUuid

Pointer to the UUID of the virtual machine

*

*

 

which the client connected to.

*

guestJudgement

Result of the guest authentication.

*

szUser

User name passed in by the client (UTF8).

*

szPassword

Password passed in by the client (UTF8).

*

szDomain

Domain passed in by the client (UTF8).

*

 

 

 

* Return code:

 

 

*

VRDPAuthAccessDenied

Client access has been denied.

*

*

VRDPAuthAccessGranted

Client has the right to use the

*

 

 

virtual machine.

*VRDPAuthDelegateToGuest Guest operating system must

*

authenticate the client and the

*

library must be called again with

*

the result of the guest

*

authentication.

*/

VRDPAuthResult VRDPAUTHCALL VRDPAuth( PVRDPAUTHUUID pUuid, VRDPAuthGuestJudgement guestJudgement, const char *szUser,

const char *szPassword const char *szDomain)

{

/* process request against your authentication source of choice */ return VRDPAuthAccessGranted;

}

A note regarding the UUID implementation of the first argument: VirtualBox uses a consistent binary representation of UUIDs on all platforms. For this reason the integer fields comprising the UUID are stored as little endian values. If you want to pass such UUIDs to code which assumes that the integer fields are big endian (often also called network byte order), you need to adjust the contents of the UUID to e.g. achieve the same string representation. The required changes are:

reverse the order of byte 0, 1, 2 and 3

reverse the order of byte 4 and 5

130

Page 130
Image 130
Sun Microsystems 3.0.0 user manual