Help me to help you
By buying a cert together Adito will be alive much longer!
Please see this post to understand and how to donate!
About
Adito is an open-source, browser-based SSL VPN solution. It’s a remote access solution that provides users and businesses alike with a means of securely accessing network resources from outside the network perimeter using only a standard web browser.
Background
This is the open-source clone of SSL-Explorer after it went biz-o-matic.
Windows installer (download links below)
My contribution to this project is a Windows-installer, check old version here, if you are looking for the updated SVN-version download here
Please note that the SVN-version is only supported on Java run time 1.8! Older version require Java run time 1.7 or older.
Step-by-step guides
There are now three guides written by me on the topic.
- Scroll down on the installer page for installation-tips
-
Scroll down on this page for a simple demonstration of a port-forward
-
NEW! Practical RDP guide here
-
Read the guide on running the Java 7 version 51
What the buzz about?
Pictures says more than words so please take a look in the pictureseries with description below.
You are first presented with a login window:
After successfully logging in you are at the main window
Usally the SSL Tunnel are common used. This technique open a port locally and forward it throught the server and to your destination.
In this example we create a port forwarding on port 4040 locally requests to google.com on port 80 (www-default-port)
After the creation we start the Agent. This is the software you run in the remote location straight from the browser. Since it uses default-java you would find access almost everywhere.
My rule is; if you can connect to your bank you can use Adito 😉
When it has launched you got a new little man-like icon in your sys-tray
By right-clicking on the agent you will find items you have configed on the server. In our case the tunnel “Test” is available
When the tunnel is activated the agent notify you and we are ready to use it
Now for some magic 🙂 Connect to google through your server
As you can see this is pretty easy to use and manage a great product!
Check out the new guide on setting up RDP here
With last java version (1.8 u171) doesn’t work anymore, need downgrade to u162
Hi Lars I have purchased a SSL certificate and installed it in Adito. this works now! Thnx.
I have installed Adito-SVN for 1.8 now and still see the big Donation Ad. Can you please explain how to remove this? I have no Java knowledge and cannot find the file where th add is placed.
Adito needs/uses SSLv3 to work and Firefox won’t allow it. It gives error: ssl_error_unsupported_version
The POODLE Attack and the End of SSL 3.0
Can you fix this please???
Hi Ton Dekkers,
I only provide the installer for Adito and sourcecode will probably not be updated in the future. (project discontinued)
But I’ve written an post regarding the SSL-error and Firefox-issue, please check out: http://lars.werner.no/?p=1159
Try to enable / disable the cipher that provide the security you need.
If you can provide feedback on your result, please do 🙂
Regards. Lars
Thnx. after upgrade Adito I could not connect to adito website but I adjusted webserver.properties. It works.
Is it possible to remove the advertisement Help lars.werner.no with new hosting server?
Hi Ton, it is possible to remove the ads, check template in webapp/theme/default
But i recommend to use the Adito-SVN for 1.8, theme in that has a descrete donation-button. 🙂
-Lars
Hi Lars I have installed Adito-SVN for 1.8 now and still see the big Donation Ad. Can you please explain how to remove this?
I have purchased a SSL certificate. Can you explain how to import this in Adito?
Hello, i am using Adito for my web application in which we used capcha (jcaptcha-api-1.0.jar) but Adito does not find .jar file of jcapcha when try to compare user input with capcha image. I think Adito is unable to access all libraries. Please help
Thanx
Hi Usman,
I’ve never used capcha on Adito before.
But I believe you need to change the web layout on the login-screen for implementation.
The reference to the jar there will decide the path of the *.jar loaded.
Regards. Lars
Hi Lars,
Thank you for your reply. capcha is not the only problem. Its an old application in which frams are used, when login, some frames does not load properly. I can not compromise on capcha.
Hi
hi Lars
recently my company upgrade primary domain controller (add to older 2003 r2 a new 2012 64 bit pdc); i used adito for years with active directory integration, without no one type of problem, only little friction during active directory initial configuration (upper case DOMAIN.LOCAL and other)
Now, when i create new user with 2012 server, adito not recognize it, and work only if i set to “simple” the field “user authentication type” during installation, while “service account type” not work at any condition when add user from 2012; the actual administrator works only beacause it’s an old account from 2003 server importend.
I spend much days and testing for understanding wich is the real problem, adito is configured to connect to 2012 server without backup server: when add user from 2012 not work both auth then service account, when create from 2003 server it works (service and auth); i have also copy the old account administrator to now testind admin with same identical policy and property, from 2012, without success.
At home i’m trying all type of adito/ssl Explorer windows/Linux and your svn version both version with a 2008 server testing domain, the ldap administrator works fine, adito doesn’t want to work.
Typilal error is “User database could not be opened. Internal error.”
I think that the user record in 2008/2012 is differente from 2003, and adito not recognize it or read wrong.
any ideas?
thx lot
p.s. sorry for my english 🙂
Hi Roberto,
I have very little experience with AD and Adito, so my knowledge is very limited.
As far as I understand the Win2012 server uses NTLMv2 and the 2003 is using NTLMv1, that might be the issue.
Check out this reference: http://blogs.technet.com/b/askpfeplat/archive/2013/06/03/upgrade-active-directory-to-windows-server-2012-phase-1-assessment.aspx
If you need to get this running in Win2012 you have to use legacy functions to actually get it to work. (Probably not a good idea).
Adito is not developed any more a change in other systems will cause problems.
Such problems is why I don’t recommend using Adito in a production environment.
Sorry for not being more helpful 🙂
Cheers, Large
Actually, the issue with the 2012 active directory is probably in the gpo’s for the default domain controllers. I was changing my gpo’s to match more of a 2008 r2 install, and it wanted me to enable ldap signing. I found that after I turned that on, both ssl explorer and adito were unable to find the AD and list the users, especially during the installer. So I just reversed the gpo change…. It’s in the same place with the ntlmv2, and the signing smb…..
Hi s1eelra1, thanks for sharing.
This info is helpful for AD users. Remember though to never use Adito in a production enviroment.
Code is no longer beeing updated, the compability with new server systems will over time fail.
Regards. Lars
Hi Lars,
Thank you for your installer. I have recently begun seeing a Java security warning mentioning that applications by unknown publishers will be blocked in a future release. I was only able to get adito running with an older version of the java runtime on the server (version 6 update 17). If I use the SVN version, will I be able to update the java version on the server and avoid users being blocked when they next update java on their client machines? Any advice would be appreciated and thanks for your hard work.
Here is more detail on the warning: This application will be blocked in a future Java security update because the JAR file manifest does not contain the permissions attribute. Please contact the Publisher for more information.
Mike
With the latest Java 1.7.0_51, this went from a warning to actually blocking the applet from running. The only way I could get it working again was to lower the Security level in the Java Control Panel (jcontrol) to Medium, from its default of High.
Hi Lars and Dave,
I found another way to permit people to connect to adito by adding the complete url of the adito server into java security configuration tab, under the exceptions list.
A pop up appears but let you to choose to launch or not the applet.
Long time ssl-explorer user, just switched over to Adito.
I have a problem when I configure the Java Agent Properties, when I set the values for Timeout, Keep-Alive,Shutdown interval etc. they seem to be multiplyed by 1000? Eg I set a value of 10 seconds, when I click save it sets the value to 10000
Any idea why this may be happening or how to fix, its quite annoying as the agent keep shutting down.
Thanks
Hi Bassteq,
This is a known bug in the orginal Adito-version.
If you install the SVN-version (latest updates) then this bug is fixed: http://lars.werner.no/?page_id=515
-Lars
Hi,
Do you have/know any ssh cross-platform app to openvpn-als like this one(http://waldemar.schlackow.de/node/10)?
Thanks
John
Hi John,
Sorry no, but you can try to get it running with http://sourceforge.net/projects/sslexplorer/
But I belive it isn’t supported.
-Lars