/ 2 Comments / Linux / By

firewall So I am putting the final touches on a program. It is completely web based and needs to be protected as if it were an intranet but have the portability of a regular website. The best solution I could come up with was a vpn. But do I really want to explain or document cases for end uses to set up ptpp or ipsec vpn’s on their computers? This would be an ABSOLUTE headache. Instead the best solution would be a web based SSL vpn. Well after some googling two options come up: SSL Explorer – and Barracuda (http://www.barracudanetworks.com/ns/products/sslvpn_overview.php).

Well guess what? Barracuda bought SSLExplorer and that’s what’s on their appliance you pay $2,000 USD for. Unfortunately, this means SSLExplorer is no longer supported and developed. I tried to compile and install it finding out it was originally compiled in java 1.5 and my machine has java 1.6.
This failed miserably:
class file has wrong version 50.0, should be 49.0

Well version 49.0 means java version 1.5.0. (Maybe some kind of internal version numbers – who knows?)
Version 50 means Java 1.6.0 -> now this error makes sense!

So is their a work around? I found a neat trick for updating this:

mv /usr/local/src/sslexplorer-0.2.14_01/sslexplorer/lib/tools.jar /usr/local/src/sslexplorer-0.2.14_01/sslexplorer/lib/tools.jar.old
cp /usr/lib/jvm/java-6-sun-1.6.0.00/lib/tools.jar /usr/local/src/sslexplorer-0.2.14_01/sslexplorer/lib/tools.jar
cd /usr/local/src/sslexplorer-0.2.14_01
ant install

Apparently, sslexplorer is shipped with tools.jar from a 1.5 java distribution, so you only need to replace it with the version you installed.

Finally, after some more headaches and research I found out about Adito (sourceforge.net/projects/adito/). Adito is a fork of SSLExplorer and is actively maintained. I figured it would be best using a package that is still updated regularly, so I switched over to adito and followed pretty much the same installation instructions that SSLExplorer provided.

This proved to give me another error which would result in roughly 3 hours being devoted to fixing:

load: class com.adito.agent.client.launcher.AgentLauncher not found.
java.lang.ClassNotFoundException: com.adito.agent.client.launcher.AgentLauncher
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.createApplet(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(Unknown Source)
at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at sun.net.NetworkClient.doConnect(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.New(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at java.net.HttpURLConnection.getResponseCode(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
... 7 more
Exception: java.lang.ClassNotFoundException: com.adito.agent.client.launcher.AgentLauncher

Googling this error gives no clues (except this blog entry once it gets indexed). Well the problem was a simple one to fix. I was using a proxy to access my adito server as it was on a different network than me. When the client opened on my local machine it no longer had access to the server to properly launch. This resulted in the above error.

I dmz’ed the server, and accessed it via its public ip address and all works well now! I have connected and used it on my vista pc and on my Mac!

Thought I would share this for whatever unlucky soul gets this undocumented error again in the future!

2 thoughts on “Web Based SSL VPN”

  1. Niels

    Brian,

    You could take a look at Adito which is a clone from SSLExplorer source at the moment SSLExplorer stopped Open Source Development (which happened just before Barracude bought SSLExplorer).

    Recently I also ready something about OpenVPN ALS which again appears to be a descendent of Adito.

  2. Malcolm Menter

    VPN or virtual private network is just that a network that although set up on the Internet is suppose to have defined area’s so that you have some level of security. When you say dial up I suppose you mean to a company like a bank or company internal web site. Dial up is a more secure way of connecting as long as you have access parameters in place like software tokens although these can also be used in VPN applications. Dial up will not allow the speed connections that you can make with VPN’s.

Leave a Comment

Your email address will not be published. Required fields are marked *