# Appendix A – Integration with symlink use case **Actors:** User, User Portal, Spark Gateway **Preconditions:** User Portal: - Have user credentials in plain text. Spark Gateway: - Configure password in gateway.conf. - Allow IP addresses of User Portal to access the Spark Gateway API (Optional, [Admin Manual 3.25](https://docs.sparkview.info/books/sparkview-admin-manual/page/325-usb-redirection)). - Create RDP servers with config.html or HTTP API ([Integration Guide 4.1](https://docs.sparkview.info/books/sparkview-integration-guide/page/41-http-api)), and make it as a white list. - Allow symlink access only by setting symlinkOnly = true in gateway.conf. Server id or address will not be allowed to create a connection. - Disable VNC access by setting vnc = false in gateway.conf (SSH, Telnet are disabled by default). Basic flow: 1. User login to User Portal. 2. (optional) User Portal create a server on Spark Gateway with HTTP API if that server is not created yet:
http://gatewayAddress/SERVER?id=serverId&displayName=Name&server=hostName&gatewayPwd=passwordInGateway.conf&...; Check if server exists: http://wthink/SERVER?action=list&gatewayPwd=21232f297a57a5a743894a0e4a801fc3&id=serverId;
The gateway will return HTTP Status code 500 and {"error:": "not found"} in JSON format. 3. User Portal create a symlink on Spark Gateway with HTTP API:
'http://gatewayAddress/SYMLINK?symlink=symlinkId&server=existingServerId&validTime=8h&gatewayPwd=passwordInGateway.conf¶meters=' + encodeURIComponent('user=domainUser&pwd=domainPassword&domain=domain'); 4. User portal construct a connection link and display it to user:
http://gateway/rdpdirect.html?symlink=symlinkId&displayName=nameOnBrowserTitle; or use the Spark View JS library directly to create a connection:
`var rdp = new svGlobal.Rdp(‘wss://gateway/RDP?symlink=symlinkId&..’, width, height, color);` 5. User click the link and connect. 6. User portal delete the symlink when user exist or close the browser:
http://gatewayAddress/SYMLINK?symlink=symlinkId&action=delete **Pros:** - Easy and secure. - Symlink will be invalid or deleted and it cannot be reused by other. - No need to send the user credential to the browser side. **Cons:** - User domain credentials need to be sent to the gateway in plain text.