堆栈内存溢出
  简体   繁体   English

Chrome Kiosk模式下的安全网站

[英]Secure Website in Chrome Kiosk Mode

 原文  2015-11-24 19:04:20       javascript/ google-chrome/ google-chrome-os

问题描述

I have a little Node app on heroku. 我在heroku上有一个小节点应用程序。 It's embedded in a Chrome kiosk app . 它嵌入在Chrome自助服务终端应用中

I would like the app to only be accessible on the Chromebooks that have it installed in kiosk mode. 我希望只有在以Kiosk模式安装它的Chromebook上才能访问该应用。

I've tried HTTP authentication, but after I put in my password and username, the app never loads. 我已经尝试过HTTP身份验证,但在我输入密码和用户名后,应用程序从未加载。 However this is also not ideal in the first place, as I would like to avoid requiring a password on the Chromebook. 然而,这首先也不理想,因为我希望避免在Chromebook上使用密码。

Any ideas? 有任何想法吗?

2 个解决方案

解决方案1
 6  2015-12-04 23:30:24

If you provision the chromebooks yourself, you might be able to use TLS client authentication. 如果您自己配置chromebooks,则可以使用TLS客户端身份验证。

You would install an ssl certificate on the chromebook once which you can then use to authenticate to the web server. 您可以在chromebook上安装一个ssl证书,然后您可以使用该证书对Web服务器进行身份验证。 A nodejs example can be found here http://nategood.com/nodejs-ssl-client-cert-auth-api-rest 可以在这里找到一个nodejs示例http://nategood.com/nodejs-ssl-client-cert-auth-api-rest

There is also a passport.js module for this https://github.com/ripjar/passport-client-cert 这个https://github.com/ripjar/passport-client-cert还有一个passport.js模块

In theory a user can install the certificate on his own, he would get a message asking him to confirm the installation of the certificate, hit okay and that's it. 从理论上讲,用户可以自己安装证书,他会收到一条消息,要求他确认证书的安装,点击好,就是这样。

But be aware, that the certificate can easily be extracted from the chromebook via the settings. 但请注意,可以通过设置轻松地从chromebook中提取证书。

解决方案2
 5  2015-12-06 05:43:05

If I understand correctly, you want to make your website only accessible from the chromebooks you configured. 如果我理解正确,您希望只能从您配置的chromebook访问您的网站。 Please clarify if this is not what you meant. 请澄清这是不是你的意思。

Then you can have a landing page (can require authentication) that generates a random token for your chromebooks on first run only. 然后,您可以拥有一个登录页面(可以要求身份验证),该页面仅在首次运行时为您的chromebook生成随机令牌。 Store this token in a cookie or local storage, and send it every time the app runs to verify on the server. 将此令牌存储在cookie或本地存储中,并在每次运行应用程序时发送它以在服务器上进行验证。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Chrome信息亭模式关闭Chrome - Chrome Kiosk Mode close Chrome 在Kiosk模式下检测Google Chrome - Detect Google Chrome in Kiosk Mode chrome devtools,如何在自助服务终端模式下打开 - chrome devtools, how to open when in kiosk mode Google Chrome Kiosk模式打印延迟 - Google Chrome Kiosk Mode Printing Delay 如何知道Chrome Kiosk模式下的控制台错误 - How to know console error in chrome Kiosk mode 如何以编程方式关闭在 Kiosk 模式下运行的 Chrome? - How to close Chrome running in Kiosk mode programmatically? 删除全屏窗口装饰/边框Chrome OS app / kiosk模式 - Remove fullscreen window decoration/border Chrome OS app/kiosk mode Chrome打包应用 - 了解是否以自助服务终端模式运行 - Chrome packaged app - find out if running in kiosk-mode 网站的信息亭模式 - Kiosk mode for Websites 信息亭模式Web应用程序 - Kiosk mode web application
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM