search

yasminaabdelhameed / sandrob

Automatically exported from code.google.com/p/sandrob
0 stars 0 forks source link

SandroB for 4.x #57

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago 
There is no need for SandroB on 4.x android.
From 4.0.3 certificates works fine and even NTLM authentication is enabled.

There is sandroproxy that supports client certificates 
if your version of OS is bellow 4.0.3

http://code.google.com/p/sandrop/

Original issue reported on code.google.com by supp.san...@gmail.com on 9 Feb 2012 at 6:51

GoogleCodeExporter commented 8 years ago 
would it be possible to implement the Proxy Authentication in SandroB or 
SandroProxy for ICS as i just updated to ics and the gingerbread version keeps 
crashing?
I need proxy authentication for my college WiFi. ( Non rooted Galaxy s2)

Thanks

Original comment by djmihir...@gmail.com on 23 Apr 2012 at 12:11

GoogleCodeExporter commented 8 years ago 
Sandrob will not work on ICS.
There is proxy in ICS, so try if it works for you.

http://code.google.com/p/sandrob/issues/detail?id=41#c27

Original comment by supp.san...@gmail.com on 23 Apr 2012 at 3:05

GoogleCodeExporter commented 8 years ago 
Is there any way to update this to 4.0.4? i just purchased the droid razr maxx 
hd with ICS 4.0.4 on it. client certificates are supported by android but this 
device does not come with the android browser pre-installed and i can't find a 
copy that will work for me. the device comes with Google chrome pre-installed 
which does not have access to the OS certificate store. i'm not a developer so 
if i'm wrong please correct me. i believe my only solutions are a browser like 
this one or the stock android browser.

Original comment by exbro2...@gmail.com on 25 Oct 2012 at 5:09

GoogleCodeExporter commented 8 years ago 
Maybe this will work for you.

https://addons.mozilla.org/en-US/mobile/addon/cert-manager/

The FF Mobile addon called "Cert Manager". Use an old FF Mobile version : only 
FF Mobile 13 is supported (currently this version 16)
This version can easily be found by browsing public Mozilla FTP : 
ftp://ftp.mozilla.org/pub/mozilla.org/mobile/releases/

Original comment by supp.san...@gmail.com on 25 Oct 2012 at 6:37

GoogleCodeExporter commented 8 years ago 
Thanks for the quick response. i have tried using both firefox 13 and firefox 
10 with the cert-manager add-on and even though it is buggy it allows me to 
access the site once. but once the session ends or i restart firefox i have to 
import the certificate all over again. i don't know why it does this but it 
becomes unuseble as i need to check the site a couple of times an hour.

Original comment by exbro2...@gmail.com on 25 Oct 2012 at 7:45

GoogleCodeExporter commented 8 years ago 
You can also use SandroProxy.
But I must warn you about security issues that it has:
1. it doesn't check server certificate 
2. client certificate is stored on sdcard
3. http traffic is captured and stored

SandroProxy instructions to work with client certificates:

How it works:
SandroProxy is proxy. This means that receives requests from browsers and 
redirects them to servers. It is like some man in the middle.
So it can also make request to server with it's own ssl client certificates.

What must be done in browser:

Browser must be told to sends requests to proxy instead direct to server.
This can be done with Settings->Wifi->Modify network (long press on selected 
wifi) -> Show advanced options = ON ->
Proxy settings = Manual
Proxy hostname = localhost
Proxy port = 8008 (port on which SandroProxy listens for requests)

Another way could be for example with Opera browser:
http://mobilebroadband.gishan.net/entry/27/how-to-setup-wi-fi-proxy-on-android

What must be done in SandroProxy:
Preferences-> CLIENT CERTIFICATE:
File location: /mnt/sdcard/<certfile_name.pfx>
Password: password to access certificate file

Start Proxy with with Play button in action bar.
Start Browser and input https url that you want to use.
There will be some warrnings that SSL is not okey.
This is because there is SandroProxy between browser and server and this is not 
safe how to handle ssl sessions.

Original comment by supp.san...@gmail.com on 26 Oct 2012 at 7:27

GoogleCodeExporter commented 8 years ago 
Thank you so much for the suggestion. Unfortunately my connection needs to be 
secure as i deal with very sensitive data. i'm considering just returning the 
phone and purchasing a galaxy not 2 which seems to come with androids native 
browser pre-installed. Also want to say Thanks for developing SandroB to begin 
with. i used it for a long time on my Droid X and it was a savior.

Original comment by exbro2...@gmail.com on 26 Oct 2012 at 7:07

GoogleCodeExporter commented 8 years ago 
Ok.

Some additional info about android problems with client certificates.
http://code.google.com/p/android/issues/detail?id=35141

Original comment by supp.san...@gmail.com on 26 Oct 2012 at 7:18

GoogleCodeExporter commented 8 years ago 
Wow. I love Android but it just seems like they are never going to get this 
right. Thanks for the link.

Original comment by exbro2...@gmail.com on 27 Oct 2012 at 2:56

GoogleCodeExporter commented 8 years ago 
just published sslexample that should work on ics+:
https://play.google.com/store/apps/details?id=org.sandrob.sslexample
still not very safe solution

Original comment by supp.san...@gmail.com on 28 Oct 2012 at 6:36