AnyConnect Secure Mobility Client 4.4.00243

CLIClientImpl Class Reference

#include <CLIClientImpl.h>

List of all members.

Public Member Functions

void printHostList ()
void printDefaultHost ()
void connect (std::string host, std::string user, std::string password, std::string group)
void disconnect ()
void showGroups (std::string host)
void getStats ()
void setUserData (ConnectPromptInfo &ConnectPrompt)
void printGroupList (ConnectPromptInfo &ConnectPrompt)
std::wstring convertMultiByteToWide (const std::string &sInputData)

Protected Member Functions

void StatsCB (VPNStats &stats)
void StateCB (const VPNState state, const VPNSubState subState, const tstring stateString)
void BannerCB (const tstring &banner)
void NoticeCB (const tstring notice, const MessageType type)
void ExitNoticeCB (const tstring &notice, const int returnCode)
void ServiceReadyCB ()
void UserPromptCB (ConnectPromptInfo &ConnectPrompt)
void CertBlockedCB (const tstring &rtstrUntrustedServer)
void CertWarningCB (const tstring &rtstrUntrustedServer, const std::list< tstring > &rltstrCertErrors, bool bAllowImport)

Detailed Description

This is an example application demonstrating the implementation of the AnyConnect API


Member Function Documentation

void CLIClientImpl::BannerCB ( const tstring &  banner) [protected, virtual]

If a banner needs to be acknowledged, this CB delivers the banner to the client.

NOTE: Connection establishment will block until the method setBannerResponse() is called.

In a GUI, a banner would typically be displayed in a modal dialog with an accept or decline button selection.

See also:
setBannerResponse() to set the user response to the banner.

Implements ClientIfc.

{
        bool bBannerAccepted = true;
        setBannerResponse(bBannerAccepted);
}
void CLIClientImpl::CertBlockedCB ( const tstring &  rtstrUntrustedServer) [protected, virtual]

This method is called when the preference to block untrusted servers is enabled and the current VPN server being connected to is untrusted. Clients should present an error to the user notifying them that the current connection to rtstrUntrustedServer is being blocked. The client should also provide a way for the user to change the preference to block untrusted servers.

The user response must be indicated using setCertBlockedResponse

Implements ClientIfc.

{
    setCertBlockedResponse(false);
}
void CLIClientImpl::CertWarningCB ( const tstring &  rtstrUntrustedServer,
const std::list< tstring > &  rltstrCertErrors,
bool  bAllowImport 
) [protected, virtual]

This method is called when connections to untrusted VPN servers is allowed by policies and the current VPN server being connected to is untrusted. Clients should present a warning to the user notifying them that the current connection to rtstrUntrustedServer is unsafe. The reason the VPN server is untrusted is provided in rltstrCertErrors. The client should provide a way for the user to connect once, connect and always trust or cancel the connection. If bAllowImport is set to false then the always trust option should not be presented to users.

The user response must be indicated using setCertWarningResponse

Implements ClientIfc.

{
    setCertWarningResponse(false, false);
}
void CLIClientImpl::disconnect ( ) [virtual]

Use this method to initiate a disconnect of the active VPN connection.

An indication of VPN disconnect is received via the StateCB method.

Reimplemented from ClientIfc.

{
    ClientIfc::disconnect();
        // To ensure VPN service receive the disconnect message, 
    // do a short sleep before CLI terminates.
    //
    // NOTE: This is done only for demonstration purposes and would not be
    // needed in a GUI or other program that runs continuously. A more elegant way
        // to handle this case is to terminate the CLI after checking the disconnect callback message
        // from API.
    //
#ifdef _WIN32
    Sleep(1500);
#else
    sleep(1);
#endif
}
void CLIClientImpl::ExitNoticeCB ( const tstring &  tstrNotice,
const int  returnCode 
) [protected, virtual]

This CB would likely occur only during a connection when it was detected that the software needed to be upgraded, or when Start Before Logon (SBL) is being used.

Unlike the other callback methods, this method provides a default implementation (calling the system's exit() function). If clients of the API wish to override this behavior, they are responsible for ensuring that the current running process exits with the return code specified by returnCode.

Caution: IF YOU OVERRIDE THIS METHOD AND DO NOT EXIT WITH THE PROPER CODE SOFTWARE UPDATE FUNCTIONALITY IN YOUR CLIENT WILL BREAK

Reimplemented from ClientIfc.

{
#ifdef UNICODE
    printf("ExitNoticeCB (%d): %S\n", returnCode, notice.c_str());
#else
    printf("ExitNoticeCB (%d): %s\n", returnCode, notice.c_str());
#endif
}
void CLIClientImpl::getStats ( void  )

This method demonstrates accessing the statistics data delivered via the ClientIfc::StatsCB method.

Reimplemented from ClientIfc.

{
    if (isConnected())
    {
        // To ensure we receive the first set of stats before we try to print,
        // do a short sleep.
        //
        // NOTE: This is done only for demonstration purposes and would not be
        // needed in a GUI or other program that runs continuously.
        //
#ifdef _WIN32
        Sleep(1500);
#else
        sleep(1);
#endif

        tstring stats = SEP + VPNStats::getTranslatedLabel(VPNStats::State)
                            + mo_VPNStats.getStatValue(VPNStats::State);
        stats += SEP + VPNStats::getTranslatedLabel(VPNStats::TunnelingMode)
                     + mo_VPNStats.getStatValue(VPNStats::TunnelingMode);
        stats += SEP + VPNStats::getTranslatedLabel(VPNStats::TimeConnected)
                     + mo_VPNStats.getStatValue(VPNStats::TimeConnected);
        stats += SEP + VPNStats::getTranslatedLabel(VPNStats::BytesSent)
                     + mo_VPNStats.getStatValue(VPNStats::BytesSent);
        stats += SEP + VPNStats::getTranslatedLabel(VPNStats::BytesReceived)
                     + mo_VPNStats.getStatValue(VPNStats::BytesReceived);

        // Now get the data for the active protocol.
        //
        // NOTE: There is also Secure and non-secure route information.  This
        //       data can be retrieved in a manner similar to protocolInfo
        //       using the methods getSecureRoutes() and getNonsecureRoutes()
        //
        std::list<ProtocolInfo *> protInfo = mo_VPNStats.getProtocolInfo();
        for (std::list<ProtocolInfo *>::iterator iter = protInfo.begin();
                                                 iter != protInfo.end();
                                                 iter++)
        {
            if ((*iter)->isActive())
            {
                stats += SEP + VPNStats::getTranslatedLabel(ProtocolInfo::Cipher)
                             +(*iter)->getProtocolValue(ProtocolInfo::Cipher);
                stats += SEP + VPNStats::getTranslatedLabel(ProtocolInfo::Protocol)
                             +(*iter)->getProtocolValue(ProtocolInfo::Protocol);
                stats += SEP + VPNStats::getTranslatedLabel(ProtocolInfo::Compression)
                             +(*iter)->getProtocolValue(ProtocolInfo::Compression);
            }
        }

#ifdef UNICODE
        printf("VPN Stats:%S\n",stats.c_str());
#else
        printf("VPN Stats:%s\n",stats.c_str());
#endif
    }
    else
    {
        printf("Tunnel not up, no stats to print.\n");
    }
}
void CLIClientImpl::NoticeCB ( const tstring  notice,
const MessageType  type 
) [protected, virtual]

Messages are delivered via the NoticeCB and can come from multiple sources. There are four message types (error, warning, info and status). See the MessageType enum in api.h for the list.

Clients using the API as an embedded application (not user visible) might want to further characterize messages. One option here is to use the AnyConnect message catalog and assign message codes as the translations for various messages. An application could then track messages based on its own error code scheme.

Implements ClientIfc.

{
    std::string msgType;
    switch(type)
        {
            case MsgType_Error:
                msgType = "Error";
                break;
            case MsgType_Warn:
                msgType = "Warn";
                break;
            case MsgType_Info:
                msgType = "Info";
                break;
            default:
                msgType = "Unknown";
                break;
        }

#ifdef UNICODE
    printf("Notice (%s): %S\n", msgType.c_str(), notice.c_str());
#else
    printf("Notice (%s): %s\n", msgType.c_str(), notice.c_str());
#endif
}
void CLIClientImpl::ServiceReadyCB ( ) [protected, virtual]

Under normal operating conditions, this CB is called as soon as the attach method completes. In case the service (vpn agent) is not ready, this CB is not called until it is.

Any API calls made prior to this CB being called will result in a NoticeCB error message.

Implements ClientIfc.

{ }
void CLIClientImpl::setUserData ( ConnectPromptInfo ConnectPrompt)

Method with example of parsing ConnectPromptInfo.

This method is triggered by an API call on the method UserPromptCB(ConnectPromptInfo &).

{
#ifdef UNICODE
    printf("User Message: %S\n", ConnectPrompt.getMessage().c_str());
#else
    printf("User Message: %s\n", ConnectPrompt.getMessage().c_str());
#endif

    // Create a list to hold the names of the individual PromptEntry objects.
    //
    std::list<tstring> promptNames;
    // Get the list of names associated with the PromptEntry objects.
    //
    ConnectPrompt.getListPromptNames(promptNames);
    // This set of code cycles through the list of names that reference the
    // individual PromptEntry objects.  As each name is accessed it can be used
    // to retrieve a specific instance of a PromptEntry object.  There is also a
    // method (ConnectPromptInfo::getListPromptEntry()) to retrieve the list of
    // PromptEntry objects directly, allowing the individual PromtpEntry object
    // to be accessed in a different manner if desired.
    //
    std::list<tstring> :: iterator name_iter;
    for (name_iter = promptNames.begin();
                     name_iter != promptNames.end(); ++name_iter)
    {
        // name_iter represents a single name from the promptNames list.
        //
        tstring promptName = *name_iter;
        PromptEntry *entry = ConnectPrompt.getPromptEntry(promptName);

        // For this demo program, we'll assume any combo box is for
        // group selection.
        //
        if (entry->getPromptType() == Prompt_Combo)
        {
            entry->setValue(ms_group);
        }
        tstring entryName = entry->getPromptName();

        // PromptEntry::Username and PromptEntry::Password are string currently
        // resolving to the wide char values "username" and "password".
        // 
        if (entryName == PromptEntry::Username)
        {
            entry->setValue(ms_user);
        }
        else if (entryName == PromptEntry::Password)
        {
            entry->setValue(ms_pswd);
        }
    }
}
void CLIClientImpl::StateCB ( const VPNState  state,
const VPNSubState  subState,
const tstring  stateString 
) [protected, virtual]

Callback used to deliver VPN state and state change string. The stateString delivered by this method is localized.

See the VPNState enum found in api.h for set of valid states.

Implements ClientIfc.

{
#ifdef UNICODE
   printf("Current State (%d): %S\n", state, stateString.c_str());
#else
   printf("Current State (%d): %s\n", state, stateString.c_str());
#endif
}
void CLIClientImpl::StatsCB ( VPNStats stats) [protected, virtual]

Callback used to deliver new statistics related to the VPN connection.

When a connection is active, a new set of statistics is delivered each second.

See also:
resetStats(), stopStats() and startStats()

Implements ClientIfc.

{
    mo_VPNStats = stats;
}
void CLIClientImpl::UserPromptCB ( ConnectPromptInfo ConnectPrompt) [protected, virtual]

This method supports prompting for single or multiple values. All prompts are considered mandatory.

The ConnectPromptInfo object contains a list of PromptEntry instances. The labels and their default values (if any) can be found in these instances. After the data has been collected from the user it can be set into these same instances. When ready, the client application should call the method UserSubmit() to have the responses read by the API.

Implements ClientIfc.

{
    if (me_RequestType == REQ_CONNECT)
    {
        // For example purposes, only allow one try at setting user data.
        //
        me_RequestType = REQ_END;
        // Look for requested user input fields and fill in previously
        // stored values.
        //
        setUserData(ConnectPrompt);
        // Now that the user data has been entered, submit the response.
        //
        UserSubmit();
    }
    else if (me_RequestType == REQ_GROUPLIST)
    {
        printGroupList(ConnectPrompt);
    }

}