[DISCUSS] Moving away from "user-mapping.xml"

[Mike Jumper <mi...@guac-dev.org>]

Hello all,

I'm beginning to think we should look to moving away from using the old
"user-mapping.xml" mechanism, and migrate toward some non-XML (JSON? YAML?
both?) format with more modern guac features.

The "user-mapping.xml" mechanism has existed for almost as long as
Guacamole itself, but suffers from some problems:

1) It's XML, and as such is a bit overly verbose.
2) It relies on unsalted MD5 for password storage, which is questionable at
best.
3) It's not recommended for production use, aimed mainly at getting things
running quickly for a proof-of-concept that will eventually be migrated to
the database, etc. ... but this is only known anecdotally. Our
documentation still demonstrates the use of "user-mapping.xml" as if it's
the main way to configure things.
4) It's built off the SimpleAuthenticationProvider version of the extension
API, which lacks support for the newer objects and cannot delegate
authentication to something else. There have been a few cases where users
have tried to combine "user-mapping.xml" with LDAP or similar, and have ran
into problems as a result.

I'd like for things to move in a direction where the default, built-in
authentication mechanism is one which *can* be used in a production
environment, with the use of that authentication mechanism actually being
recommendable for cases not needing the complexity of a database or LDAP,
and which is built upon a format which is more practical than XML.

Thoughts?

- Mike

Re: [DISCUSS] Moving away from "user-mapping.xml"

[Nick Couchman <vn...@apache.org>]

On Fri, Feb 2, 2018 at 01:42 Mike Jumper <mi...@guac-dev.org> wrote:

> Hello all,
>
> I'm beginning to think we should look to moving away from using the old
> "user-mapping.xml" mechanism, and migrate toward some non-XML (JSON? YAML?
> both?) format with more modern guac features.


Sounds good to me. I like the idea of JSON - it's popular right now, which
means there are plenty of tools that can read it and manipulate it.


>
> The "user-mapping.xml" mechanism has existed for almost as long as
> Guacamole itself, but suffers from some problems:
>
> 1) It's XML, and as such is a bit overly verbose.
> 2) It relies on unsalted MD5 for password storage, which is questionable at
> best.
> 3) It's not recommended for production use, aimed mainly at getting things
> running quickly for a proof-of-concept that will eventually be migrated to
> the database, etc. ... but this is only known anecdotally. Our
> documentation still demonstrates the use of "user-mapping.xml" as if it's
> the main way to configure things.
> 4) It's built off the SimpleAuthenticationProvider version of the extension
> API, which lacks support for the newer objects and cannot delegate
> authentication to something else. There have been a few cases where users
> have tried to combine "user-mapping.xml" with LDAP or similar, and have ran
> into problems as a result.


Yeah, this would be nice.


>
> I'd like for things to move in a direction where the default, built-in
> authentication mechanism is one which *can* be used in a production
> environment, with the use of that authentication mechanism actually being
> recommendable for cases not needing the complexity of a database or LDAP,
> and which is built upon a format which is more practical than XML.



I've also been trying to get a JDBC module working for a file-backed
database that would be relatively easy to set up for people trying to get
going quickly.  Unfortunately that hit a snag with a bug in the SQLite JDBC
driver, but sounds like this might be a better direction!

-Nick