You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by Masood <ma...@gmail.com> on 2017/11/17 15:29:35 UTC
HTTP header authentication not working. Infomation missing
I am trying to add HTTP header auth extension into guacamole. I have followed
all the instructions from the chapter 9 of Manual. The jar file is in the
extension folder, but I don't see any new loaded extension in syslog. I have
not added any new property to the guacamole.properties. As it is optional
I am using Tomcat 7. Do I need to change some properties in Tomcat to allow
HTTP headers?
Also, I don't understand the following line in manual "If your
authentication system uses a different HTTP header" I don't have any
authentication system. Do I need to install it? Is it in Tomcat or 3rd party
application.
For beginner, I think there is some information missing in Chap 9
Regards,
Masood
--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
Re: HTTP header authentication not working. Infomation missing
Posted by Nick Couchman <vn...@apache.org>.
On Fri, Nov 17, 2017 at 10:29 AM, Masood <ma...@gmail.com> wrote:
> I am trying to add HTTP header auth extension into guacamole. I have
> followed
> all the instructions from the chapter 9 of Manual. The jar file is in the
> extension folder, but I don't see any new loaded extension in syslog. I
> have
> not added any new property to the guacamole.properties. As it is optional
>
> I am using Tomcat 7. Do I need to change some properties in Tomcat to allow
> HTTP headers?
>
> Also, I don't understand the following line in manual "If your
> authentication system uses a different HTTP header" I don't have any
> authentication system. Do I need to install it? Is it in Tomcat or 3rd
> party
> application.
>
You need to configure your web server - either Tomcat or your reverse proxy
web server, if you're proxying it through nginx or httpd, for example - to
do HTTP authentication. You can find configuration examples for BASIC
authentication in the following document - item #5:
http://archive.oreilly.com/pub/a/java/archive/tomcat-tips.html
If you're proxying Guacamole through Apache httpd, you'd do something like
this in your configuration:
<Location /guacamole>
...
AuthType basic
AuthName "Basic Authentication"
AuthBasicProvider file
AuthUserFile /etc/httpd/guacamole.users
Require valid-user
</Location>
By default Apache will set the REMOTE_USER header during authentication,
which should be passed through to Tomcat and accessible by Guacamole.
Nginx has similar options:
https://www.nginx.com/resources/admin-guide/restricting-access-auth-basic/
-Nick