You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@guacamole.apache.org by vn...@apache.org on 2018/11/11 02:23:46 UTC
[4/4] guacamole-manual git commit: Merge 1.0.0 changes back to master.
Merge 1.0.0 changes back to master.
Project: http://git-wip-us.apache.org/repos/asf/guacamole-manual/repo
Commit: http://git-wip-us.apache.org/repos/asf/guacamole-manual/commit/810a6e2a
Tree: http://git-wip-us.apache.org/repos/asf/guacamole-manual/tree/810a6e2a
Diff: http://git-wip-us.apache.org/repos/asf/guacamole-manual/diff/810a6e2a
Branch: refs/heads/master
Commit: 810a6e2a20ed63c88869b4a9e0b7e27dd2f0bebe
Parents: 521492c d7d23bf
Author: Nick Couchman <vn...@apache.org>
Authored: Sat Nov 10 21:23:22 2018 -0500
Committer: Nick Couchman <vn...@apache.org>
Committed: Sat Nov 10 21:23:22 2018 -0500
----------------------------------------------------------------------
src/chapters/jdbc-auth.xml | 15 +++----
src/chapters/ldap-auth.xml | 93 +++++++++++++++++++++++++----------------
2 files changed, 64 insertions(+), 44 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/guacamole-manual/blob/810a6e2a/src/chapters/ldap-auth.xml
----------------------------------------------------------------------
diff --cc src/chapters/ldap-auth.xml
index d9f09e9,e1b4522..3c47567
--- a/src/chapters/ldap-auth.xml
+++ b/src/chapters/ldap-auth.xml
@@@ -357,72 -360,11 +360,72 @@@ dn: cn={4}guacConfigGroup,cn=schema,cn=
</listitem>
</varlistentry>
<varlistentry>
+ <term><property>ldap-user-attributes</property></term>
+ <listitem>
+ <para>The attribute or attributes to retrieve from the LDAP directory for
+ the currently logged-in user, separated by commas. If specified, the
+ attributes listed here are retrieved from each authenticated user and
+ dynamically applied to the parameters of that user's connections as
+ <link linkend="parameter-tokens">parameter tokens</link> with the
+ prefix "<varname>LDAP_</varname>".</para>
+ <para>When a user authenticates with LDAP and accesses a particular
+ Guacamole connection, the values of these tokens will be the values of
+ their corresponding attributes at the time of authentication. If the
+ attribute has no value for the current user, then the corresponding
+ token is not applied. If the attribute has multiple values, then the
+ first value of the attribute is used.</para>
+ <para>When converting an LDAP attribute name into a parameter token name,
+ the name of the attribute is transformed into uppercase with each word
+ separated by underscores, a naming convention referred to as "uppercase
+ with underscores" or "<link
+ xlink:href="https://en.wikipedia.org/wiki/Naming_convention_(programming)#Multiple-word_identifiers"
+ >screaming snake case</link>". For example:</para>
+ <table frame="all">
+ <title>Example LDAP attribute / parameter token conversions</title>
+ <tgroup cols="2">
+ <colspec colname="c1" colnum="1" colwidth="1.0*"/>
+ <colspec colname="c2" colnum="2" colwidth="1.0*"/>
+ <thead>
+ <row>
+ <entry>LDAP Attribute</entry>
+ <entry>Parameter Token</entry>
+ </row>
+ </thead>
+ <tbody>
+ <row>
+ <entry><varname>lowercase-with-dashes</varname></entry>
+ <entry><varname>${LDAP_LOWERCASE_WITH_DASHES}</varname></entry>
+ </row>
+ <row>
+ <entry><varname>CamelCase</varname></entry>
+ <entry><varname>${LDAP_CAMEL_CASE}</varname></entry>
+ </row>
+ <row>
+ <entry><varname>headlessCamelCase</varname></entry>
+ <entry><varname>${LDAP_HEADLESS_CAMEL_CASE}</varname></entry>
+ </row>
+ <row>
+ <entry><varname>lettersAndNumbers1234</varname></entry>
+ <entry><varname>${LDAP_LETTERS_AND_NUMBERS_1234}</varname></entry>
+ </row>
+ <row>
+ <entry><varname>aRANDOM_mixOf-3NAMINGConventions</varname></entry>
+ <entry><varname>${LDAP_A_RANDOM_MIX_OF_3_NAMING_CONVENTIONS}</varname></entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </table>
+ <para>Usage of parameter tokens is discussed in more detail in <xref
+ linkend="configuring-guacamole"/> in <xref
+ linkend="parameter-tokens"/>.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
<term><property>ldap-user-search-filter</property></term>
<listitem>
- <para>The search filter used to query the LDAP tree for users that
- can log into and be granted privileges in Guacamole. <emphasis>If
- this property is omitted the default of "(objectClass=*)" will be used.
+ <para>The search filter used to query the LDAP tree for users that can log
+ into and be granted privileges in Guacamole. <emphasis>If this property
+ is omitted the default of "(objectClass=*)" will be used.
</emphasis></para>
</listitem>
</varlistentry>