API Session Token

[sciUser <sh...@securitycentric.net>]

Hello,

With out using LDAP how would I get the user session token ?
I like to not pass username and passwords in the URL but use the token to
log them in.

Also I changed the URL pointer on NGINX from /guacamole/ to /lab/ do I need
to change  proxy_cookie_path* /guacamole/ /guacamole/*; to /bal /lab/;  as
well?



Which brings me to Tomcat, do i need to change /guacamole/api to reflect the
nginx change /lab/api ?

Thank You



--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/

Re: API Session Token

[Nick Couchman <vn...@apache.org>]

On Fri, Feb 15, 2019 at 18:33 sciUser <sh...@securitycentric.net> wrote:

> Hello,
>
> With out using LDAP how would I get the user session token ?
> I like to not pass username and passwords in the URL but use the token to
> log them in.


No matter what extension you're using for authentication the way to obtain
a token is to POST to the /guacamole/api/tokens endpoint a form with the
username and password fields.  This is completely independent of what
authentication mechanism backs Guacamole.


>
> Also I changed the URL pointer on NGINX from /guacamole/ to /lab/ do I need
> to change  proxy_cookie_path* /guacamole/ /guacamole/*; to /bal /lab/;  as
> well?
>

As of 1.0.0 I believe Guacamole client is completely cookie-free, so you
shouldn't have to use that option.  However, why not just deploy the WAR
file as lab.war, in which case the path within Tomcat will match Nginx and
you won't have to worry about the rewriting.

-Nick