You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@guacamole.apache.org by "Nick Couchman (JIRA)" <ji...@apache.org> on 2017/01/07 04:22:58 UTC

[jira] [Commented] (GUACAMOLE-29) Add support for requesting HTTP Basic Authentication

    [ https://issues.apache.org/jira/browse/GUACAMOLE-29?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15806734#comment-15806734 ] 

Nick Couchman commented on GUACAMOLE-29:
----------------------------------------

So, I took a look at the previous PR and the Guacamole source code has changed enough between the PR and the Apache Incubator version that I decided just to rewrite it as an extension module.  I have the initial stab out on Github if anyone wants to take a look and comment/criticize/contribute:

https://github.com/necouchman/guacamole-auth-http/tree/GUACAMOLE-29

A couple of notes:
- I have yet to test this out in a Tomcat environment without a proxy in front of it.  I'll try to get it tested out here, but I'm making the assumption that it works.
- If you're using a proxy you have to configure it to pass through REMOTE_USER (or your user-defined header).  In Apache you can do this using the RequestHeader set configuration option.
- If you'd rather use a different header than REMOTE_USER, you can configure it via the guacamole.properties file and set the http-auth-header option.

> Add support for requesting HTTP Basic Authentication
> ----------------------------------------------------
>
>                 Key: GUACAMOLE-29
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-29
>             Project: Guacamole
>          Issue Type: Improvement
>            Reporter: Michael Jumper
>
> {panel:bgColor=#FFFFEE}
> *The description of this issue was copied from [GUAC-1489|https://glyptodon.org/jira/browse/GUAC-1489], an issue in the JIRA instance used by the Guacamole project prior to its acceptance into the Apache Incubator.*
> Comments, attachments, related issues, and history from prior to acceptance *have not been copied* and can be found instead at the original issue.
> {panel}
> Some reverse proxies support SSO via HTTP Basic authentication if the server requests it with 401 Unauthorized response.
> As Guacamole already reads Authorization header, it looks trivial to add guacamole.properties option such as "enable-http-basic-auth", to tell Guacamole to request HTTP Basic Authentication .
> PR on its way :)
> Thanks!



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)