You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by Mike WW <mw...@broward.edu> on 2021/05/05 20:50:28 UTC
Re: guacamole-auth-json error
Hi,
I'm dealing with the same situation having used the exact same reference
settings (json-secret-key and auth.json file) just in an attempt to get it
working, and I'm getting the exact same signed and encrypted response
(Ez9K+nkHjuEAWq...8sIYw==).
I've attempt removing line breaks with `tr -d '\n'` but while this works the
resulting encrypted block still doesn't work for me. What method did you
use?
I have downloaded both 1.3.0 server and client from their "Apache" (so they
match, and not from glyptodon) GitHub sites, successfully compiled both with
Maven, installed and started the server, deployed Tomcat and the client
successfully and tested with BasicFileAuthentication and the
user-mapping.xml.
copied
guacamole-client-master/extensions/guacamole-auth-json/target/guacamole-auth-json-1.3.0.jar
to GUACAMOLE_HOME/extensions
(/usr/share/tomcat/.guacamole/extensions in my case)
added
json-secret-key: 4c0b569e4c96df157eee1b65dd0e4d41
to guacamole.properties
I saw in the logs (/var/log/messages) that "Encrypted JSON .." was "loaded"
on Tomcat restart
but I'm not able to get a successful authentication yet.
Did it matter that the encrypt.json.sh encrypted block was different from
the reference example in the README on the GitHub site?
What method did you use to remove the line breaks?
Any help/ideas greatly appreciated.
--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org
Re: guacamole-auth-json error
Posted by Mike WW <mw...@broward.edu>.
HiThanks for the quick reply. Fair point.I've been working backwards to get
to a working config, and had been using :`date +%s --date "+ 24 hours"`to
create a timestamp good for a day. Although it was 3 digits shorter than
the one on the reference example in the README for auth-json. I just
checked the README and indeed it says "milliseconds". I just assumed
seconds and assumed the author had added three zeroes on the end of an old
timestamp to make sure it'd work for others in the future.Many thanks, this
was my 3rd run through, but at least I have excellent documentation now.
Mike
--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
Re: guacamole-auth-json error
Posted by Mike Jumper <mi...@glyptodon.com>.
On Wed, May 5, 2021 at 1:50 PM Mike WW <mw...@broward.edu> wrote:
> Hi,
>
> I'm dealing with the same situation having used the exact same reference
> settings (json-secret-key and auth.json file) just in an attempt to get it
> working, and I'm getting the exact same signed and encrypted response
> (Ez9K+nkHjuEAWq...8sIYw==).
>
> I've attempt removing line breaks with `tr -d '\n'` but while this works
> the
> resulting encrypted block still doesn't work for me. ...
>
You'll have to make at least some changes to that JSON, as its expiration
timestamp is in the past ("1446323765000" is 2015-10-31 20:36:05 UTC). It
will be ignored by guacamole-auth-json as expired. If you are getting the
same encrypted data back, that's a good sign - you can probably just edit
the JSON to have a non-expired timestamp.
Michael Jumper
CEO, Lead Developer
Glyptodon Inc <https://glyp.to/>.