josnabattula commented on code in PR #931:
URL: https://github.com/apache/guacamole-client/pull/931#discussion_r1394850456
##########
guacamole/src/main/java/org/apache/guacamole/tunnel/StandardTokenMap.java:
##########
@@ -102,6 +115,13 @@ public StandardTokenMap(AuthenticatedUser
authenticatedUser) {
else
put(USERNAME_TOKEN, authenticatedUser.getIdentifier());
+ if (get(USERNAME_TOKEN).contains("\\")) {
+ put(USERNAME_DOMAIN_TOKEN, get(USERNAME_TOKEN).split("\\\\")[0]);
+ put(USERNAME_ID_TOKEN, get(USERNAME_TOKEN).split("\\\\")[1]);
+ } else {
+ put(USERNAME_DOMAIN_TOKEN, "");
+ put(USERNAME_ID_TOKEN, get(USERNAME_TOKEN));
+ }
Review Comment:
`if the domain portion is desired/required, it would need to be something
LDAP-specific` - Yes these variables we are looking are LDAP-specific.
`authenticatedUser.getIdentifier()` only gives us which authentication
mechanism i have used for my guacamole instance.
Also In the instance multiple LDAP configurations with `match-usernames`
`${GUAC_USERNAME` becomes `domain\username` which is not ideal for RDP
connections. Check below some parts of actual error
```
Failure Reason: Unknown user name or bad password.
Status: 0xC000006D
Sub Status: 0xC0000064
Process Information:
Caller Process ID: 0x0
Caller Process Name: -
Detailed Authentication Information:
Logon Process: NtLmSsp
Authentication Package: NTLM
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
```
It would be ideal to have DOMAIN and just user name which are again LDAP
sepcific, it makes easy for connection configuration without any hassle.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@guacamole.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
