mike-jumper commented on code in PR #243: URL: https://github.com/apache/guacamole-manual/pull/243#discussion_r1731743107
########## src/vault.md: ########## @@ -170,6 +174,28 @@ All other configuration properties are optional. secret. This is optional, and by default it is false - domains will not be stripped from the username. +`ksm-allow-user-config` +: Whether or not users should be allowed to set their own KSM configuration, + which will be used to pull secrets _only_ when not already provided by the + global or connection-group-level KSM configuration. I.E. a user-level KSM + configuration will never be used if a matching secret is otherwise available. + +#### User and Connection Group KSM Configuration + +In addition to the required global `ksm-config` configuration blob, Guacamole +can also be configured with user or connection group KSM configuration, which +will pull additional secrets _only_ when not already available. If a secret can +be pulled using the `ksm-config` global KSM config, it will always be used. +Failing that, if a secret is available using the connection grop config, that +value will be used. Only when neither the global or containing connection group +KSM configs define a secret will the user KSM config be used. Note also that +user KSM configs will be disabled unless ``ksm-allow-user-config` is set to true. + +These KSM config values can be set directly in the webapp, on the connection Review Comment: I think things are clear without screenshots, but we should probably add inline links to the documentation covering the "Preferences" screen and the connection group editor. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@guacamole.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
