On Sun, Nov 19, 2023 at 4:41 PM Benjamin Marty
wrote:
> Hello
>
> Currently, I'm using Guacamole with LDAP. This has the great
> advantage, that users which exist in the Active Directory can be
> authenticated over LDAP and afterward can use the same "shared"
> connection. The "shared"
Hello
Currently, I'm using Guacamole with LDAP. This has the great
advantage, that users which exist in the Active Directory can be
authenticated over LDAP and afterward can use the same "shared"
connection. The "shared" connection is of the Protocol RDP and
Username ${GUAC_USERNAME} and Password
Hi Nick,
makes sense and worked out for the user part. Just got a generic error when
creating group /Platform Administrators. Group is listed afterwards but I
cannot open or edit the group. Instead I am directed to the screen after login
for choosing a vm to connect to.
Is there any
On Mon, Jan 18, 2021 at 12:56 PM Fabian Schrödter
wrote:
> Hi everyone,
> I started enjoying Guacamole as part of some studies and tried integrating
> OpenID Connect (using Keycloak) within Kubernetes. Before OpenID Connect,
> everything works like a charm. Since configuring OpenID Connect I am
Hi everyone,
I started enjoying Guacamole as part of some studies and tried integrating
OpenID Connect (using Keycloak) within Kubernetes. Before OpenID Connect,
everything works like a charm. Since configuring OpenID Connect I am struggling
a little, gaining admin access for configuring
Hi everyone,
I started enjoying Guacamole as part of some studies and tried integrating
OpenID Connect (using Keycloak) within Kubernetes. Before OpenID Connect,
everything works like a charm. Since configuring OpenID Connect I am struggling
a little, gaining admin access for configuring
Hello Mike,
Totally agreeing with Nick, this is a demand I expressed some weeks ago :-)
However, would it be possible to have it on 0.9.1.4 ?
That is my only missing to be close to perfection :-)
Brgrds
> On Thu, Dec 13, 2018, 22:36 B3r3n
>> > On Thu, Dec 13, 2018 at 11:14 AM B3r3n wrote:
>>
On Thu, Dec 13, 2018 at 10:38 PM B3r3n wrote:
> Hello Nick,
>
> >>
> >> The path forward to implement that for OpenID is fairly clear - it
> >> would just need to be done. I don't know what would need to be done
> >> for the generic header authentication, where there's no standard
> >> defining
On Thu, Dec 13, 2018, 22:36 B3r3n > On Thu, Dec 13, 2018 at 11:14 AM B3r3n wrote:
> >>
> >> Hello Mike,
> >>
> >> Well noted, I will test that ASAP.
> >>
> >
> > Thanks, B3r3n.
> >
> >> However, since I moved using header auth, I would like to try achieving
> it.
> >> My only issue is with the
Hello Nick,
>>
>> The path forward to implement that for OpenID is fairly clear - it
>> would just need to be done. I don't know what would need to be done
>> for the generic header authentication, where there's no standard
>> defining how logout should be signaled to the IDP.
>>
>
> For the
> On Thu, Dec 13, 2018 at 11:14 AM B3r3n wrote:
>>
>> Hello Mike,
>>
>> Well noted, I will test that ASAP.
>>
>
> Thanks, B3r3n.
>
>> However, since I moved using header auth, I would like to try achieving it.
>> My only issue is with the logout feature of Guacamole.
>>
>> Apparently it sends a
>
> The path forward to implement that for OpenID is fairly clear - it
> would just need to be done. I don't know what would need to be done
> for the generic header authentication, where there's no standard
> defining how logout should be signaled to the IDP.
>
For the header module, we could
On Thu, Dec 13, 2018 at 11:14 AM B3r3n wrote:
>
> Hello Mike,
>
> Well noted, I will test that ASAP.
>
Thanks, B3r3n.
> However, since I moved using header auth, I would like to try achieving it.
> My only issue is with the logout feature of Guacamole.
>
> Apparently it sends a DELETE
Hello Mike,
Well noted, I will test that ASAP.
However, since I moved using header auth, I would like to try achieving it.
My only issue is with the logout feature of Guacamole.
Apparently it sends a DELETE /guacamole/api/tokens/token_id. I
intended to change it to another GET /url logging
On Thu, Dec 6, 2018 at 12:26 AM Mike Jumper wrote:
> On Thu, Dec 6, 2018 at 12:13 AM B3r3n wrote:
>
>> Hello Mike,
>>
>> Ok well noted.
>>
>> What about my assumptions related to # in URL ?
>> Even recognized by Guacamole, if tomcat or Apache in front dont relay it,
>> this
>> will not be
On Thu, Dec 6, 2018 at 12:13 AM B3r3n wrote:
> Hello Mike,
>
> Ok well noted.
>
> What about my assumptions related to # in URL ?
> Even recognized by Guacamole, if tomcat or Apache in front dont relay it,
> this
> will not be received/used by Guacamole.
The AngularJS side of the web
Hello Mike,
Ok well noted.
What about my assumptions related to # in URL ?
Even recognized by Guacamole, if tomcat or Apache in front dont relay it, this
will not be received/used by Guacamole.
The fact remains, if this can help, Guacamole works greatly via Apache OIDC
auth then Guacamole
On Tue, Dec 4, 2018 at 11:59 PM B3r3n wrote:
> ...
> > ...
> >> I am puzzled with the fact Guacamole claims the
> >> user-mapping.xml file, as well as the fact it
> >> bound the fileauth provider. To me that is useless since openid is
> here…
> >>
> >
> > The "user-mapping.xml" authentication
tacauth.mydomain.tld/oxauth/restv1/jwksopenid-issuer>:
https://tacauth.mydomain.tld
>> openid-client-id:
>> @!EC70.5976.0EF8.1E8D!0001!C6E7.8D34!0008!A650.4304.641D.350F
>> openid-redirect-uri: https://tacos.mydomain.tld/guacamole/
>> openid-username-claim-type: preferred
restv1/jwksopenid-issuer>:
> https://tacauth.mydomain.tld
> openid-client-id:
> @!EC70.5976.0EF8.1E8D!0001!C6E7.8D34!0008!A650.4304.641D.350F
> openid-redirect-uri: https://tacos.mydomain.tld/guacamole/
> openid-username-claim-type: preferred_username
> openid-scope: openid pro
main.tld/oxauth/restv1/authorize
openid-jwks-endpoint: https://tacauth.mydomain.tld/oxauth/restv1/jwks
openid-issuer: https://tacauth.mydomain.tld
openid-client-id: @!EC70.5976.0EF8.1E8D!0001!C6E7.8D34!0008!A650.4304.641D.350F
openid-redirect-uri: https://tacos.mydomain.tld/guacamole/
openid-username-
On Fri, Nov 30, 2018, 10:39 B3r3n Hello Mike,
>
>
> At 18:37 30/11/2018, Mike Jumper wrote:
> >On Wed, Nov 21, 2018 at 1:41 AM B3r3n wrote:
> > >
> > > Burping the whole session, I found some infos. It seems Guacamole
> considers
> > > invalid credentials:
> > > {"message":"Invalid
Hello Mike,
At 18:37 30/11/2018, Mike Jumper wrote:
On Wed, Nov 21, 2018 at 1:41 AM B3r3n wrote:
>
> Burping the whole session, I found some infos. It seems Guacamole considers
> invalid credentials:
> {"message":"Invalid login.","translatableMessage":{"key":"Invalid
>
On Wed, Nov 21, 2018 at 1:41 AM B3r3n wrote:
>
> Burping the whole session, I found some infos. It seems Guacamole considers
> invalid credentials:
> {"message":"Invalid login.","translatableMessage":{"key":"Invalid
>
On Tue, Nov 20, 2018 at 11:59 PM B3r3n wrote:
>
> Hello guys,
>
> I implemented Guacamole into my organisation and it works greatly.
> However, it suffers missing Web proxying.
>
> To solve that, I would like to implement a SSO organised infrastructure based
> on below:
>
> - OIDC Server (Gluu
Hello guys,
I implemented Guacamole into my organisation and it works greatly.
However, it suffers missing Web proxying.
To solve that, I would like to implement a SSO organised infrastructure based
on below:
- OIDC Server (Gluu for this PoC)
- Guacamole authenticating on it
- Apache Rproxy
26 matches
Mail list logo