Ok Michael.
I will take it on account for future releases.
Thanks a lot for your support.
-Gabriel
De: Michael Jumper
Enviado el: miércoles, 26 de abril de 2023 11:42 p. m.
Para: user@guacamole.apache.org
Asunto: Re: Change to the way of authenticating provided by Guacamole
On Wed, Apr 26,
On Wed, Apr 26, 2023, 6:30 PM Nick Couchman wrote:
> On Sat, Apr 22, 2023 at 8:09 PM Gabriel Huerta Araujo
> wrote:
> >
> > Thanks a lot Michael and Nick for your valuable help.
> >
> >
> >
> > I found out that I was doing something wrong. The Tacacs authentication
> provider jar was made with
On Sat, Apr 22, 2023 at 8:09 PM Gabriel Huerta Araujo
wrote:
>
> Thanks a lot Michael and Nick for your valuable help.
>
>
>
> I found out that I was doing something wrong. The Tacacs authentication
> provider jar was made with Guacamole version 0.9.14 and I was doing my tests
> with Guacamole
Thanks a lot Michael and Nick for your valuable help.
I found out that I was doing something wrong. The Tacacs authentication
provider jar was made with Guacamole version 0.9.14 and I was doing my tests
with Guacamole version 1.4.0. I got a new version of Guacamole (1.4.0) and
added the Tacacs
There's a lot here you can probably get rid of, unless you truly need
dependency injection via Guice for some other purpose.
Why are you checking the username using indexOf()?
- Mike
On Wed, Apr 19, 2023, 9:29 PM Gabriel Huerta Araujo
wrote:
> This is class which authenticates, there is just
This is class which authenticates, there is just one method just like you
estipulate:
public class TacacsAuthenticationProvider extends
AbstractAuthenticationProvider {
private static final String MYSQLAuthenticationProviderString = "mysql";
/**
* Logger for this class.
*/
How can I get all AuthenticationProviders installed into Guacamole? To be
consulted from Tacacs Authentication Provider code?
-Gabriel
De: Gabriel Huerta Araujo
Enviado el: miércoles, 19 de abril de 2023 08:56 a. m.
Para: user@guacamole.apache.org
Asunto: RE: Change to the way of authenticating
Ok Michael
With incorrect change, Active Sessions are shown. With correct implementation
not are shown.
How can I solve this issue?
-Gabriel
De: Michael Jumper
Enviado el: martes, 18 de abril de 2023 09:29 p. m.
Para: user@guacamole.apache.org
Asunto: Re: Change to the way of authenticating
On Tue, Apr 18, 2023, 6:23 PM Gabriel Huerta Araujo
wrote:
> ...
>
> It was like this
>
> @Override
>
> public UserContext getUserContext(AuthenticatedUser authenticatedUser)
>
> throws GuacamoleException {
>
> // No associated data whatsoever
>
>return null;
Thanks a lot Michael for your complete explanation.
This implementation to getUserContext method was missing
It was like this
@Override
public UserContext getUserContext(AuthenticatedUser authenticatedUser)
throws GuacamoleException {
// No associated data
Guacamole will poll every installed AuthenticationProvider. I can't speak
to how your extension is written, but there are three phases that Guacamole
goes through when you visit the application and attempt to authenticate:
1. Authentication: All installed extensions are asked to attempt to
In fact web application goes through every Authentication provider, but it does
not enter when arrives to Tacacs Authentication Provider (it is previous to
MySql), just enter to MySql Authentication provider (which is last in
Authentication Providers list).
Any idea how to force to enter into
Nick
How can I make Tacacs authentication be executed? Because as Tacacs and DB
password is the same, application goes for DB authentication.
-Gabriel
-Mensaje original-
De: Nick Couchman
Enviado el: domingo, 16 de abril de 2023 02:03 p. m.
Para: user@guacamole.apache.org
Asunto: Re:
Thanks a lot, Nick.
It works. There is left pending a way to make a massive update of the Database
accounts so that their password is the same as that of Tacacs.
I will take care of it.
-Gabriel
-Mensaje original-
De: Nick Couchman
Enviado el: domingo, 16 de abril de 2023 02:03 p.
On Sat, Apr 15, 2023 at 9:17 PM Gabriel Huerta Araujo
wrote:
>
> I did a test and It does not work
>
> I put mysql-auto-create-accounts (guacamole properties) with true value.
>
> In fact Tacacs user is same to DB user, but why when I enter with DB user and
> its password as is saved in this
With previous file sent gives errors. With this one, I can enter into web
application and with Tacacs password I do not see Active Sessions, I just see
them with user and DB password. (user is same for Tacacs and DB)
-Gavriel
-Mensaje original-
De: Nick Couchman
Enviado el: sábado,
I did a test and It does not work
I put mysql-auto-create-accounts (guacamole properties) with true value.
In fact Tacacs user is same to DB user, but why when I enter with DB user and
its password as is saved in this repository, I can see Active Sessions?
-Gabriel
-Mensaje original-
Ok
Tacacs user and DB user is same. I am going to check JDBC user auto-creation
feature
Thanks Nick
-Gabriel
-Mensaje original-
De: Nick Couchman
Enviado el: sábado, 15 de abril de 2023 06:56 p. m.
Para: user@guacamole.apache.org
Asunto: Re: Change to the way of authenticating
On Sat, Apr 15, 2023 at 8:27 PM Gabriel Huerta Araujo
wrote:
>
> Ok Nick
>
> Then what I need to do in order to see Active Sessions when I enter with
> Tacacs authentication?
There's nothing you need to do in your Java code to enable this. You
only need to make sure that the user you're logging
Ok Nick
Then what I need to do in order to see Active Sessions when I enter with Tacacs
authentication?
I have attached all Java files I have included into a new jar file.
Just to mention I do not add tacacs-auth-header parameter into
guacamole.properties, because I do no think it is needed.
On Fri, Apr 14, 2023 at 9:38 PM Gabriel Huerta Araujo
wrote:
>
> I hope to make my be understood.
>
> I want to validate Tacacs password into Guacamole application, just to meet
> this authentication, once this is done AuthenticatedUser variable be replaced
> with original password to be able
I hope to make my be understood.
I want to validate Tacacs password into Guacamole application, just to meet
this authentication, once this is done AuthenticatedUser variable be replaced
with original password to be able to see Active Sessions, because they are not
visualized with Tacacs
On Fri, Apr 14, 2023 at 8:44 PM Gabriel Huerta Araujo
wrote:
>
> As an option, but I would prefer second option, read original DB password and
> when Tacacs password validation passes, update into UserAuthenticated, the DB
> password.
>
Yes, but I don't understand why you want the password
As an option, but I would prefer second option, read original DB password and
when Tacacs password validation passes, update into UserAuthenticated, the DB
password.
-Gabriel
-Mensaje original-
De: Nick Couchman
Enviado el: viernes, 14 de abril de 2023 06:39 p. m.
Para:
On Wed, Apr 12, 2023 at 6:14 PM Gabriel Huerta Araujo
wrote:
>
> Nick:
>
> I think you have misunderstood me. I intended to update the Tacacs password
> once this is validated and after that be replaced in the MySQL database,
> previously validating that the Tacacs password has not been saved
Or how can I get access to get method from MySQLInjectorProvider instance?
-Gabriel
-Mensaje original-
De: Gabriel Huerta Araujo
Enviado el: viernes, 14 de abril de 2023 05:52 p. m.
Para: user@guacamole.apache.org
Asunto: RE: Change to the way of authenticating provided by Guacamole
Hi
Hi all, i hope not disturbing.
I created some methods. I showed you part of AuthenticationProviderService
class, in order to get some guide.
@Inject
private UserMapper userMapper;
@Inject
private Provider userProvider;
private ModeledUser
Nick:
I think you have misunderstood me. I intended to update the Tacacs password
once this is validated and after that be replaced in the MySQL database,
previously validating that the Tacacs password has not been saved in the MySQL
database. Or another possibility is getting user name, get
On Wed, Apr 12, 2023 at 4:08 PM Gabriel Huerta Araujo
wrote:
>
> Hi all
>
> If I update MySQL password saved, replacing it by Tacacs password, is
> automatically application updated to see Active Sessions?
No - in fact, if you do this, you will likely be authenticated by the
MySQL module and
Hi all
If I update MySQL password saved, replacing it by Tacacs password, is
automatically application updated to see Active Sessions?
-Gabriel
-Mensaje original-
De: Gabriel Huerta Araujo
Enviado el: martes, 11 de abril de 2023 06:49 p. m.
Para: user@guacamole.apache.org
Asunto: RE:
I didn´t realize a problem with new Tacacs authentication.
When I enter with a user registered into Tacacs, Active session tab is not
presented with its active sessions (It just appears a gear working).
When I enter with a user registered into DB MySQL, Active session tab, presents
its
Finally I found error related to Tacacs authentication provider. Thanks a lot
for your valuable support, Nick. I appreciate it.
This is the solution to this matter (It is the condition that is commented)
/**
* Returns an AuthenticatedUser representing the user authenticated by the
Thanks a lot Nick, I was not available. I will follow your suggestions.
-Gabriel
-Mensaje original-
De: Nick Couchman
Enviado el: sábado, 1 de abril de 2023 01:14 p. m.
Para: user@guacamole.apache.org
Asunto: Re: Change to the way of authenticating provided by Guacamole
On Sat, Apr 1,
On Sat, Apr 1, 2023 at 3:01 PM Gabriel Huerta Araujo
wrote:
>
> I am running guacamole in a Linux box. By an IDE with a debugger: ¿A
> reference to configure Guacamole into Windows?
>
There's no reason to switch to Windows - there are plenty of good IDEs
with debuggers for Linux. Like NetBeans:
I am running guacamole in a Linux box. By an IDE with a debugger: ¿A reference
to configure Guacamole into Windows?
-Gabriel
De: Gabriel Huerta Araujo
Enviado el: sábado, 1 de abril de 2023 11:45 a. m.
Para: user@guacamole.apache.org
Asunto: RE: Change to the way of authenticating provided by
Ok, Michael:
But how can I enable debug-level logging?
I did below changes to logging properties (I uncommented all FINE commented)
and I do not see any error which guides me to a solution.
# cat /etc/tomcat9/logging.properties
# Licensed to the Apache Software Foundation (ASF) under one or
On Sat, Apr 1, 2023, 12:21 AM Gabriel Huerta Araujo
wrote:
> I did what log told me to do: “*set "skip-if-unavailable: tacacs" within
> your guacamole.properties”*
>
>
>
> And now when I enter to give my credentials, it works. But how can I do to
> eliminate “The "tacacs" authentication provider
I did what log told me to do: “set "skip-if-unavailable: tacacs" within your
guacamole.properties”
And now when I enter to give my credentials, it works. But how can I do to
eliminate “The "tacacs" authentication provider has been skipped due to an
internal error. If this is unexpected or you
Hi Nick, sorry for not appearing by this place... I was busy with other
projects.
I have included the jar to validate Tacacs authentication:
[2023-04-01 01:05:59] [info] 01:05:59.560 [main] INFO
o.a.g.extension.ExtensionModule - Extension "MySQL Authentication" (mysql)
loaded.
[2023-04-01
Ok Nick:
Thanks a lot for your valuable help. I appreciate it.
I will check it.
-Gabriel
-Mensaje original-
De: Nick Couchman
Enviado el: miércoles, 15 de marzo de 2023 08:49 a. m.
Para: user@guacamole.apache.org
Asunto: Re: Change to the way of authenticating provided by Guacamole
On Tue, Mar 14, 2023 at 7:36 PM Gabriel Huerta Araujo
wrote:
>
> I found class SharedAuthenticationProviderService, which has below
> method(authenticateUser). It receives credentials of Credentials type. Below
> is its definition:
>
> @Override
> public AuthenticatedUser
I found class SharedAuthenticationProviderService, which has below
method(authenticateUser). It receives credentials of Credentials type. Below is
its definition:
@Override
public AuthenticatedUser authenticateUser(AuthenticationProvider
authenticationProvider,
Credentials
Here me again.
One question:
How can I have a fully functional authentication provider instead of parsing
the guacamole.properties configuration file, and taking such information from a
database (MySQL) and only the authentication can be done with the invocation of
the Tacacs script through
On Mon, Mar 13, 2023 at 1:26 PM Gabriel Huerta Araujo
wrote:
>
> Hi Michael
>
>
>
> Organization uses a Perl script which uses Tacacs as a way to be
> authenticaded. This tool is used to measure user productivity, each time they
> attend a problem accesing to a server through Guacamole. And the
Hi Michael
Organization uses a Perl script which uses Tacacs as a way to be authenticaded.
This tool is used to measure user productivity, each time they attend a problem
accesing to a server through Guacamole. And the way Guacamole authenticates is
different.
I hope I have made myself
What do you mean by "the [authentication] proposed by the Guacamole
solution" and "the authentication process ... used by the organization"?
- Mike
On Mon, Mar 13, 2023, 10:17 AM Gabriel Huerta Araujo
wrote:
> Hi all
>
>
>
> I have a request
>
> Which components (java, js, html files) should I
46 matches
Mail list logo