On 5/31/24 11:08 AM, Nick Couchman wrote:
On Fri, May 31, 2024 at 12:58 PM Bruce Ferrell mailto:bferr...@baywinds.org>> wrote:
Do I personally use it? No.
What I do know for fact is that there ARE fortune 500 organizations that DO
use it in the damnedest ways because it's noit just aut
On Fri, 31 May 2024 14:08:37 -0400
Nick Couchman wrote:
> I feel like I should also clarify that I'm not advocating for it to go away
> - I actually think RADIUS is quite a good protocol. As Bruce mentioned,
> it's the original AAA - it's also quite simple and easy to understand and
> implement.
On Fri, May 31, 2024 at 12:58 PM Bruce Ferrell
wrote:
> Do I personally use it? No.
>
> What I do know for fact is that there ARE fortune 500 organizations that
> DO use it in the damnedest ways because it's noit just authentication.
> It's the original AAA;
> Authentication, authorization and A
Do I personally use it? No.
What I do know for fact is that there ARE fortune 500 organizations that DO use it in the damnedest ways because it's noit just authentication. It's the original AAA;
Authentication, authorization and Accounting.
We don't tend not to hear from them because it just
On 5/30/24 2:09 AM, Stephan von Krawczynski wrote:
Hello Jon,
if this project had a simple script hook interface where authentication can be
done by an external script feeded with every possible information needed for
that, then a question like this would not be needed. There would be no need to
Hello Jon,
if this project had a simple script hook interface where authentication can be
done by an external script feeded with every possible information needed for
that, then a question like this would not be needed. There would be no need to
discuss every thinkable authentication method becaus
On Tue, 2024-05-28 at 08:22 -0400, Nick Couchman wrote:
On Tue, May 28, 2024 at 5:11 AM Jon Gerdes
mailto:gerd...@blueloop.net>> wrote:
Dear all
I am trying out various authentication mechanisms on a test box. TOTP
was a doddle to set up with LDAP to an Active Directory LDAP source. I
then moved
On Tue, May 28, 2024 at 5:11 AM Jon Gerdes wrote:
> Dear all
>
> I am trying out various authentication mechanisms on a test box. TOTP
> was a doddle to set up with LDAP to an Active Directory LDAP source. I
> then moved on to RADIUS as a second factor. I am using PrivacyIDEA to
> drive a FreeRA
On Thu, Aug 25, 2022 at 2:25 PM Pavel Kůžel wrote:
>
> Hi Nick,
>
> thank you for pointing me to the logback.xml settings. The debug level of
> logging has revealed the following error:
>
> 20:03:57.517 [http-nio-8080-exec-6] ERROR o.a.g.a.r.RadiusConnectionService -
> Unable to complete authent
Hi Nick,
thank you for pointing me to the logback.xml settings. The debug level of
logging has revealed the following error:
20:03:57.517 [http-nio-8080-exec-6] ERROR o.a.g.a.r.RadiusConnectionService -
Unable to complete authentication.
20:03:57.528 [http-nio-8080-exec-6] DEBUG o.a.g.a.r.Radi
On Thu, Aug 25, 2022 at 2:42 AM Pavel Kůžel wrote:
>
> Hello,
>
> has anybody successfully configured the RADIUS authentication using EAP-TTLS
> on guacamole server? Although I configured EAP-TTLS, when a client's
> authentication should be optional, the RADIUS extension demands radius key
> fi
Dear Mike!
Thank you very much for your help.
It works.
2021-09-23 20:30 időpontban Mike Jumper ezt írta:
On Thu, Sep 23, 2021, 10:50 Erdődi Zoltán
wrote:
Good Day!
How do I assign a connection to a user who is authenticated with a
radius?
[2021-09-23 16:04:13] [info] 16:04:13.139 [http-n
On Thu, Sep 23, 2021, 10:50 Erdődi Zoltán wrote:
> Good Day!
>
> How do I assign a connection to a user who is authenticated with a
> radius?
>
>
> [2021-09-23 16:04:13] [info] 16:04:13.139 [http-nio-8080-exec-1] DEBUG
> o.a.g.r.auth.AuthenticationService - Login was successful for user
> "XYZUSE
Hi,
maybe your /etc/hosts has this address for the FQDN / shortname of your
server ?
Rgds.
Le 07/05/2021 à 11:45, SergeyKh a écrit :
> Hi,
> Is there any way I can change the NAS IPv4 Address: in the guacamole
> radius requests?
> Thats is because it is always NAS IPv4 Address: 127.0.1.1
--
On Fri, May 7, 2021 at 5:45 AM SergeyKh wrote:
> Hi,
> Is there any way I can change the NAS IPv4 Address: in the guacamole
> radius requests?
> Thats is because it is always NAS IPv4 Address: 127.0.1.1
>
At this point, no, but there is a JIRA issue out there, and a pull request,
to change thi
On Sun, Jan 3, 2021 at 4:51 PM michael böhm wrote:
> Hi guys,
>
> I just wanted to inform you that the following change breaks
> RADIUS-authentication when Guacamole runs in Docker:
>
> https://issues.apache.org/jira/browse/GUACAMOLE-1001
>
> In this case, the virtual NAT-ip-adress of the docker-
On Fri, May 8, 2020 at 2:26 PM Erlichman, Zachary
wrote:
> Hello,
>
>
>
> I was searching around and found this question touched on before, but I
> was wondering if its at all possible to auth with radius first and still
> get ldap groups. Or failing that, make it so a guacamole group is either
>
Nick Couchman ha scritto il 17/03/20 alle 21:21:
[...]
Well, you're already recompiling it, so you'll end up with all of it
compiled by JDK8, anyway. You shouldn't have to recompile guacd, but if
you're building the RADIUS module you're most likely building the whole
Guacamole Client.
ok, th
On Mon, Mar 16, 2020 at 6:05 AM Piviul wrote:
> Nick Couchman ha scritto il 14/03/20 alle 22:14:
> > I believe there maybe some known issues out there with Maven + OpenJDK
> > 11 + JavaDoc. I've experienced this myself a few times and never quite
> > tracked down the cause or solution - I usuall
Nick Couchman ha scritto il 14/03/20 alle 22:14:
I believe there maybe some known issues out there with Maven + OpenJDK
11 + JavaDoc. I've experienced this myself a few times and never quite
tracked down the cause or solution - I usually just end up installing
OpenJDK8 and switching over to th
On Fri, Mar 13, 2020 at 10:00 AM Piviul wrote:
> Hi,
> I would like to try to use radius auth but when I compile the module I
> get the following logs:
> > [...]
> > [INFO] BUILD FAILURE
> > [INFO]
>
> > [INFO] Total time:
On Sun, Jan 26, 2020 at 2:34 PM drhy wrote:
> @vnick
>
> I tested 1.1.0 yesterday, including its LDAP and jdbc/MySQL, hence my
> excitement.
>
Great! Thanks for doing testing on the RC1 release! Definitely let us
know if you have any issues.
> By the way, 1.1.0 will be making guacamole into
@vnick
I tested 1.1.0 yesterday, including its LDAP and jdbc/MySQL, hence my
excitement.
By the way, 1.1.0 will be making guacamole into a stunning product.
I also tested the 1.1.0 radius ('cos it triggers our Azure MFA), so it looks
like I'll just have to be a bit patient :-)
You reminded me th
On Sun, Jan 26, 2020 at 5:18 AM drhy wrote:
> Hi,
>
> LDAP with Active Directory and a Guacamole database (eg MySQL) can be
> configured so that no users need to be added to the database. When LDAP
> successfully authenticates a user, it returns the user's Active Directory
> Group names and where
I forgot to mention that we need to use the Radius Provider because it is the
only way available to us to trigger the Azure MFA, which is a required
component of our Windows SSO environment. I suspect that many other Azure
MFA sites are in the same boat.
-David
--
Sent from:
http://apache-guac
Thanks.
Two new JIRA Improvements created:
Radius Provider returns Group - like LDAP Provider
CAS Provider returns Group - like LDAP Provider
--
Sent from:
http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
On Mon, May 6, 2019 at 20:51 drhy wrote:
> Definitely only a wish to add to the list.
This should probably go into our JIRA instance as an improvement or feature
request.
>
> It would reduce admin for those of us who use Radius for authentication
> against a Directory (in our case Microsoft A
On Mon, Apr 8, 2019 at 1:00 AM Kamal Ezzaki wrote:
> i have a problem in connection between guacamole an radius using
> chap,mschapv1,mschapv2 connection .
> with this error in the log :
> [http-bio-8080-exec-6] ERROR o.a.g.a.r.RadiusConnectionService - No such
> RADIUS algorithm: MD4 MessageDige
the error :
localhost server: log4j:WARN No appenders could be found for logger
(net.jradius.log.Log4JRadiusLogger).
Apr 4 12:00:04 localhost server: log4j:WARN Please initialize the log4j
system properly.
Apr 4 12:00:04 localhost server: 12:00:04.446 [http-bio-8080-exec-10]
ERROR o.a.g.a.r.Radiu
how can i change the version , im trying to install
openjdk java-1.8.0-openjdk-1.8.0.191.b12-1.el7_6.x86_64 and he gives
me 1.8.0_201
the seem problem after i changed the version.
i change the version of openjdk
i restart tomcat
the problem still existe
should i repreduce the radius extension ?
On Wed, Apr 3, 2019 at 9:46 AM Kamal Ezzaki wrote:
> Okay , happy to help you just this one time . i m gonna try to change the
> version to 1.8.0_191 thank you for you help
>
Great, looking forwarding your testing results!
-Nick
Okay , happy to help you just this one time . i m gonna try to change the
version to 1.8.0_191 thank you for you help
On Wed, Apr 3, 2019 at 9:34 AM Kamal Ezzaki wrote:
> yes i think that's you are right , the probleme is the java version i have
> another server running guacamole and the authentification passed with
> mschapv2, chap , pap .. . and it running openjdk version "1.8.0_191"but
> in the other serv
yes i think that's you are right , the probleme is the java version i have
another server running guacamole and the authentification passed with
mschapv2, chap , pap .. . and it running openjdk version "1.8.0_191"but
in the other server that's i have this error the version is "1.8.0_201" .
is t
On Wed, Apr 3, 2019 at 4:58 AM Kamal Ezzaki wrote:
> hello is anyone know why i have this error in my log file
> :
> *ERROR o.a.g.a.r.RadiusConnectionService - No such RADIUS algorithm: MD4
> MessageDigest not available*
>
>
Interesting. Seems this isn't the only project to encounter that:
http
i have already run this commande to built the extension *mvn clean package
-Plgpl-extensions * and copy the radius jar to my extension folder but with
the seem error
it's working with pap authentification but mschap,chap,mschapv2 no it's
give me the seem error , any Help please
it's working now thanks.
but i have a quetion when i scan the bare code with freeOTP it's give me
the 6 digit number and after i enter them , an error message displayed
Verification failed. Please try again.
Yes, I pretty much agree with everything you said, and your
screenshot/mock-up definitely would be my my preference. :) You'd be
surprised how many professional, college educated people I deal with that
are confused by input boxes with placeholder text. If it doesn't have
something simple like use
On Sat, Mar 30, 2019 at 12:02 PM Not Speedy wrote:
> since you are opening a jira on the parsing, please consider making this
> field editable via en.json.
>
Adding more knobs shouldn't be the default approach to solving an issue.
Setting that aside and assuming this would be a desirable configu
since you are opening a jira on the parsing, please consider making this
field editable via en.json.
I understand your reason for making this display the response, but there
are some cases in which that it would be nice to simply or remove the txt
(some people are easily confused by input boxes wi
On Sat, Mar 30, 2019 at 01:27 Mike Jumper wrote:
>
>>> I'm not sure that it could be changed as implemented - basically it just
>> copies the text provided by the RADIUS server in the Challenge part of the
>> Challenge/Response as a way to be flexible about what the RADIUS server may
>> be asking
On Fri, Mar 29, 2019, 18:36 Nick Couchman wrote:
> On Fri, Mar 29, 2019 at 3:54 PM Not Speedy wrote:
>
>> no problem. I'm grateful for all the help! On more issue, is there a way
>> to change or remove whats populated in the input field? I'd like to change
>> the "reply-message = please enter
On Fri, Mar 29, 2019 at 3:54 PM Not Speedy wrote:
> no problem. I'm grateful for all the help! On more issue, is there a way
> to change or remove whats populated in the input field? I'd like to change
> the "reply-message = please enter otp:" to be blank or something simple
> like "Token"
> Th
no problem. I'm grateful for all the help! On more issue, is there a way
to change or remove whats populated in the input field? I'd like to change
the "reply-message = please enter otp:" to be blank or something simple
like "Token"
Thanks again
[image: image.png]
On Fri, Mar 29, 2019 at 12:21
On Fri, Mar 29, 2019 at 11:52 AM Not Speedy wrote:
> figured it out. I had to change the extension order, putting the radius
> extension before the MySQL one.
>
>
Sorry for the lack of response, but glad you figured it out. There is a
JIRA issue open for modifying the way credential exceptions
figured it out. I had to change the extension order, putting the radius
extension before the MySQL one.
On Tue, Apr 17, 2018 at 7:08 AM, Nick Couchman wrote:
> On Tue, Apr 17, 2018 at 12:15 AM, Mike Jumper
> wrote:
>
>> On Mon, Apr 16, 2018 at 7:27 PM, Fertig, Brian
>> wrote:
>>
>>> Mike,
>>>
>>>
>>>
>>> Once again you and your team are awesome!
>>>
>>
>> Thanks, but to be clear: Apache Guacamo
On Tue, Apr 17, 2018 at 12:15 AM, Mike Jumper
wrote:
> On Mon, Apr 16, 2018 at 7:27 PM, Fertig, Brian
> wrote:
>
>> Mike,
>>
>>
>>
>> Once again you and your team are awesome!
>>
>
> Thanks, but to be clear: Apache Guacamole is developed by a community, not
> by any individual's team.
>
> So I
On Mon, Apr 16, 2018 at 7:27 PM, Fertig, Brian
wrote:
> Mike,
>
>
>
> Once again you and your team are awesome!
>
Thanks, but to be clear: Apache Guacamole is developed by a community, not
by any individual's team.
So I have mysql then failover to radius setup for authentication. By
> leavin
know that radius will be
authenticating them?
Brian
From: Mike Jumper [mailto:mike.jum...@guac-dev.org]
Sent: Monday, April 16, 2018 10:01 PM
To: user@guacamole.apache.org
Subject: Re: Radius
On Mon, Apr 16, 2018, 17:04 Fertig, Brian
mailto:brian.fer...@philips.com>> wrote:
Gents,
On Mon, Apr 16, 2018, 17:04 Fertig, Brian wrote:
> Gents,
>
>
>
> So after some fooling around I got the radius auth with 2factor and
> mysql auth working the way I want. Thanks for this project it so far
> rocks! So couple questions is there a way to have the users cached from
> radius in th
53 matches
Mail list logo
