Hi.
I was wondering if there is any way possible to pass a username to pre-fill the username field at login page.
My usage idea is: I'm using nginx with client certificates as pre-authentication, and I'd like to use the UserPrincipalName from the client certificate to present the user, guacamole's login page with its name already filled and move focus to the password field, so that the user with a certificate will only need to type the password to enter a session.
Optionally, I'd like to make it possible to "lock" the username field (Mandatory from username passed from nginx ).
I tried the using "https://guacserver.example/#/Whatever245qrgq3yeqreg?username=johndoe&password=wrong"; style using a wrong password to see if the username gets filled, but it doesn't.
As for the nginx part, if anyone is interested, here's my reference: https://clouddocs.f5.com/training/community/nginx/html/class3/module1/module17.html. It uses njs module.
Then, I modified njs' subject_alternative.js to return only the UPN from the client certificate.
I was thinking something like "https://guacserver.example/#/Whatever245qrgq3yeqreg?PREFILL_USERNAME=name_from_njs_san&PREFILL_LOCK=yes"; to get the desired behavior ( I still have to play around with nginx rewrite url to make sure the end user won't be able to modify the PREFILL_USERNAME and PREFILL_LOCK arguments ).
I don't know java and angular, but I have some experience with C/perl/php/python/js and general scripting ( I usually write code when I really need to, I'm not a programmer/developer ).
I'm willing to accept the challenge to create an extension for this feature, but I have no idea where to start. I wonder if I should look at something like guacamole-auth-quickconnect or guacamole-auth-header as reference. Any hints?
Thanks! - Mauricio Silveira --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
