guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Azad <p...@thissolution.com>
Subject Docker using guacamole-auth-json for authentication
Date Sun, 16 Apr 2017 11:13:49 GMT
Hi

I have been trying out Guacamole on docker, originally to play with it on my laptop, but now
I am thinking of using it instead of our linux VM.

I got Docker with postgres working by following Craig  Gibb's post:

docker run --name docker-postgres -e POSTGRES_PASSWORD=PASSWORD_HERE -d postgres


docker run --rm glyptodon/guacamole /opt/guacamole/bin/initdb.sh --postgres > initdb.sql


docker run -it --link docker-postgres:postgres --rm postgres sh -c 'exec psql -h "$POSTGRES_PORT_5432_TCP_ADDR"
-p "$POSTGRES_PORT_5432_TCP_PORT" -U postgres'


  # Enter your postgresql password from line 5


  CREATE DATABASE guacamole_db;


  \q


cat initdb.sql | docker run -i --link docker-postgres:postgres --rm postgres sh -c 'export
PGPASSWORD="PASSWORD_HERE"; exec psql -h "$POSTGRES_PORT_5432_TCP_ADDR" -p "$POSTGRES_PORT_5432_TCP_PORT"
-U postgres -d guacamole_db'


docker run --name docker-guacd -d glyptodon/guacd


docker run --name docker-guacamole --link docker-guacd:guacd \


    --link docker-postgres:postgres      \


    -e POSTGRES_DATABASE=guacamole_db  \


    -e POSTGRES_USER=postgres    \


    -e POSTGRES_PASSWORD=PASSWORD_HERE \


    -d -p 8080:8080 glyptodon/guacamole


Now I wanted to use it without a DB authentication, but to use the guacamole-auth-json. Reading
the end of http://guacamole.incubator.apache.org/doc/gug/guacamole-docker.html<https://contactmonkey.com/api/v1/tracker?cm_session=d4671a34-5d6c-4fec-9fbb-7bd79302e444&cm_type=link&cm_link=7903c5b3-0a36-45c8-9c2a-ea878a5e8402&cm_destination=http://guacamole.incubator.apache.org/doc/gug/guacamole-docker.html>
 I created a folder on my laptop called guacamole, and put the guacamole.properties file in
there. I also created an extenstions folder and copied our theme and the auth jar files in
there. My guacamole.properties file is the one from my Linux VM:

json-secret-key:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX



I then started the docker container:

docker run --name docker-guacamole4 --link docker-guacd:guacd -v D:\guacamole:/etc/guacamole
-e GUACAMOLE_HOME=/etc/guacamole -d -p 8080:8080 guacamole/guacamole

But when i check if its running its not. When I do a docker logs, I see this:

FATAL: No authentication configured
-------------------------------------------------------------------------------
The Guacamole Docker container needs at least one authentication mechanism in
order to function, such as a MySQL database, PostgreSQL database, or LDAP
directory.  Please specify at least the MYSQL_DATABASE or POSTGRES_DATABASE
environment variables, or check Guacamole's Docker documentation regarding
configuring LDAP.


I then put the postgres lines back in there:
docker run --name docker-guacamole4 --link docker-guacd:guacd --link docker-postgres:postgres
 -v D:\guacamole:/etc/guacamole -e GUACAMOLE_HOME=/etc/guacamole -e POSTGRES_DATABASE=guacamole_db
-e POSTGRES_USER=<USERNAME> -e POSTGRES_PASSWORD=<PASSWORD> -d -p 8080:8080 guacamole/guacamole

It now starts up, and looking at the events I can see that both authentication modules are
loading:

10:24:22.638 [localhost-startStop-1] INFO  o.a.g.extension.ExtensionModule - Extension "PostgreSQL
Authentication" loaded.
10:24:22.897 [localhost-startStop-1] INFO  o.a.g.extension.ExtensionModule - Extension "Encrypted
JSON Authentication" loaded.


When I jump into the container I can see that my guacamole.properties file is also loading:

docker exec -it guacamole0912 /bin/bash
root@216eda9ea9c3:/usr/local/tomcat# cat /root/.guacamole/guacamole.properties
json-secret-key:XXXXXXXXXXXX
#json-trusted-networks: 10.253.0.0/16,192.168.10.0/24,192.168.9.0/24
guacd-hostname: 172.17.0.2
guacd-port: 4822
postgresql-hostname: 172.17.0.3
postgresql-port: 5432
postgresql-database: guacamole_db
postgresql-username: <USERNAME>
postgresql-password: <PASSWORD>


but when I try and post my encoded json to the API, I get this:
{"message":"Invalid login","translatableMessage":{"key":"Invalid login","variables":null},"statusCode":null,"expected":[{"name":"username","type":"USERNAME"},{"name":"password","type":"PASSWORD"}],"type":"INVALID_CREDENTIALS"}


Getting the same issue with 0.9.11 & 0.9.12.


Thanks



Mime
View raw message