guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Couchman <vn...@apache.org>
Subject Re: HTTP header authentication not working. Infomation missing
Date Fri, 17 Nov 2017 16:15:57 GMT
On Fri, Nov 17, 2017 at 10:29 AM, Masood <masoodhussain10@gmail.com> wrote:

> I am trying to add HTTP header auth extension into guacamole. I have
> followed
> all the instructions from the chapter 9 of Manual. The jar file is in the
> extension folder, but I don't see any new loaded extension in syslog. I
> have
> not added any new property to the guacamole.properties. As it is optional
>
> I am using Tomcat 7. Do I need to change some properties in Tomcat to allow
> HTTP headers?
>
> Also, I don't understand the following line in manual "If your
> authentication system uses a different HTTP header" I don't have any
> authentication system. Do I need to install it? Is it in Tomcat or 3rd
> party
> application.
>

You need to configure your web server - either Tomcat or your reverse proxy
web server, if you're proxying it through nginx or httpd, for example - to
do HTTP authentication.  You can find configuration examples for BASIC
authentication in the following document - item #5:

http://archive.oreilly.com/pub/a/java/archive/tomcat-tips.html

If you're proxying Guacamole through Apache httpd, you'd do something like
this in your configuration:

<Location /guacamole>
   ...
    AuthType basic
    AuthName "Basic Authentication"
    AuthBasicProvider file
    AuthUserFile /etc/httpd/guacamole.users
    Require valid-user
</Location>

By default Apache will set the REMOTE_USER header during authentication,
which should be passed through to Tomcat and accessible by Guacamole.
Nginx has similar options:

https://www.nginx.com/resources/admin-guide/restricting-access-auth-basic/

-Nick

Mime
View raw message