guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Magnus Lobenhofer <magnus.lobenho...@icloud.com>
Subject Duo two-factor authentication does not work: where's my mistake?
Date Thu, 22 Mar 2018 09:03:07 GMT
Hello everybody,

I am thrilled that the guacamole project exists and was able to successfully install Raspbian
guacamole with tomcat8 on my Raspberry Pi.
Login and remote control work perfectly.

Now I want to use the extension for two-factor authentication (see chapter 8 of the documentation
= https://guacamole.apache.org/doc/gug/duo-auth.html ). As far as I can tell, I have strictly
followed the instructions. Even so, the tomcat server seems to take no notice of the JAR file
guacamole-auth-duo-0.9.14.jar. After the basic login, you will not get the two-factor mask
as expected.

What am I doing wrong?

(I hope I'm right with my question here - otherwise I ask for a hint where to turn!) 


Note: originally the owner of the directory was / etc / guacamole root, in my troubleshooting
I set the owner on tomcat8 because I suspected access problems.
Without effect - neither negative nor positive.

catalina.out also does not report any reference to the named JAR file.


Here comes the file structure with permissions, and afterwards the content of guacamole.properties:

root@raspberrypi:/etc/guacamole# ls -l
-rw-r--r-- 1 tomcat8 root  381 Nov 29  2016 apache.conf
drwxr-xr-x 2 tomcat8 root 4096 M?r 21 12:22 extensions
-rw-r--r-- 1 tomcat8 root 2743 M?r 21 13:20 guacamole.properties
drwxr-xr-x 2 tomcat8 root 4096 M?r 21 14:38 lib
-rw-r--r-- 1 tomcat8 root  115 Nov 26  2016 tomcat.xml
-rw-r----- 1 tomcat8 root 1660 M?r 21 11:41 user-mapping.xml

root@raspberrypi:/etc/guacamole/extensions# ls -l
insgesamt 768
-rw-rw-r-- 1 tomcat8 root 784055 Jan  9 04:19 guacamole-auth-duo-0.9.14.jar

root@raspberrypi:/usr/share/tomcat8# ls -la 
drwxr-xr-x  10 root root 4096 M?r 20 17:17 .
drwxr-xr-x 209 root root 4096 M?r 20 21:31 ..
drwxr-xr-x   2 root root 4096 M?r 20 13:52 bin
drwxr-xr-x   3 root root 4096 M?r 20 16:52 commmon
drwxr-xr-x   3 root root 4096 M?r 20 16:53 common
drwxr-xr-x   2 root root 4096 M?r 20 16:56 conf
-rw-r--r--   1 root root   39 Sep  3  2017 defaults.md5sum
-rw-r--r--   1 root root 1911 Sep  3  2017 defaults.template
lrwxrwxrwx   1 root root   15 M?r 20 17:17 .guacamole -> /etc/guacamole/
drwxr-xr-x   2 root root 4096 M?r 20 13:52 lib
-rw-r--r--   1 root root   53 Sep  3  2017 logrotate.md5sum
-rw-r--r--   1 root root  134 Sep  3  2017 logrotate.template
drwxr-xr-x   3 root root 4096 M?r 20 16:53 server
drwxr-xr-x   3 root root 4096 M?r 20 16:51 shared
drwxr-xr-x   2 root root 4096 M?r 20 16:51 temp



Content of guacamole.properties:

guacd-hostname: localhost
guacd-port:     4822

auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
basic-user-mapping: /etc/guacamole/user-mapping.xml

duo-api-hostname:     api-(from duo com).duosecurity.com
duo-integration-key:     (key from duo.com)
duo-secret-key:     (key from due.com)
duo-application-key:     (key with 40 Characters)



Greetings







Mime
View raw message