From user-return-3420-archive-asf-public=cust-asf.ponee.io@guacamole.apache.org Sun Mar 4 00:46:57 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 6C71A180654 for ; Sun, 4 Mar 2018 00:46:57 +0100 (CET) Received: (qmail 35662 invoked by uid 500); 3 Mar 2018 23:46:56 -0000 Mailing-List: contact user-help@guacamole.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@guacamole.apache.org Delivered-To: mailing list user@guacamole.apache.org Received: (qmail 35652 invoked by uid 99); 3 Mar 2018 23:46:56 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 03 Mar 2018 23:46:56 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id EEB23C2168 for ; Sat, 3 Mar 2018 23:46:55 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 1.979 X-Spam-Level: * X-Spam-Status: No, score=1.979 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=2, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=disabled Authentication-Results: spamd1-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=guac-dev-org.20150623.gappssmtp.com Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id 4VBnWfY9yZxG for ; Sat, 3 Mar 2018 23:46:54 +0000 (UTC) Received: from mail-qt0-f177.google.com (mail-qt0-f177.google.com [209.85.216.177]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS id E535B5F181 for ; Sat, 3 Mar 2018 23:46:53 +0000 (UTC) Received: by mail-qt0-f177.google.com with SMTP id v90so16312972qte.12 for ; Sat, 03 Mar 2018 15:46:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=guac-dev-org.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=ny6OTmPjEz1ZzUpv0zq3zQD1VIykws7xV4+r8WO/2VY=; b=z0CmRt2YnEQhVNhhGH5NU/ZbI2wFruYBRosH3bWUkNmBKuOIEStQqfm6z/xUbokmzO zmFN29awph3l0iNsn7fyOYSjkKCnv4bKFxwi93SWQtBUGhrEkRP5suMrM8AxrJzVt7tu +FXJ3gIDSQLliYj2/PTy/G0Az3umlxpO9IUi4mMe8EZVGdE1Kjx05ytyx04NFK9oEerx F8iPC8wC/zJeKXuyuBYlngfuDIEZrwoSsB6EAVaMXlTEm/IOFCr7ngw+u9cWmvw2DcMp itKp385FD6/69aQZC7JSJ4sMc8KGStCzV51uQZ3MpMooRJNvl9PBajwW/mEiAzFsxYmP 6q6w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=ny6OTmPjEz1ZzUpv0zq3zQD1VIykws7xV4+r8WO/2VY=; b=sBTfCI0OttiGcySjyBbMXDezmHVvnZlXC6rqoknOSMUNFPthStRbi/vVwqJ6kmEqr1 ffMpfmTEuSbHj5NuuovZP8cpqNvasDhNe2rRT2DnAT34AvNwkep/fJyunIO/aSOHHVgE TkVZsqOT8gV1QFED01fOpuUOude/ZxvRpqOAs9cn7wEsAza3QKCaf7jjIhwInnzMLYWo LkzB9DfoohEEbYCJhurhVAxlHtCW95EWK2yCq0f87ahjIjpuSis9EdYQGsY2fpeNM/KP S7qVrR2pb1i2wjueEWbhIxlp1mF5nxCFc57rGdVNK8pOZv7ayGbg6nWweJd4RmXAe8Jc 2HMw== X-Gm-Message-State: AElRT7FXuysg6unQvjWU3lR1VkChR2c9oSJtBjBRH86/7XON3CsyRnT1 cMDQMDTakScedE8EqIv6YXW/dOh49pDo2CgjmTN5tA== X-Google-Smtp-Source: AG47ELvwCHzWBj8TKstgYAogDYbUAt8uO4qJOs5IkaO/diIDDevSSfW3RKB9IBxwLMK31IDJCntEhaIhJdAMMlxkL1U= X-Received: by 10.200.56.61 with SMTP id q58mr15746290qtb.313.1520120807399; Sat, 03 Mar 2018 15:46:47 -0800 (PST) MIME-Version: 1.0 Received: by 10.200.7.76 with HTTP; Sat, 3 Mar 2018 15:46:06 -0800 (PST) X-Originating-IP: [73.15.226.52] In-Reply-To: <024901d3b339$c998abd0$5cca0370$@lindenberg.one> References: <013b01d3b0a1$2d516a90$87f43fb0$@lindenberg.one> <024901d3b339$c998abd0$5cca0370$@lindenberg.one> From: Mike Jumper Date: Sat, 3 Mar 2018 15:46:06 -0800 Message-ID: Subject: Re: Authentication mechanism.. Was: New user questions... To: user@guacamole.apache.org Content-Type: multipart/alternative; boundary="001a11377c10bdb7fb05668ab471" --001a11377c10bdb7fb05668ab471 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Sat, Mar 3, 2018 at 1:51 PM, Joachim Lindenberg wrote: > Hi all, > > I made a proof of concept and implemented my own authentication extension= . > I am however struggling with > > (1) Changes of guacamole.properties (where I put some settings using a > prefix hyperv.*) are not picked up until I restart tomcat. I=C2=B4d appre= ciate > if changes would be monitored or picked up at login like is for > user-mapping.xml. Or am I mislead? > guacamole.properties is cached after the first time it is read. Extension-specific files, like user-mapping.xml (which is used by a built-in extension), are governed only by how the extension was written. The reason that user-mapping.xml is automatically reread upon modification is because the underlying built-in extension is written to do so. You can do this for your extension, too, of course - define your own configuration file which is read from within GUACAMOLE_HOME, and re-read if changed. (2) I need a json parser. Looks like there is none exposed by tomcat8 or > guacamole. I had to copy a json implemention into my jar, which does not > look like a good solution to me. Is there a way to refer to a standard js= on > implementation? > I believe Guacamole bundles Jackson, so you might be able to use that, however you are indeed expected to bundle your own dependencies. Extensions are loaded within their own child classloaders with this in mind. (3) It is still unclear to me what configuration changes I can/should > support, and how to best trigger restore of VMs. One approach I am > experimenting with is to subclass GuacamoleConfiguration and =E2=80=9Cmon= itor=E2=80=9D > whether parameters are accessed and then as a side effect trigger restore= . > However the unpleasant aspect is that I=C2=B4d also have to cache credent= ials of > the user then. Any better approach? > Can you clarify what you mean here? What do you mean by "restore" in the context of VMs, and why are you trying to trigger this as a side effect? Can you describe what you're trying to achieve at a high level - based on the overall goal, rather than the specifics of your current implementation? - Mike --001a11377c10bdb7fb05668ab471 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On S= at, Mar 3, 2018 at 1:51 PM, Joachim Lindenberg <joachim@lindenberg.on= e> wrote:

Hi all,=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0

I made a proof of concept and implemented my own authentica= tion extension. I am however struggling with

(1)=C2= =A0=C2=A0=C2=A0 C= hanges of guacamole.properties (where I put some settings using a prefix hy= perv.*) are not picked up until I restart tomcat. I=C2=B4d appreciate if ch= anges would be monitored or picked up at login like is for user-mapping.xml= . Or am I mislead?


g= uacamole.properties is cached after the first time it is read. Extension-sp= ecific files, like user-mapping.xml (which is used by a built-in extension)= , are governed only by how the extension was written. The reason that user-= mapping.xml is automatically reread upon modification is because the underl= ying built-in extension is written to do so. You can do this for your exten= sion, too, of course - define your own configuration file which is read fro= m within GUACAMOLE_HOME, and re-read if changed.

<= /p>

(2)=C2=A0=C2=A0=C2=A0 I need a json parser. Looks like there is none exposed by tomcat8 or= guacamole. I had to copy a json implemention into my jar, which does not l= ook like a good solution to me. Is there a way to refer to a standard json = implementation?


I be= lieve Guacamole bundles Jackson, so you might be able to use that, however = you are indeed expected to bundle your own dependencies. Extensions are loa= ded within their own child classloaders with this in mind.

(3)=C2=A0=C2=A0=C2=A0 It is still unclear to me what configuration changes I can= /should support, and how to best trigger restore of VMs. One approach I am = experimenting with is to subclass GuacamoleConfiguration and =E2=80=9Cmonit= or=E2=80=9D whether parameters are accessed and then as a side effect trigg= er restore. However the unpleasant aspect is that I=C2=B4d also have to cac= he credentials of the user then. Any better approach?


Can you clarify what you mean here? What = do you mean by "restore" in the context of VMs, and why are you t= rying to trigger this as a side effect? Can you describe what you're tr= ying to achieve at a high level - based on the overall goal, rather than th= e specifics of your current implementation?

- Mike=

--001a11377c10bdb7fb05668ab471--