guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Couchman <vn...@apache.org>
Subject Re: How to authenticate the guacamole Webapp using duo authentication
Date Wed, 22 Aug 2018 12:43:34 GMT
On Tue, Aug 21, 2018 at 5:17 PM Rajesh Mohan <Rajesh.Mohan@infosys.com>
wrote:

> Hi Team,
>
>
>
> I am facing an issue were the guacamole MFA authentication were not
> working via the guacamole duo .
>
>
>
> My Requirement is to enable 2-way authentication to take the sessions in
> the apache guacamole .  Using AD Account and post that Duo Verification
> must be done .
>

What version of Guacamole are you using?  Are the Guacamole WAR file and
extensions all the same version, and obtained from the same location/build?


>
>
> But with the below mentioned guacamole properties entries the login was
> successful till AD Authentication but the Duo was not able to pursue .
>
>
>
> Can you please help us what needs to be changed/modified for the proper
> authentication.
>
>
>
> Cat /etc/guacamole/guacamole.properties
>
> guacd-hostname: localhost
>
> guacd-port:    4822
>
>
>
> auth-provider:
> net.sourceforge.guacamole.net.auth.ldap.LDAPAuthenticationProvider
>
> lib-directory:    /etc/guacamole/extensions/
>

Both of these options have been removed and have absolutely no effect on
functionality.


>
>
> # LDAP properties
>
> ldap-hostname:           LDAP-HOSTNAME
>
> ldap-port:               389
>
> ldap-encryption-method:  none
>
> ldap-user-base-dn:      dc=*******,dc=com
>
> ldap-search-bind-dn:
> CN=*******,OU=SPL,OU=Users,OU=DCM,DC=********,DC=com
>
> ldap-search-bind-password:      ********
>
> ldap-username-attribute: uid
>
>
>
> # Guacamole-duo Configuration Properties
>
>
>
> duo-api-hostname: ***********************
>
> duo-integration-key: ***********************
>
> duo-secret-key: ***********************
>
> duo-application-key: ***********************
>
> pushinfo:       yes
>
> autopush:       yes
>

I have no idea what the "pushinfo" and "autopush" options are - unless
you've modified the Duo code yourself to pay attention to these options,
there's no record of them in the Guacamole documentation, so they will have
no effect.

Can you also check the Chrome/Firefox/IE developer console while this is
happening and see if there are any errors in it?

-Nick

>

Mime
View raw message