guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Couchman <vn...@apache.org>
Subject Re: API Session Token
Date Sat, 16 Feb 2019 00:51:27 GMT
On Fri, Feb 15, 2019 at 18:33 sciUser <shulbert@securitycentric.net> wrote:

> Hello,
>
> With out using LDAP how would I get the user session token ?
> I like to not pass username and passwords in the URL but use the token to
> log them in.


No matter what extension you're using for authentication the way to obtain
a token is to POST to the /guacamole/api/tokens endpoint a form with the
username and password fields.  This is completely independent of what
authentication mechanism backs Guacamole.


>
> Also I changed the URL pointer on NGINX from /guacamole/ to /lab/ do I need
> to change  proxy_cookie_path* /guacamole/ /guacamole/*; to /bal /lab/;  as
> well?
>

As of 1.0.0 I believe Guacamole client is completely cookie-free, so you
shouldn't have to use that option.  However, why not just deploy the WAR
file as lab.war, in which case the path within Tomcat will match Nginx and
you won't have to worry about the rewriting.

-Nick

Mime
View raw message