guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Couchman <vn...@apache.org>
Subject Re: More Fun
Date Sat, 02 Mar 2019 14:03:25 GMT
On Sat, Mar 2, 2019 at 4:15 AM Robert Dinse <nanook@eskimo.com> wrote:

>
>       I tried to use Zer0CoolX's branding.jar extension but it did not
> work as
> intended.  It did not change the text at all and the logo was very low
> contrast
> and smaller than the actual image he used.  When I tried to substitute my
> own
> logo it did not display at all.
>

You'll have to be a little more explicit about what you tried, and
preferably provide the code you're using (Github is your friend).

As an aside, this has been asked enough on the mailing lists that I've
opened up a JIRA issue to add some documentation to the Guacamole Manual on
the branding process.  I'll take a stab at documenting it within the manual.

https://issues.apache.org/jira/browse/GUACAMOLE-747


>
>       So far sound is not working either with vnc / pulseaudio (and I did
> make
> the recommended changes to pulse audio conf and the catalina.out log is
> showing it connecting to the pulseaudio server, but still no sound, and
> also tried with rdp using Xrdp as the server, no sound there either.
>

I need to give this a shot, too - I've done it before, but it's been a
while, so worth taking another look.  Just haven't had a chance, yet.


>
>       It would be nice if there were a way to disable the teardown session
> function in the home page as I'm using a common login for multiple users
> because authentication is either done by ssh or xdmcp on the server.  I'd
> really like to disable the login as well and just have it login as said
> user.
>

We (the project) have resisted (re-)implementing an authentication
extension that doesn't actually authenticate.  There actually used to be
one (noauth) and it was deprecated in 0.9.14 and removed completely in
1.0.0.  Within Guacamole Client, *some* form of authentication should be
done - bypassing authentication entirely really isn't a good idea.  I'm
definitely sympathetic to your situation, though - I've been there in the
past, where I had Guacamole authenticating with different credentials than
RDP sessions that users were logging into, and I didn't like having my
users required to enter credentials twice.  However, there should be some
middle ground - some means by which to authenticate users coming into
Guacamole without requiring them to enter credentials twice.  You could do
some sort of certificate-based authentication with the web server (httpd or
nginx) and then use the header module to pass through the authentication to
Guacamole?  Not something I've ever actually tried, but I'm just thinking
out loud.  Obviously that requires maintaining and distributing
certificates, which is its own challenge, but might be preferable to
bothering users with multiple credential requirements.

-Nick

Mime
View raw message