guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Couchman <vn...@apache.org>
Subject Re: HTTP head auth user setup
Date Fri, 22 Mar 2019 14:50:48 GMT
On Fri, Mar 22, 2019 at 10:45 AM Will Payne <will@mugwump.net> wrote:

> On 2019-03-22 12:59, Nick Couchman wrote:
>
> > You're welcome to file a JIRA request for such a feature.
>
> Oh, I don't particularly care about simulating what a specific or
> unknown user would see - that's easy enough to test. I meant that it's a
> pain that you can't *set* what a pre-authenticated but undefined user
> will see. But yes, maybe I should file a request for *that* feature :)
>

Ah, yes - I think with user groups permissions like that became a bit
easier, because you can set the permissions for the group.  But I had also
thought about trying to implement some sort of "default permission"
configuration that would allow assigning permissions ahead of time to users
that aren't already defined.  I'm not sure that would necessarily make
sense today, because you have to explicitly create either users or groups
in the JDBC module before you can actually assign permissions to them.
With one of the changes underway, however, to auto-create JDBC users when
they are successfully authenticated elsewhere, this may make more sense.


>
> Am guessing adding LDAP into the mix is the only way forward.. Is there
> any rough expected date for 1.1.0? Not sure I want to battle to get it
> working just for the way it's implemented to change.
>

Soon-ish, hopefully.  Unfortunately the big blocker on it is getting
FreeRDP 2.0 support into the code, which is somewhat of a mountain of a
task.  Mike is knee-deep (or maybe neck-deep these days) in that.  Once
that gets completed, reviewed, and pushed through, the remaining changes
are reasonably light-weight and should be able to get reviewed relatively
quickly.


>
> I suppose the only other option at the moment is to revert to 0.9.14 and
> use the noauth extension.. At least that way I can easily, I assume, get
> everyone seeing the connections.
>
> > This is usually due to browser cache issues
>
> Ah - yep, I redeployed 1.0.0 and, after a bit of a kick, the browser
> shows the correct form headings.
>

There's a JIRA issue out there for this, too - there are ways to "version"
the static components such that they'll get refreshed when the version
changes, but it hasn't been implemented, yet.

-Nick

Mime
View raw message