v1.1.0 OpenID and RDP connection password

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

v1.1.0 OpenID and RDP connection password

Ghost_Knight
Greetings,

I currently have my guacamole client v1.1.0 configured to point to Keycloak
using the OIDC configuration options.  This is causing my login information to
be passed through Keycloak instead of the Guacamole Client login page.
Because of this the GUAC_PASSWORD parameter is never populated because it
was never actually input through Guacamole itself.

I am trying to put a user prompt in the UI to have them input their password
when clicking an 'rdp' protocol connection.  Currently I have a prompt hook in
ManagedClient.js that sends the password to the TokenRESTService and calls:

final Credentials credentials = authenticatedUser.getCredentials();
credentials.setPassword(password);
// Should call update user credentials  (private method in authService)
authenticationService.authenticate(credentials, token); 

My connection parameters are setup to use ${GUAC_USERNAME} and ${GUAC_PASSWORD} but the above code doesn't seem to update ${GUAC_PASSWORD} or the current
sessions Authenticated User object.

My two main questions are:
1) Is there a configuration option that I am missing that covers this use case? 
2) What step am I missing to have the java services update ${GUAC_PASSWORD} properly?

Any help would be appreciated!
Reply | Threaded
Open this post in threaded view
|

Re: v1.1.0 OpenID and RDP connection password

Salatiel Filho
Were you able to make it work ?

Atenciosamente/Kind regards,
Salatiel

On Tue, Apr 21, 2020 at 6:26 PM Tim Worcester
<[hidden email]> wrote:

>
> Greetings,
>
> I currently have my guacamole client v1.1.0 configured to point to Keycloak
> using the OIDC configuration options.  This is causing my login information to
> be passed through Keycloak instead of the Guacamole Client login page.
> Because of this the GUAC_PASSWORD parameter is never populated because it
> was never actually input through Guacamole itself.
>
> I am trying to put a user prompt in the UI to have them input their password
> when clicking an 'rdp' protocol connection.  Currently I have a prompt hook in
> ManagedClient.js that sends the password to the TokenRESTService and calls:
>
> final Credentials credentials = authenticatedUser.getCredentials();
> credentials.setPassword(password);
> // Should call update user credentials  (private method in authService)
> authenticationService.authenticate(credentials, token);
>
> My connection parameters are setup to use ${GUAC_USERNAME} and ${GUAC_PASSWORD} but the above code doesn't seem to update ${GUAC_PASSWORD} or the current
> sessions Authenticated User object.
>
> My two main questions are:
> 1) Is there a configuration option that I am missing that covers this use case?
> 2) What step am I missing to have the java services update ${GUAC_PASSWORD} properly?
>
> Any help would be appreciated!

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: v1.1.0 OpenID and RDP connection password

Ghost_Knight
I did preliminary testing on Nicks changes for this MR: https://github.com/apache/guacamole-client/pull/430 and it works.

Just gotta wait for the official release! :)

On Fri, Jun 12, 2020 at 9:18 AM Salatiel Filho <[hidden email]> wrote:
Were you able to make it work ?

Atenciosamente/Kind regards,
Salatiel

On Tue, Apr 21, 2020 at 6:26 PM Tim Worcester
<[hidden email]> wrote:
>
> Greetings,
>
> I currently have my guacamole client v1.1.0 configured to point to Keycloak
> using the OIDC configuration options.  This is causing my login information to
> be passed through Keycloak instead of the Guacamole Client login page.
> Because of this the GUAC_PASSWORD parameter is never populated because it
> was never actually input through Guacamole itself.
>
> I am trying to put a user prompt in the UI to have them input their password
> when clicking an 'rdp' protocol connection.  Currently I have a prompt hook in
> ManagedClient.js that sends the password to the TokenRESTService and calls:
>
> final Credentials credentials = authenticatedUser.getCredentials();
> credentials.setPassword(password);
> // Should call update user credentials  (private method in authService)
> authenticationService.authenticate(credentials, token);
>
> My connection parameters are setup to use ${GUAC_USERNAME} and ${GUAC_PASSWORD} but the above code doesn't seem to update ${GUAC_PASSWORD} or the current
> sessions Authenticated User object.
>
> My two main questions are:
> 1) Is there a configuration option that I am missing that covers this use case?
> 2) What step am I missing to have the java services update ${GUAC_PASSWORD} properly?
>
> Any help would be appreciated!

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]