I thought I was reasonably proficient with Apache web server but I
discovered it won't do what I want.
I solved the issue with mod_suphp verses mod_authnz_external. I
had compiled the entire server statically, I did this because I have a
machine with a large amount of RAM (256GB)
Robert,
Just in case it helps; the connecting IP and login attempts are
typically recorded in the Tomcat log. An example here is from a test
Ubuntu 22.04 with Tomcat 9, the logfile is located at
/var/log/tomcat9/catalina.out and you'll see I've tried twice, once with
incorrect p/w, then the r
The site handles approximately half a million hits per day. I've
been offering Linux shell access since 1992, and prior to that SunOS and
SCO Xenix, so I'm familiar with the security issues. The servers are
all individually firewalled and fail2ban watches for password brute
force hacki
Thanks Robert, FWIW I was responding to your earlier post which said:
"If I can figure out how to get tomcat to pass the IP to guacamole so
when someone logs into a server via guacamole it correctly logs the
originator IP and failed logins that will work also but I am utterly
unfamiliar with t
I have considered LDAP, just the scope of converting so many
machines is more than a little intimidating for one person. I do not
have a staff, just me.
I am trying to create one of two scenarios:
1) A customer using guacamole can login to it with the same
credentials he us
Robert,
Sorry if you already answered this and I missed the answer, but did
you verify that you've configured the Remote IP Valve in Tomcat, as
documented in the Proxying chapter of the manual? This should give you
the correct iP in Guacamole:
https://guacamole.apache.org/doc/gug/reverse-proxy.htm