On Mon, Jun 13, 2022 at 12:40 PM Rick . <rille_p...@hotmail.com> wrote:
> > Thanks to you too. So seems like user-mapping.xml is out and maybe json is > back in then.. If I should avoid touching the properties file and > overriding the GUACAMOLE_HOME to stay away from unpredictable things. What > would be the steps to in my case enable json authentification? Like what > would be the environment variable I should add in the compose to get the > desired result? No need to copy the guacamole-auth-json-1.4.0.jar file > anywhere? Perhaps somehow using its location in the container as an > environment variable as well? > In version 1.4.0 of the Docker image, providing the environment variable JSON_SECRET_KEY will automatically load the JSON extension in the Docker image and put the entry in the guacamole.properties file. There's another environment variable - JSON_TRUSTED_NETWORKS - that can also be specified and will result in the proper entry in guacamole.properties. I'm not sure how familiar you are with the JSON extension and how it works - it isn't just a JSON file on the filesystem - the extension allows you to pass JSON data in via a HTTP POST request to the Guacamole API , which contains a user who has been authenticated by an outside system, along with all of the connections that user should see in Guacamole Client. Also, this request must be properly signed, using the secret key, as documented in the manual. https://guacamole.apache.org/doc/gug/json-auth.html -Nick
