On Fri, Mar 22, 2019 at 8:54 AM Will Payne <[email protected]> wrote: > > There's no way within Guacamole, itself, to "simulate" user > > permissions for a particular/unknown user. With the header > > authentication module, though, it should be pretty easy to set up a > > simulation environment - you can set up the module, then configure > > your reverse proxy with some simple authentication that lets you put > > in any number of users and see what happens as you authenticate with > > each of them. > > > Thanks. That's a pain. >
You're welcome to file a JIRA request for such a feature. I've seen other pieces of software (Owncloud/Nextcloud come to mind) that have the ability to simulate a particular user, and I don't think it would be terribly difficult to come up with something like that for Guacamole, it just needs a feature request and then someone to work on it :-). > > We do have an LDAP directory of users (but not passwords so the auth > needs handling elsewhere). Is it possible to use the LDAP user/group > info in conjunction with HTTP header auth? > > Well, maybe - it depends. User groups are new in Guacamole 1.0.0, and there will be some tweaks to them in 1.1.0 to correct a couple of bugs and also address some confusion in the way it is implemented. I suspect in 1.0.0 it will not work as you'd like it to. Where are you storing connections? I assume JDBC? -Nick
