Merge 1.0.0 changes back to master.
diff --git a/src/chapters/configuring.xml b/src/chapters/configuring.xml
index 58287ae..d81b5ed 100644
--- a/src/chapters/configuring.xml
+++ b/src/chapters/configuring.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
-<chapter xml:id="configuring-guacamole"
+<chapter xml:id="configuring-guacamole"
xmlns="http://docbook.org/ns/docbook" version="5.0" xml:lang="en"
xmlns:xi="http://www.w3.org/2001/XInclude">
@@ -328,7 +328,7 @@
located at <filename>GUACAMOLE_HOME/user-mapping.xml</filename>. An example of a
user mapping file is included with Guacamole, and looks something like this:</para>
<programlisting><user-mapping>
-
+
<!-- Per-user authentication and config information -->
<authorize username="USERNAME" password="PASSWORD">
<protocol>vnc</protocol>
@@ -339,7 +339,7 @@
<!-- Another user, but using md5 to hash the password
(example below uses the md5 hash of "PASSWORD") -->
- <authorize
+ <authorize
username="USERNAME2"
password="319f4d26e3c536b5dd871bb2c52e3178"
encoding="md5">
@@ -1544,7 +1544,7 @@
translated, and you will need to explicitly choose a different layout in your
connection settings. If your keyboard layout is not supported, please notify the
Guacamole team by <link xmlns:xlink="http://www.w3.org/1999/xlink"
- xlink:href="https://glyptodon.org/jira/">opening an issue in
+ xlink:href="https://issues.apache.org/jira/browse/GUACAMOLE">opening an issue in
JIRA</link>.</para>
<informaltable frame="all">
<indexterm>
@@ -2535,10 +2535,10 @@
<row>
<entry><parameter>sftp-server-alive-interval</parameter></entry>
<entry>
- <para>The interval in seconds at which to send keepalive
- packets to the SSH server for the SFTP connection. This
- parameter is optional. If omitted, the default of 0 will be
- used, disabling sending keepalive packets. The minimum
+ <para>The interval in seconds at which to send keepalive
+ packets to the SSH server for the SFTP connection. This
+ parameter is optional. If omitted, the default of 0 will be
+ used, disabling sending keepalive packets. The minimum
value is 2.
</para>
</entry>
@@ -2661,7 +2661,7 @@
<row>
<entry><parameter>disable-offscreen-caching</parameter></entry>
<entry>
- <para><indexterm>
+ <para><indexterm>
<primary>RDP</primary>
<secondary>offscreen bitmap caching</secondary>
</indexterm>RDP normally maintains caches of regions of the screen
@@ -4125,6 +4125,21 @@
time that the connection began.</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>${GUAC_ATTR_<replaceable>CUSTOM_ATTRIBUTE_NAME</replaceable>}</varname></term>
+ <listitem>
+ <para>An attribute value specified on the current Guacamole user.
+ <replaceable>CUSTOM_ATTRIBUTE_NAME</replaceable> is a custom
+ user attribute that may be obtained from any of the authentication
+ modules that implement the feature. There are an arbitrary
+ number of these tokens. If no attributes are specified
+ then this token does not exist.</para>
+ <para>For example, if an attribute name is specified as "mail" then a token would
+ be set as <varname>${GUAC_ATTR_MAIL}</varname> with the value of "mail" in the authentication
+ module that "mail" is specified in. For a practical example, see
+ <property>ldap-user-attributes</property> in <xref linkend="ldap-auth"/>.</para>
+ </listitem>
+ </varlistentry>
</variablelist>
<para>Note that these tokens are replaced dynamically each time a connection is used. If
two different users access the same connection at the same time, both users will be
diff --git a/src/chapters/ldap-auth.xml b/src/chapters/ldap-auth.xml
index 60e34f7..9796676 100644
--- a/src/chapters/ldap-auth.xml
+++ b/src/chapters/ldap-auth.xml
@@ -357,6 +357,32 @@
</listitem>
</varlistentry>
<varlistentry>
+ <term><property>ldap-user-attributes</property></term>
+ <listitem>
+ <para>The attribute or attributes to retrieve from the LDAP directory
+ for the currently logged-in user. These attributes are stored as
+ tokens with the prefix "GUAC_ATTR_" and the name of the attribute appended
+ in uppercase letters. The value of the token is the value of the attribute
+ in the LDAP directory for the currently logged-in user. If the attribute
+ has no value in the LDAP directory then the token is not saved.
+ If the attribute has multiple values in the LDAP directory then the token
+ saves the first value of the attribute. Multiple attributes can be
+ specified here, separated by commas.</para>
+ <para>For example, if <property>ldap-user-attributes</property> is
+ "<systemitem>mail, workstation</systemitem>", then a GUAC_ATTR_MAIL
+ token would be set to the value of the mail attribute in the LDAP directory
+ for the currently logged-in user and a GUAC_ATTR_WORKSTATION token
+ would be set to the value of the workstation attribute similarly,
+ contingent on the fact that the attributes have a value in the LDAP directory.
+ So, the tokens could be used like this:
+ <varname>${GUAC_ATTR_MAIL}</varname> or <varname>${GUAC_ATTR_WORKSTATION}</varname>.
+ If the value of mail in the LDAP directory is "example@email.com" then
+ <varname>${GUAC_ATTR_MAIL}</varname> would have the value "example@email.com".
+ Tokens usage is discussed more in <xref linkend="configuring-guacamole"/> in
+ <xref linkend="parameter-tokens"/>.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
<term><property>ldap-user-search-filter</property></term>
<listitem>
<para>The search filter used to query the LDAP tree for users that
@@ -539,7 +565,7 @@
utility:</para>
<informalexample>
<screen><prompt>$</prompt> <userinput>ldapadd -x -D <replaceable>cn=admin,dc=example,dc=net</replaceable> -W -f <replaceable>example-connection.ldif</replaceable></userinput>
-<computeroutput>Enter LDAP Password:
+<computeroutput>Enter LDAP Password:
adding new entry "cn=Example Connection,ou=groups,dc=example,dc=net"
</computeroutput>
<prompt>$</prompt></screen>
