doc/1.1.0/gug/duo-auth.html - guacamole-website - Git at Google

 <?xml version="1.0" encoding="UTF-8" standalone="no"?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Chapter 8. Duo two-factor authentication</title><link rel="stylesheet" type="text/css" href="gug.css" /><meta name="generator" content="DocBook XSL Stylesheets Vsnapshot" /><link rel="home" href="index.html" title="Guacamole Manual" /><link rel="up" href="users-guide.html" title="Part I. User's Guide" /><link rel="prev" href="ldap-auth.html" title="Chapter 7. LDAP authentication" /><link rel="next" href="totp-auth.html" title="Chapter 9. TOTP two-factor authentication" />
             <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=no, target-densitydpi=device-dpi"/>
         </head><body>
             <!-- CONTENT -->

             <div id="page"><div id="content">
         <div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 8. Duo two-factor authentication</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="ldap-auth.html">Prev</a> </td><th width="60%" align="center">Part I. User's Guide</th><td width="20%" align="right"> <a accesskey="n" href="totp-auth.html">Next</a></td></tr></table><hr /></div><div xml:lang="en" class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a id="duo-auth"></a>Chapter 8. Duo two-factor authentication</h2></div></div></div><div class="toc"><p><strong>Table of Contents</strong></p><dl class="toc"><dt><span class="section"><a href="duo-auth.html#duo-architecture">How Duo works with Guacamole</a></span></dt><dt><span class="section"><a href="duo-auth.html#duo-downloading">Downloading the Duo extension</a></span></dt><dt><span class="section"><a href="duo-auth.html#installing-duo-auth">Installing Duo authentication</a></span></dt><dd><dl><dt><span class="section"><a href="duo-auth.html#idm46420848464400">Adding Guacamole to Duo</a></span></dt><dt><span class="section"><a href="duo-auth.html#guac-duo-config">Configuring Guacamole for Duo</a></span></dt><dt><span class="section"><a href="duo-auth.html#completing-duo-install">Completing the installation</a></span></dt></dl></dd></dl></div><a id="idm46420849461648" class="indexterm"></a><p>Guacamole supports Duo as a second authentication factor, layered on top of any other
         authentication extension, including those available from the main project website. The Duo
         authentication extension allows users to be additionally verified against the Duo service
         before the authentication process is allowed to succeed.</p><div class="important"><h3 class="title">Important</h3><p>This chapter involves modifying the contents of <code class="varname">GUACAMOLE_HOME</code> -
             the Guacamole configuration directory. If you are unsure where
                 <code class="varname">GUACAMOLE_HOME</code> is located on your system, please consult <a class="xref" href="configuring-guacamole.html" title="Chapter 5. Configuring Guacamole">Chapter 5, <em>Configuring Guacamole</em></a> before proceeding.</p></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="duo-architecture"></a>How Duo works with Guacamole</h2></div></div></div><p>Guacamole provides support for Duo as a second authentication factor. To make use of
             the Duo authentication extension, some other authentication mechanism will need be
             configured, as well. When a user attempts to log into Guacamole, other installed
             authentication methods will be queried first:</p><div class="informalfigure"><div class="mediaobject"><img src="images/duo-auth-factor-1.png" width="180" /></div></div><p>Only after authentication has succeeded with one of those methods will Guacamole reach
             out to Duo to obtain additional verification of user identity:</p><div class="informalfigure"><div class="mediaobject"><img src="images/duo-auth-factor-2.png" width="360" /></div></div><p>If both the initial authentication attempt and verification through Duo succeed, the
             user will be allowed in. If either mechanism fails, access to Guacamole is
             denied.</p></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="duo-downloading"></a>Downloading the Duo extension</h2></div></div></div><p>The Duo authentication extension is available separately from the main
                 <code class="filename">guacamole.war</code>. The link for this and all other
             officially-supported and compatible extensions for a particular version of Guacamole are
             provided on the release notes for that version. You can find the release notes for
             current versions of Guacamole here: <a class="link" href="http://guacamole.apache.org/releases/" target="_top">http://guacamole.apache.org/releases/</a>.</p><p>The Duo authentication extension is packaged as a <code class="filename">.tar.gz</code> file
             containing only the extension itself,
                 <code class="filename">guacamole-auth-duo-1.1.0.jar</code>, which must ultimately
             be placed in <code class="filename">GUACAMOLE_HOME/extensions</code>.</p></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="installing-duo-auth"></a>Installing Duo authentication</h2></div></div></div><p>Guacamole extensions are self-contained <code class="filename">.jar</code> files which are
             located within the <code class="filename">GUACAMOLE_HOME/extensions</code> directory. To install
             the Duo authentication extension, you must:</p><div class="procedure"><ol class="procedure" type="1"><li class="step"><p>Create the <code class="filename">GUACAMOLE_HOME/extensions</code> directory, if it
                     does not already exist.</p></li><li class="step"><p>Copy <code class="filename">guacamole-auth-duo-1.1.0.jar</code> within
                         <code class="filename">GUACAMOLE_HOME/extensions</code>.</p></li><li class="step"><p>Configure Guacamole to use Duo authentication, as described below.</p></li></ol></div><div class="important"><h3 class="title">Important</h3><p>You will need to restart Guacamole by restarting your servlet container in order
                 to complete the installation. Doing this will disconnect all active users, so be
                 sure that it is safe to do so prior to attempting installation. If you do not
                 configure the Duo authentication properly, Guacamole will not start up again until
                 the configuration is fixed.</p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="idm46420848464400"></a>Adding Guacamole to Duo</h3></div></div></div><p>Duo does not provide a specific integration option for Guacamole, but Guacamole's
                 Duo extension uses Duo's generic authentication API which they refer to as the "Web
                 SDK". To use Guacamole with Duo, you will need to add it as a new "Web SDK"
                 application from within the "Applications" tab of the admin panel of your Duo
                 account:</p><div class="informalfigure"><div class="mediaobject"><img src="images/duo-add-guacamole.png" width="540" /></div></div><p>Within the settings of the newly-added application, rename the application to
                 something more representative than "Web SDK". This application name is what will be
                 presented to your users when they are prompted by Duo for additional
                 authentication:</p><div class="informalfigure"><div class="mediaobject"><img src="images/duo-rename-guacamole.png" width="540" /></div></div><p>Once you've finished adding Guacamole as an "Web SDK" application, the
                 configuration information required to configure Guacamole is listed within the
                 application's "Details" section. You will need to copy the integration key, secret
                 key, and API hostname - they will later be specified within
                     <code class="filename">guacamole.properties</code>:</p><div class="informalfigure"><div class="mediaobject"><img src="images/duo-copy-details.png" width="540" /></div></div></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="guac-duo-config"></a>Configuring Guacamole for Duo</h3></div></div></div><a id="idm46420849227472" class="indexterm"></a><a id="idm46420849313824" class="indexterm"></a><p>The application-specific configuration information retrieved from Duo must be
                 added to <code class="filename">guacamole.properties</code> to describe how Guacamole should
                 connect to the Duo service:</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"><span class="property">duo-api-hostname</span></span></dt><dd><p>The hostname of the Duo API endpoint to be used to verify user
                             identities. This will usually be in the form
                                     "<code class="uri">api-<em class="replaceable"><code>XXXXXXXX</code></em>.duosecurity.com</code>",
                             where "<em class="replaceable"><code>XXXXXXXX</code></em>" is some arbitrary
                             alphanumeric value assigned by Duo. This value will have been generated
                             by Duo when you added Guacamole as an "Web SDK" application, and can be
                             found within the application details in the "API hostname" field.
                                 <span class="emphasis"><em>This value is required.</em></span></p></dd><dt><span class="term"><span class="property">duo-integration-key</span></span></dt><dd><p>The integration key provided for Guacamole by Duo. This value will
                             have been generated by Duo when you added Guacamole as an "Web SDK"
                             application, and can be found within the application details in the
                             "Integration key" field. <span class="emphasis"><em>This value is required and must be
                                 EXACTLY 20 characters.</em></span></p></dd><dt><span class="term"><span class="property">duo-secret-key</span></span></dt><dd><p>The secret key provided for Guacamole by Duo. This value will have
                             been generated by Duo when you added Guacamole as an "Web SDK"
                             application, and can be found within the application details in the
                             "Secret key" field. <span class="emphasis"><em>This value is required and must be EXACTLY
                                 20 characters.</em></span></p></dd></dl></div><p>In addition to the above, <span class="emphasis"><em>you must also manually generate an
                     "application key"</em></span>. The application key is required by Duo's
                 authentication API, but is not provided by Duo. It is an arbitrary value meant to be
                 unique to each deployment of an application using their API.</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"><span class="property">duo-application-key</span></span></dt><dd><p>An arbitrary, random key which you manually generated for Guacamole.
                                 <span class="emphasis"><em>This value is required and must be AT LEAST 40
                                 characters.</em></span></p></dd></dl></div><p>The application key can be generated with any method as long as it is sufficiently
                 random. There exist utilities which will do this for you, like
                     <span class="command"><strong>pwgen</strong></span>:</p><div class="informalexample"><pre class="screen"><code class="prompt">$</code> <strong class="userinput"><code>pwgen 40 1</code></strong>
 <code class="computeroutput">em1io4zievohneeseiwah0zie2raQuoo2ci5oBoo</code>
 <code class="prompt">$</code></pre></div><p>Alternatively, one quick and fairly portable way to do this is to use the
                     <span class="command"><strong>dd</strong></span> utility to copy random bytes from the secure random device
                     <code class="filename">/dev/random</code>, sending the data through a cryptographic hash
                 tool with a sufficiently-long result, like <span class="command"><strong>sha256sum</strong></span>:</p><div class="informalexample"><pre class="screen"><code class="prompt">$</code> <strong class="userinput"><code>dd if=/dev/random count=1 | sha256sum</code></strong>
 <code class="computeroutput">5d16d6bb86da73e7d1abd3286b21dcf3b3e707532e64ceebc7a008350d0d485d -</code>
 <code class="prompt">$</code></pre></div></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="completing-duo-install"></a>Completing the installation</h3></div></div></div><p>Guacamole will only reread <code class="filename">guacamole.properties</code> and load
                 newly-installed extensions during startup, so your servlet container will need to be
                 restarted before Duo authentication will take effect. Restart your servlet container
                 and give the new authentication a try.</p><p>
                 </p><div class="important"><h3 class="title">Important</h3><p>You only need to restart your servlet container. <span class="emphasis"><em>You do not need
                             to restart <span class="package">guacd</span></em></span>.</p><p><span class="package">guacd</span> is completely independent of the web application
                         and does not deal with <code class="filename">guacamole.properties</code> or the
                         authentication system in any way. Since you are already restarting the
                         servlet container, restarting <span class="package">guacd</span> as well technically
                         won't hurt anything, but doing so is completely pointless.</p></div><p>
             </p><p>If Guacamole does not come back online after restarting your servlet container,
                 check the logs. Problems in the configuration of the Duo extension may prevent
                 Guacamole from starting up, and any such errors will be recorded in the logs of your
                 servlet container.</p></div></div></div><div class="navfooter"><hr /><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="ldap-auth.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="users-guide.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="totp-auth.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter 7. LDAP authentication </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Chapter 9. TOTP two-factor authentication</td></tr></table></div>

             </div></div>
         </body></html>
	<?xml version="1.0" encoding="UTF-8" standalone="no"?>
	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Chapter 8. Duo two-factor authentication</title><link rel="stylesheet" type="text/css" href="gug.css" /><meta name="generator" content="DocBook XSL Stylesheets Vsnapshot" /><link rel="home" href="index.html" title="Guacamole Manual" /><link rel="up" href="users-guide.html" title="Part I. User's Guide" /><link rel="prev" href="ldap-auth.html" title="Chapter 7. LDAP authentication" /><link rel="next" href="totp-auth.html" title="Chapter 9. TOTP two-factor authentication" />
	<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=no, target-densitydpi=device-dpi"/>
	</head><body>
	<!-- CONTENT -->

	<div id="page"><div id="content">
	<div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 8. Duo two-factor authentication</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="ldap-auth.html">Prev</a> </td><th width="60%" align="center">Part I. User's Guide</th><td width="20%" align="right"> <a accesskey="n" href="totp-auth.html">Next</a></td></tr></table><hr /></div><div xml:lang="en" class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a id="duo-auth"></a>Chapter 8. Duo two-factor authentication</h2></div></div></div><div class="toc"><p><strong>Table of Contents</strong></p><dl class="toc"><dt><span class="section"><a href="duo-auth.html#duo-architecture">How Duo works with Guacamole</a></span></dt><dt><span class="section"><a href="duo-auth.html#duo-downloading">Downloading the Duo extension</a></span></dt><dt><span class="section"><a href="duo-auth.html#installing-duo-auth">Installing Duo authentication</a></span></dt><dd><dl><dt><span class="section"><a href="duo-auth.html#idm46420848464400">Adding Guacamole to Duo</a></span></dt><dt><span class="section"><a href="duo-auth.html#guac-duo-config">Configuring Guacamole for Duo</a></span></dt><dt><span class="section"><a href="duo-auth.html#completing-duo-install">Completing the installation</a></span></dt></dl></dd></dl></div><a id="idm46420849461648" class="indexterm"></a><p>Guacamole supports Duo as a second authentication factor, layered on top of any other
	authentication extension, including those available from the main project website. The Duo
	authentication extension allows users to be additionally verified against the Duo service
	before the authentication process is allowed to succeed.</p><div class="important"><h3 class="title">Important</h3><p>This chapter involves modifying the contents of <code class="varname">GUACAMOLE_HOME</code> -
	the Guacamole configuration directory. If you are unsure where
	<code class="varname">GUACAMOLE_HOME</code> is located on your system, please consult <a class="xref" href="configuring-guacamole.html" title="Chapter 5. Configuring Guacamole">Chapter 5, <em>Configuring Guacamole</em></a> before proceeding.</p></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="duo-architecture"></a>How Duo works with Guacamole</h2></div></div></div><p>Guacamole provides support for Duo as a second authentication factor. To make use of
	the Duo authentication extension, some other authentication mechanism will need be
	configured, as well. When a user attempts to log into Guacamole, other installed
	authentication methods will be queried first:</p><div class="informalfigure"><div class="mediaobject"><img src="images/duo-auth-factor-1.png" width="180" /></div></div><p>Only after authentication has succeeded with one of those methods will Guacamole reach
	out to Duo to obtain additional verification of user identity:</p><div class="informalfigure"><div class="mediaobject"><img src="images/duo-auth-factor-2.png" width="360" /></div></div><p>If both the initial authentication attempt and verification through Duo succeed, the
	user will be allowed in. If either mechanism fails, access to Guacamole is
	denied.</p></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="duo-downloading"></a>Downloading the Duo extension</h2></div></div></div><p>The Duo authentication extension is available separately from the main
	<code class="filename">guacamole.war</code>. The link for this and all other
	officially-supported and compatible extensions for a particular version of Guacamole are
	provided on the release notes for that version. You can find the release notes for
	current versions of Guacamole here: <a class="link" href="http://guacamole.apache.org/releases/" target="_top">http://guacamole.apache.org/releases/</a>.</p><p>The Duo authentication extension is packaged as a <code class="filename">.tar.gz</code> file
	containing only the extension itself,
	<code class="filename">guacamole-auth-duo-1.1.0.jar</code>, which must ultimately
	be placed in <code class="filename">GUACAMOLE_HOME/extensions</code>.</p></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="installing-duo-auth"></a>Installing Duo authentication</h2></div></div></div><p>Guacamole extensions are self-contained <code class="filename">.jar</code> files which are
	located within the <code class="filename">GUACAMOLE_HOME/extensions</code> directory. To install
	the Duo authentication extension, you must:</p><div class="procedure"><ol class="procedure" type="1"><li class="step"><p>Create the <code class="filename">GUACAMOLE_HOME/extensions</code> directory, if it
	does not already exist.</p></li><li class="step"><p>Copy <code class="filename">guacamole-auth-duo-1.1.0.jar</code> within
	<code class="filename">GUACAMOLE_HOME/extensions</code>.</p></li><li class="step"><p>Configure Guacamole to use Duo authentication, as described below.</p></li></ol></div><div class="important"><h3 class="title">Important</h3><p>You will need to restart Guacamole by restarting your servlet container in order
	to complete the installation. Doing this will disconnect all active users, so be
	sure that it is safe to do so prior to attempting installation. If you do not
	configure the Duo authentication properly, Guacamole will not start up again until
	the configuration is fixed.</p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="idm46420848464400"></a>Adding Guacamole to Duo</h3></div></div></div><p>Duo does not provide a specific integration option for Guacamole, but Guacamole's
	Duo extension uses Duo's generic authentication API which they refer to as the "Web
	SDK". To use Guacamole with Duo, you will need to add it as a new "Web SDK"
	application from within the "Applications" tab of the admin panel of your Duo
	account:</p><div class="informalfigure"><div class="mediaobject"><img src="images/duo-add-guacamole.png" width="540" /></div></div><p>Within the settings of the newly-added application, rename the application to
	something more representative than "Web SDK". This application name is what will be
	presented to your users when they are prompted by Duo for additional
	authentication:</p><div class="informalfigure"><div class="mediaobject"><img src="images/duo-rename-guacamole.png" width="540" /></div></div><p>Once you've finished adding Guacamole as an "Web SDK" application, the
	configuration information required to configure Guacamole is listed within the
	application's "Details" section. You will need to copy the integration key, secret
	key, and API hostname - they will later be specified within
	<code class="filename">guacamole.properties</code>:</p><div class="informalfigure"><div class="mediaobject"><img src="images/duo-copy-details.png" width="540" /></div></div></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="guac-duo-config"></a>Configuring Guacamole for Duo</h3></div></div></div><a id="idm46420849227472" class="indexterm"></a><a id="idm46420849313824" class="indexterm"></a><p>The application-specific configuration information retrieved from Duo must be
	added to <code class="filename">guacamole.properties</code> to describe how Guacamole should
	connect to the Duo service:</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"><span class="property">duo-api-hostname</span></span></dt><dd><p>The hostname of the Duo API endpoint to be used to verify user
	identities. This will usually be in the form
	"<code class="uri">api-<em class="replaceable"><code>XXXXXXXX</code></em>.duosecurity.com</code>",
	where "<em class="replaceable"><code>XXXXXXXX</code></em>" is some arbitrary
	alphanumeric value assigned by Duo. This value will have been generated
	by Duo when you added Guacamole as an "Web SDK" application, and can be
	found within the application details in the "API hostname" field.
	<span class="emphasis"><em>This value is required.</em></span></p></dd><dt><span class="term"><span class="property">duo-integration-key</span></span></dt><dd><p>The integration key provided for Guacamole by Duo. This value will
	have been generated by Duo when you added Guacamole as an "Web SDK"
	application, and can be found within the application details in the
	"Integration key" field. <span class="emphasis"><em>This value is required and must be
	EXACTLY 20 characters.</em></span></p></dd><dt><span class="term"><span class="property">duo-secret-key</span></span></dt><dd><p>The secret key provided for Guacamole by Duo. This value will have
	been generated by Duo when you added Guacamole as an "Web SDK"
	application, and can be found within the application details in the
	"Secret key" field. <span class="emphasis"><em>This value is required and must be EXACTLY
	20 characters.</em></span></p></dd></dl></div><p>In addition to the above, <span class="emphasis"><em>you must also manually generate an
	"application key"</em></span>. The application key is required by Duo's
	authentication API, but is not provided by Duo. It is an arbitrary value meant to be
	unique to each deployment of an application using their API.</p><div class="variablelist"><dl class="variablelist"><dt><span class="term"><span class="property">duo-application-key</span></span></dt><dd><p>An arbitrary, random key which you manually generated for Guacamole.
	<span class="emphasis"><em>This value is required and must be AT LEAST 40
	characters.</em></span></p></dd></dl></div><p>The application key can be generated with any method as long as it is sufficiently
	random. There exist utilities which will do this for you, like
	<span class="command"><strong>pwgen</strong></span>:</p><div class="informalexample"><pre class="screen"><code class="prompt">$</code> <strong class="userinput"><code>pwgen 40 1</code></strong>
	<code class="computeroutput">em1io4zievohneeseiwah0zie2raQuoo2ci5oBoo</code>
	<code class="prompt">$</code></pre></div><p>Alternatively, one quick and fairly portable way to do this is to use the
	<span class="command"><strong>dd</strong></span> utility to copy random bytes from the secure random device
	<code class="filename">/dev/random</code>, sending the data through a cryptographic hash
	tool with a sufficiently-long result, like <span class="command"><strong>sha256sum</strong></span>:</p><div class="informalexample"><pre class="screen"><code class="prompt">$</code> <strong class="userinput"><code>dd if=/dev/random count=1 \| sha256sum</code></strong>
	<code class="computeroutput">5d16d6bb86da73e7d1abd3286b21dcf3b3e707532e64ceebc7a008350d0d485d -</code>
	<code class="prompt">$</code></pre></div></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="completing-duo-install"></a>Completing the installation</h3></div></div></div><p>Guacamole will only reread <code class="filename">guacamole.properties</code> and load
	newly-installed extensions during startup, so your servlet container will need to be
	restarted before Duo authentication will take effect. Restart your servlet container
	and give the new authentication a try.</p><p>
	</p><div class="important"><h3 class="title">Important</h3><p>You only need to restart your servlet container. <span class="emphasis"><em>You do not need
	to restart <span class="package">guacd</span></em></span>.</p><p><span class="package">guacd</span> is completely independent of the web application
	and does not deal with <code class="filename">guacamole.properties</code> or the
	authentication system in any way. Since you are already restarting the
	servlet container, restarting <span class="package">guacd</span> as well technically
	won't hurt anything, but doing so is completely pointless.</p></div><p>
	</p><p>If Guacamole does not come back online after restarting your servlet container,
	check the logs. Problems in the configuration of the Duo extension may prevent
	Guacamole from starting up, and any such errors will be recorded in the logs of your
	servlet container.</p></div></div></div><div class="navfooter"><hr /><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="ldap-auth.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="users-guide.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="totp-auth.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter 7. LDAP authentication </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Chapter 9. TOTP two-factor authentication</td></tr></table></div>

	</div></div>
	</body></html>