Configure Guacamole MySQL Database Authentication

Last Updated:

In this tutorial, you will learn how to configure Guacamole MySQL database authentication. Guacamole supports various authentication mechanisms including database authentication via MySQL, PostgreSQL, or SQL Server databases.

Configure MySQL Database Authentication on Guacamole

If you want to install Guacamole on Linux, see our various guides on installation of Apache Guacamole.

Install MySQL or MariaDB database.

You can install MySQL or MariaDB database preferably on the same system where Guacamole is running.

You can check our various guides on installing MySQL/MariaDB database.

Create Guacamole Database and Database User

Login to your database system and create Guacamole database and database user (names used are not standard, hence feel free to change them, and of course the password);

mysql -u root -p
create database guacd;
create user guacd_admin@localhost identified by 'ChangeME';

Grant SELECTUPDATEINSERT, and DELETE rights on Guacamole database tables to Guacamole database user;

grant SELECT,UPDATE,INSERT,DELETE on guacd.* to guacd_admin@localhost;

Reload privilege tables;

flush privileges;

Install Guacamole database authentication extension

Download the Guacamole database authentication extension that matches your current version of Guacamole from the releases page.


The tarball comes with extensions for PostgreSQL, MySQL as well as SQL servers. Thus, extract only the MySQL extension;

tar xzf guacamole-auth-jdbc-${VER}.tar.gz guacamole-auth-jdbc-${VER}/mysql

Copy the Guacamole extension (.jar) file to GUACAMOLE_HOME/extensions directory;

cp guacamole-auth-jdbc-${VER}/mysql/guacamole-auth-jdbc-mysql-1.4.0.jar /etc/guacamole/extensions/

Next, Import Guacamole MySQL database schema (001-create-schema.sql and 002-create-admin-user.sql) into the Guacamole database created above;

mysql -u root -p guacd < guacamole-auth-jdbc-${VER}/mysql/schema/001-create-schema.sql
mysql -u root -p guacd < guacamole-auth-jdbc-${VER}/mysql/schema/002-create-admin-user.sql

Install MySQL JDBC connector in the Guacamole lib directory;

tar xzf mysql-connector-java-8.0.28.tar.gz
cp mysql-connector-java-8.0.28/mysql-connector-java-8.0.28.jar /etc/guacamole/lib/

Configure Apache Guacamole MySQL Database Authentication

Next, configure Guacamole for database authentication by defining the following, at the very least, in the file.

  • Database hostname
  • database name
  • database user and password
cat >> /etc/guacamole/ << EOL
mysql-hostname: localhost
mysql-database: guacd
mysql-username: guacd_admin
mysql-password: ChangeME

Guacamole can support multiple authentications methods. For example, you can use basic authentication alongside other authentication methods such as LDAP, database…

For example, in my setup, I am using both basic authentication and database authentication;

cat /etc/guacamole/
guacd-hostname: localhost
guacd-port:     4822
user-mapping:   /etc/guacamole/user-mapping.xml
mysql-hostname: localhost
mysql-database: guacd
mysql-username: guacd_admin
mysql-password: ChangeME

There are other database account control settings. Refer to documentation.

Verify Guacamole Database Authentication

You can now restart your serverlet (Tomcat service) and login to Guacamole to test the database authentication;

systemctl restart tomcat9

The default Guacamole database authentication credentials are:

  • Username: guacadmin
  • Password: guacadmin

Login page;

Configure Guacamole MySQL Database Authentication

Guacamole Settings;

Configure Guacamole MySQL Database Authentication

You can now create a new user, make it administrator and remove the default guacadmin user.

Add Connections

Under Connections tab, click New connections

  • Set the connection details;
  • Set the Network connection parameters;
  • Define the authentication details etc.
  • Save
Configure Guacamole MySQL Database Authentication

And that is it on how to configure Apache Guacamole MySQL database authentication.

Read more on Documentation page.

Configure Guacamole SSL/TLS with Nginx Reverse Proxy

How to Enable RDP/SSH File Transfer Over Guacamole


We're passionate about sharing our knowledge and experiences with you through our blog. If you appreciate our efforts, consider buying us a virtual coffee. Your support keeps us motivated and enables us to continually improve, ensuring that we can provide you with the best content possible. Thank you for being a coffee-fueled champion of our work!

Photo of author
Co-founder of, Linux Tips and Tutorials. Linux/Unix admin and author at

Leave a Comment