Nicklas Björk created GUACAMOLE-362:
---------------------------------------
Summary: CAS authentication and ClearPass
Key: GUACAMOLE-362
URL: https://issues.apache.org/jira/browse/GUACAMOLE-362
Project: Guacamole
Issue Type: Improvement
Components: guacamole-auth-cas
Affects Versions: 0.9.13-incubating
Reporter: Nicklas Björk
Priority: Minor
Because of the nature of logging in with CAS, Guacamole does not know the user
password. That means that automatic login using the ${GUAC_USERNAME} and
${GUAC_PASSWORD} tokens can not be used. It actually seems like the tokens are
not available at all when using CAS as authentication method.
For the brave, CAS offers a functionality called ClearPass to deliver the
password in an encrypted message to the requesting service
(https://apereo.github.io/cas/5.1.x/integration/ClearPass.html). That could be
a way to populate ${GUAC_PASSWORD}, as long as username and password is being
used to authenticate the user in CAS. If the tokens are being used in a
connection profile, but isn't populated, I guess it would make sense to fall
back to manual login.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
