[ https://issues.apache.org/jira/browse/GUACAMOLE-362?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16128994#comment-16128994 ]
Nick Couchman commented on GUACAMOLE-362: ----------------------------------------- PR 183 submitted. > CAS authentication and ClearPass > -------------------------------- > > Key: GUACAMOLE-362 > URL: https://issues.apache.org/jira/browse/GUACAMOLE-362 > Project: Guacamole > Issue Type: Improvement > Components: guacamole-auth-cas > Affects Versions: 0.9.13-incubating > Reporter: Nicklas Björk > Assignee: Nick Couchman > Priority: Minor > > Because of the nature of logging in with CAS, Guacamole does not know the > user password. That means that automatic login using the ${GUAC_USERNAME} and > ${GUAC_PASSWORD} tokens can not be used. It actually seems like the tokens > are not available at all when using CAS as authentication method. > For the brave, CAS offers a functionality called ClearPass to deliver the > password in an encrypted message to the requesting service > (https://apereo.github.io/cas/5.1.x/integration/ClearPass.html). That could > be a way to populate ${GUAC_PASSWORD}, as long as username and password is > being used to authenticate the user in CAS. If the tokens are being used in a > connection profile, but isn't populated, I guess it would make sense to fall > back to manual login. -- This message was sent by Atlassian JIRA (v6.4.14#64029)