[
https://issues.apache.org/jira/browse/GUACAMOLE-103?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16870841#comment-16870841
]
Michael Jumper commented on GUACAMOLE-103:
------------------------------------------
{quote}
What I mean is that I'm under the impression there are issues with group
support unless you use the LDAP module (see #696). eg the openid and "http
header" auth module don't work that well (associating connection profiles with
groups don't work like it does for LDAP)
{quote}
No, there are no issues specifically with groups. LDAP and the database auth
are the only extensions that implement group support at the moment. The OpenID
and header extensions do not implement groups.
{quote}
Orgs that use SAML will not use LDAP, ...
{quote}
That's not necessarily true.
{quote}
... so I was assuming bits of code like that in the LDAP module would need
transplanting into a new SAML module
{quote}
No, code wouldn't need to be transplanted. The SAML module would need to
implement the part of the Guacamole extension API that allows extensions to
expose groups.
> SAML 2.0 support for user authentication
> ----------------------------------------
>
> Key: GUACAMOLE-103
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-103
> Project: Guacamole
> Issue Type: New Feature
> Reporter: Justin P
> Assignee: Nick Couchman
> Priority: Minor
>
> It'd be great if Guacamole supported SAML 2.0 so it could integrate with an
> organization's single sign-on (SSO) solution (especially popular platforms
> like OneLogin, Okta, Bitium, etc.)
> This would make authenticating to Guacamole easier for an organization's
> users, and it would make organization's IT/IS admins happier being able to
> apply authentication security controls to guacamole, such as password
> complexity rules, two-factor authentication rules, etc.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
