Thanks Nick. Normally, I'd agree with you on using the JDBC extension, but spinning up a database is kind of an overkill for our simple use cases. Quick follow-up questions on the basic file authentication with regard to your comment:
> In particular, when you configure users in the basic file module, > you have to specify a username and password, so you'll need to generate > complex enough passwords that no one would be able to guess them." If I understand correctly the username and password in the basic file would be a separate way to authenticate forr that same user right? So the user could authenticate with CAS or use the user name and password in the user-mapping if they knew what it was? If that's the case then generating a random long password for the user mapping config is acceptable for our use case. Just as long as the user can authenticate with CAS. -- Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/