You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@guacamole.apache.org by "Michael Jumper (JIRA)" <ji...@apache.org> on 2018/08/18 18:48:00 UTC

[jira] [Assigned] (GUACAMOLE-611) Selectively fall through to other extensions when authentication fails

     [ https://issues.apache.org/jira/browse/GUACAMOLE-611?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Michael Jumper reassigned GUACAMOLE-611:
----------------------------------------

    Assignee: Michael Jumper

> Selectively fall through to other extensions when authentication fails
> ----------------------------------------------------------------------
>
>                 Key: GUACAMOLE-611
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-611
>             Project: Guacamole
>          Issue Type: Improvement
>          Components: guacamole
>            Reporter: Michael Jumper
>            Assignee: Michael Jumper
>            Priority: Minor
>
> Currently, Guacamole's authentication extensions will explicitly fail with exceptions when upstream server expectations fail, such as when the LDAP server goes down, the MySQL / PostgreSQL database becomes unavailable, etc. If this happens, processing of other extensions halts (as any exceptions aborts the authentication process), and it becomes impossible to log into Guacamole until the problem is resolved.
> While it made sense for LDAP and other extensions to abort authentication entirely in cases back when Guacamole could only use one authentication mechanism at a time, there is no need for this to still be the case. Servers with multiple authentication mechanisms enabled should be able to rely on remaining mechanisms to succeed if one mechanism goes down.
> Specifically:
> # Multi-factor authentication extensions (currently Duo and TOTP) should always either 100% work or block authentication entirely (failure of the secondary authentication factor shouldn't result in the removal of that factor, as that would present a security problem).
> # If configured to do so, normal authentication extensions (LDAP, MySQL, PostgreSQL, etc.) should log failures but otherwise behave as if the extension is not installed, thus allowing other authentication mechanisms to continue working. If _not_ configured in this way, Guacamole's existing all-or-nothing behavior should continue as the safe default.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)