You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@guacamole.apache.org by "Nick Couchman (JIRA)" <ji...@apache.org> on 2018/03/09 01:30:00 UTC

[jira] [Commented] (GUACAMOLE-524) Allow LDAP attributes to be used as token

    [ https://issues.apache.org/jira/browse/GUACAMOLE-524?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16392222#comment-16392222 ] 

Nick Couchman commented on GUACAMOLE-524:
-----------------------------------------

Hmmmm...this is an interesting idea, and one that I like, at least in principal.  I wonder if we could come up with a way to do the mapping such that the attribution could be specified without having to map each one individually in the code.  Something like:
${GUAC_LDAP_ATTRIBUTE:workstationName}

Where you could configure what LDAP attributes the extension reads out of the LDAP tree and then arbitrarily map those through with the token.  This way we wouldn't have to necessarily define ${USER_WORKSTATION} in the code, or any other specific attribute, but could implement it in a way that allows flexibility across deployments.

[~jaredfrees] Any experience in Java?  Is this something you can take a stab at coding?

> Allow LDAP attributes to be used as token
> -----------------------------------------
>
>                 Key: GUACAMOLE-524
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-524
>             Project: Guacamole
>          Issue Type: Improvement
>          Components: guacamole-auth-ldap
>            Reporter: Jared Frees
>            Priority: Minor
>
> Add support for using LDAP attributes as tokens for connection configuration.  For example, map the attribute 'workstationName' of the current logged on user to a token USER_WORKSTATION that could then be used in a connection profile.  This would allow using a single connection and for the destination to be determined by the LDAP attribute.  This mapping should be configurable and could be used in a connection definition such as the following:
>  
> dn: cn=Example Connection,ou=groups,dc=example,dc=net
> objectClass: guacConfigGroup
> objectClass: groupOfNames
> cn: Example Connection
> guacConfigProtocol: rdp
> guacConfigParameter: hostname=${USER_WORKSTATION}
> guacConfigParameter: username=${GUAC_USERNAME}
> guacConfigParameter: password=${GUAC_PASSWORD}
> member: cn=user1,ou=people,dc=example,dc=net
> member: cn=user2,ou=people,dc=example,dc=net



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)