You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@guacamole.apache.org by Jim <ji...@evolvesecurity.io> on 2019/03/14 18:40:23 UTC

OpenID Connect + JDBC

Since OpenID connect only handles authentication and not associated
connections, I'm working on providing OpenID users with their related
connections. My question is: what database entries that map to the OpenID
user are required to assign a connection to an OpenID Connect User? I assume
a "guacamole_entity" entry with the corresponding email/username is
required, but what about a "guacamole_user" entry? 



--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/

Re: OpenID Connect + JDBC

Posted by Nick Couchman <vn...@apache.org>.

On Thu, Mar 14, 2019 at 14:48 Jim <ji...@evolvesecurity.io> wrote:

> Since OpenID connect only handles authentication and not associated
> connections, I'm working on providing OpenID users with their related
> connections. My question is: what database entries that map to the OpenID
> user are required to assign a connection to an OpenID Connect User? I
> assume
> a "guacamole_entity" entry with the corresponding email/username is
> required, but what about a "guacamole_user" entry?

You'll need both an entity and a user - basically the user account from
OpenID needs to match the account (username) in the database, and then the
permissions assigned to the DB user will be applied.  The entry in the user
take will require the entry in the entity table.

-Nick