You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@guacamole.apache.org by "Michael Jumper (JIRA)" <ji...@apache.org> on 2016/05/19 23:00:16 UTC

[jira] [Created] (GUACAMOLE-28) Add support for TLS-PSK mutual authentication

Michael Jumper created GUACAMOLE-28:
---------------------------------------

             Summary: Add support for TLS-PSK mutual authentication
                 Key: GUACAMOLE-28
                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-28
             Project: Guacamole
          Issue Type: New Feature
            Reporter: Michael Jumper


{panel:bgColor=#FFFFEE}
*The description of this issue was copied from [GUAC-1344|https://glyptodon.org/jira/browse/GUAC-1344], an issue in the JIRA instance used by the Guacamole project prior to its acceptance into the Apache Incubator.*


Comments, attachments, related issues, and history from prior to acceptance *have not been copied* and can be found instead at the original issue.
{panel}

Given that the authorization is done by the guacamole-client (java) component, there seem to be a need for mutual authentication between guacd and its clients so not anyone could use guacd but only authenticated peers (especially when they do not run on the same machine).

This could allow to have guacd with one internal leg to communicate with the servers and one leg on DMZ on which is accepts guacd clients but only authenticated ones.

I've been working on adding support for TLS-PSK with the openssl library to the guacd server side component (as first step) and would like to share this and to possibly integrate it if fit (PR will follow).

Thanks for this great and opened software.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)