You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@guacamole.apache.org by "Kazuhiko Tanaka (Jira)" <ji...@apache.org> on 2020/09/04 09:06:00 UTC

[jira] [Commented] (GUACAMOLE-221) Parameter prompting within client interface

    [ https://issues.apache.org/jira/browse/GUACAMOLE-221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17190636#comment-17190636 ] 

Kazuhiko Tanaka commented on GUACAMOLE-221:
-------------------------------------------

> The administrator does not need to know the password for the remote desktop account if you are using username/password pass-through.

If guacamole uses SAML or OpenID Connect for authentication, guacamole will not be able to know the username/password.  Administrators should save this information in the user's connection settings if there is no ability to prompt for it when connecting.  

We are using an integrated authentication platform with multi-factor authentication, and using it is a mandatory requirement. LDAP authentication does not meet that requirement.

> Parameter prompting within client interface
> -------------------------------------------
>
>                 Key: GUACAMOLE-221
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-221
>             Project: Guacamole
>          Issue Type: New Feature
>          Components: guacamole
>            Reporter: Mike Jumper
>            Assignee: Nick Couchman
>            Priority: Major
>             Fix For: 1.3.0
>
>
> {panel:bgColor=#FFFFEE}
> *The description of this issue was copied from [GUAC-335|https://glyptodon.org/jira/browse/GUAC-335], an issue in the JIRA instance used by the Guacamole project prior to its acceptance into the Apache Incubator.*
> Comments, attachments, related issues, and history from prior to acceptance *have not been copied* and can be found instead at the original issue.
> {panel}
> Some parameters, such as the username/password for VNC or RDP, are better entered manually within the client when connecting rather than stored on the server in MySQL or {{user-mapping.xml}}.
> Storing secure data within parameters on the server side has security implications that don't fit well with all use cases.
> Further, some connections would benefit if their settings can be modified locally before connecting. A user could change the color depth or screen size of their RDP session, for example, for the sake of a slower connection.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)