[jira] [Commented] (GUACAMOLE-524) Allow LDAP attributes to be used as token

Thu, 08 Mar 2018 17:30:15 -0800 

    [ 
https://issues.apache.org/jira/browse/GUACAMOLE-524?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16392222#comment-16392222
 ] 

Nick Couchman commented on GUACAMOLE-524:
-----------------------------------------

Hmmmm...this is an interesting idea, and one that I like, at least in 
principal.  I wonder if we could come up with a way to do the mapping such that 
the attribution could be specified without having to map each one individually 
in the code.  Something like:
${GUAC_LDAP_ATTRIBUTE:workstationName}

Where you could configure what LDAP attributes the extension reads out of the 
LDAP tree and then arbitrarily map those through with the token.  This way we 
wouldn't have to necessarily define ${USER_WORKSTATION} in the code, or any 
other specific attribute, but could implement it in a way that allows 
flexibility across deployments.

[~jaredfrees] Any experience in Java?  Is this something you can take a stab at 
coding?

> Allow LDAP attributes to be used as token
> -----------------------------------------
>
>                 Key: GUACAMOLE-524
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-524
>             Project: Guacamole
>          Issue Type: Improvement
>          Components: guacamole-auth-ldap
>            Reporter: Jared Frees
>            Priority: Minor
>
> Add support for using LDAP attributes as tokens for connection configuration. 
>  For example, map the attribute 'workstationName' of the current logged on 
> user to a token USER_WORKSTATION that could then be used in a connection 
> profile.  This would allow using a single connection and for the destination 
> to be determined by the LDAP attribute.  This mapping should be configurable 
> and could be used in a connection definition such as the following:
>  
> dn: cn=Example Connection,ou=groups,dc=example,dc=net
> objectClass: guacConfigGroup
> objectClass: groupOfNames
> cn: Example Connection
> guacConfigProtocol: rdp
> guacConfigParameter: hostname=${USER_WORKSTATION}
> guacConfigParameter: username=${GUAC_USERNAME}
> guacConfigParameter: password=${GUAC_PASSWORD}
> member: cn=user1,ou=people,dc=example,dc=net
> member: cn=user2,ou=people,dc=example,dc=net



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to