Repository: incubator-guacamole-manual Updated Branches: refs/heads/staging/0.9.14-incubating 4e18295bc -> 4ba815851
GUACAMOLE-362: Add documentation for ClearPass parameter. Project: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-manual/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-manual/commit/91479ada Tree: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-manual/tree/91479ada Diff: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-manual/diff/91479ada Branch: refs/heads/staging/0.9.14-incubating Commit: 91479ada07c07be26e4b571b3eca8dbc1df8116e Parents: 4e18295 Author: Nick Couchman <vn...@apache.org> Authored: Fri Oct 27 22:49:02 2017 -0400 Committer: Nick Couchman <vn...@apache.org> Committed: Fri Oct 27 22:49:02 2017 -0400 ---------------------------------------------------------------------- src/chapters/cas-auth.xml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-guacamole-manual/blob/91479ada/src/chapters/cas-auth.xml ---------------------------------------------------------------------- diff --git a/src/chapters/cas-auth.xml b/src/chapters/cas-auth.xml index 6f7217d..178d58f 100644 --- a/src/chapters/cas-auth.xml +++ b/src/chapters/cas-auth.xml @@ -74,6 +74,14 @@ this will be the full URL of your Guacamole installation.</para> </listitem> </varlistentry> + <varlistentry> + <term><property>cas-clearpass-key</property></term> + <listitem> + <para>If using CAS ClearPass to pass the SSO password to Guacamole, this + parameter specifies the private key file to use to decrypt the + password. See the section on ClearPass below.</para> + </listitem> + </varlistentry> </variablelist> </section> <section xml:id="completing-cas-install"> @@ -85,5 +93,19 @@ attempting installation.</emphasis> When ready, restart your servlet container and give the new authentication a try.</para> </section> + <section xml:id="cas-clearpass"> + <title>Using CAS ClearPass</title> + <para>CAS has a function called ClearPass that can be used to cache the password + used for SSO authentication and make that available to services at a later + time. Configuring the CAS server for ClearPass is beyond the scope of this + article - more information can be found on the Apereo CAS wiki at the + following URL: <link xlink:href="https://apereo.github.io/cas"> + https://apereo.github.io/cas</link>.</para> + <para>Once you have CAS configured for credential caching, you need to configure + the service with a keypair for passing the credential securely. The public + key gets installed on the CAS server, while the private key gets configured + with the <property>cas-clearpass-key</property> property. The private key + file needs to be in RSA PKCS8 format.</para> + </section> </section> </chapter>