Hi Everyone, I'm currently working on a NSF funded project and using Guacamole as part of the university infrastructure.
I have few design oriented questions. Currently our Guacamole setup uses the CAS auth module for authentication. But we would like to support SAML too. We believe that the best way to do this is by implementing both the authentication modules in the reverse proxy. But there are two issues with this. 1. Once our reverse proxy authenticates, we are planning to use No-Auth module in Guacamole to allow the user to pass through. This would not be possible in future as the recent version 0.9.14 states that "The "NoAuth" extension is **DEPRECATED**" and will be removed in future releases. *How can we allow users to 'pass-through' once they authenticate with our reverse proxy?* 2. Currently the guacamole maintains an authorized list in the database, which the CAS module uses to verify for authorization. But in the case of reverse proxy this would not be possible. *Is there any way a reverse proxy can pass the authenticated user to the database module in the CAS for authorization to a connection?* Thanks in advance. -- Regards, Kaushik Srinivasan Indiana University Bloomington
