[
https://issues.apache.org/jira/browse/GUACAMOLE-696?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16826048#comment-16826048
]
Nick Couchman commented on GUACAMOLE-696:
-----------------------------------------
{quote}
This also seems to apply for OpenID auth. What part of the openid profile does
Guac look for to align with the group name?
{quote}
Yes, this issue will apply if you're using OpenID with JDBC authentication,
because 1) the OpenID extension does not provide any user group capabilities,
and 2) groups are currently only applied from the extension that authenticates
the user. Therefore, in version 1.0.0, users authenticated from OpenID will
not be able to inherit permissions in groups defined/assigned within JDBC.
> Apply database groups if authenticated user matches database user
> -----------------------------------------------------------------
>
> Key: GUACAMOLE-696
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-696
> Project: Guacamole
> Issue Type: Improvement
> Components: guacamole-auth-jdbc
> Affects Versions: 1.0.0
> Reporter: matt nelson
> Assignee: Nick Couchman
> Priority: Minor
> Fix For: 1.1.0
>
>
> A user authenticated and logged in with an LDAP account has no access to the
> group permissions assigned to the matching database user.
> if the user logs in using the database user password then the connections do
> appear.
> If the connection permissions are assigned directly to the database user they
> do appear for the LDAP user.
>
>
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
