David Young created GUACAMOLE-792:
-------------------------------------
Summary: Radius Provider returns Group - like LDAP Provider
Key: GUACAMOLE-792
URL: https://issues.apache.org/jira/browse/GUACAMOLE-792
Project: Guacamole
Issue Type: Improvement
Components: guacamole-auth-radius
Affects Versions: 1.0.0
Reporter: David Young
Fix For: 1.1.0, 1.2.0
This Improvement would reduce admin for those of us who use Radius for
authentication
against a Directory (in our case Microsoft Active Directory) with a database
provider that will be using Groups to mange connections, if Groups could be
used somehow.
One possibility...
Radius Servers could be configured to return a Group name that matches a
Group in the database, by using the RADIUS Vendor-Specific attribute, set to
the desired Group name for that Server authentication rule.
In this wishful scenario the Radius provider would treat the Group name in
the same way the LDAP provider now appears to be doing with the resolution
of issue 715.
(In our case, we need to use Radius instead of LDAP because of the
requirement to use MFA.)
[https://tools.ietf.org/html/rfc2865#page-47]
Implies addition of guacamole.properties entries for the vendor-id and type.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
