[ https://issues.apache.org/jira/browse/GUACAMOLE-1428?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17498671#comment-17498671 ]
Nick Couchman commented on GUACAMOLE-1428: ------------------------------------------ [~guactester]: Well, I think that would be possible; however, I'm not sure it's any easier than any of the other options. To be secure you'd want said device to exist only on the client-side (the browser), and that means supporting USB device pass-through from the browser to the end Windows system, which is going to take some doing, and that's already covered in GUACAMOLE-522. > Allow connection authentication prompt responses to be temporarily saved > ------------------------------------------------------------------------ > > Key: GUACAMOLE-1428 > URL: https://issues.apache.org/jira/browse/GUACAMOLE-1428 > Project: Guacamole > Issue Type: New Feature > Components: guacamole > Affects Versions: 1.3.0 > Reporter: guacamole tester > Priority: Minor > > Currently I'm using Guacamole with OIDC-SSO. so I don't have the > "${GUAC_PASSWORD}"-Variable at hand. > > The only Option to give the user a true SSO-experience is to integrate an > external System which can provide the cleartext-password. I don't like this > idea.. > So if it's only possible to do this with a system saving the cleartext > password.. why not keep this only in guacamole? > > A working system could be like this: > when there is no pre-configured Password provide a selectable field that > defines that the password for the user is stored. This password should then > be stored for all connections (which have the field "shared password" > activated) of the user on the guacamole server until it is wrong and then > overwritten with the new password that the user enters. > > this would be very easy to implement for the admin as there is no additional > configuration. and it would also only keep the password in cleartext ont he > guacamole system which in my case is the only system, that needs a cleartext > password. -- This message was sent by Atlassian Jira (v8.20.1#820001)