[ https://issues.apache.org/jira/browse/GUACAMOLE-1428?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17526988#comment-17526988 ]
guacamole tester commented on GUACAMOLE-1428: --------------------------------------------- doing this feature would help a lot already, but should be quite simple to do, because everything is already there, and only the way it acts is different: (adding the possibility to ask for the password once after successsful SSO) so the user doesn't need to enter his username and 2FA, but only the Password ONCE per Guacmaole-session, as it could be used the same way as without SSO. https://issues.apache.org/jira/browse/GUACAMOLE-1542 > Allow connection authentication prompt responses to be temporarily saved > ------------------------------------------------------------------------ > > Key: GUACAMOLE-1428 > URL: https://issues.apache.org/jira/browse/GUACAMOLE-1428 > Project: Guacamole > Issue Type: New Feature > Components: guacamole > Affects Versions: 1.3.0 > Reporter: guacamole tester > Priority: Minor > > Currently I'm using Guacamole with OIDC-SSO. so I don't have the > "${GUAC_PASSWORD}"-Variable at hand. > > The only Option to give the user a true SSO-experience is to integrate an > external System which can provide the cleartext-password. I don't like this > idea.. > So if it's only possible to do this with a system saving the cleartext > password.. why not keep this only in guacamole? > > A working system could be like this: > when there is no pre-configured Password provide a selectable field that > defines that the password for the user is stored. This password should then > be stored for all connections (which have the field "shared password" > activated) of the user on the guacamole server until it is wrong and then > overwritten with the new password that the user enters. > > this would be very easy to implement for the admin as there is no additional > configuration. and it would also only keep the password in cleartext ont he > guacamole system which in my case is the only system, that needs a cleartext > password. -- This message was sent by Atlassian Jira (v8.20.7#820007)