[jira] [Commented] (GUACAMOLE-1428) Allow connection authentication prompt responses to be temporarily saved

Sat, 23 Apr 2022 23:37:06 -0700 


    [ 
https://issues.apache.org/jira/browse/GUACAMOLE-1428?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17526988#comment-17526988
 ] 

guacamole tester commented on GUACAMOLE-1428:
---------------------------------------------

doing this feature would help a lot already, but should be quite simple to do, 
because everything is already there, and only the way it acts is different:

(adding the possibility to ask for the password once after successsful SSO) so 
the user doesn't need to enter his username and 2FA, but only the Password ONCE 
per Guacmaole-session, as it could be used the same way as without SSO.

https://issues.apache.org/jira/browse/GUACAMOLE-1542

> Allow connection authentication prompt responses to be temporarily saved
> ------------------------------------------------------------------------
>
>                 Key: GUACAMOLE-1428
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-1428
>             Project: Guacamole
>          Issue Type: New Feature
>          Components: guacamole
>    Affects Versions: 1.3.0
>            Reporter: guacamole tester
>            Priority: Minor
>
> Currently I'm using Guacamole with OIDC-SSO. so I don't have the 
> "${GUAC_PASSWORD}"-Variable at hand.
>  
> The only Option to give the user a true SSO-experience is to integrate an 
> external System which can provide the cleartext-password. I don't like this 
> idea..
> So if it's only possible to do this with a system saving the cleartext 
> password.. why not keep this only in guacamole?
>  
> A working system could be like this:
> when there is no pre-configured Password provide a selectable field that 
> defines that the password for the user is stored. This password should then 
> be stored for all connections (which have the field "shared password" 
> activated) of the user on the guacamole server until it is wrong and then 
> overwritten with the new password that the user enters.
>  
> this would be very easy to implement for the admin as there is no additional 
> configuration. and it would also only keep the password in cleartext ont he 
> guacamole system which in my case is the only system, that needs a cleartext 
> password.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

Reply via email to