Thanks for the reply!
I currently have guacamole + openId working without issue. My guacamole server
is configured to use the open-id extension (no problems there).
If I inject an iframe in my app website there are no problems. (Both app
website and guacamole are secured via Keycloak)
This is what I've been asked to do:
Programmatically generate an SSH session with a private key, and execute a
command.
As I've been going thru the example, and code in guacamole-client, it looks
like I need to pass credentials via GuacamoleConfiguration.
The client as I understand it requires a java servlet backend, and a js
frontend ('guacamole-common-js'). (Please correct me if I am wrong)
I wasn't sure if there was an existing solution where on the front-end I could
use 'guacamole-common-js' alone with a guacamole instance that is configured
with openId.
This way I would not need to store the guacamole user's credentials.
Is there any examples on implementing the guacamole-client using opendId?
----- Original Message -----
From: "Nick Couchman" <[email protected]>
To: "user" <[email protected]>
Sent: Friday, August 12, 2022 10:59:25 AM
Subject: Re: guacamole-client + openid?
On Fri, Aug 12, 2022 at 12:43 PM Dana Shaw <[email protected]> wrote:
>
> I've been going thru the client
> (https://github.com/apache/guacamole-client.git) and I think I have a handle
> on creating a connection user user/pass but am wondering is there any support
> to use openid?
>
> I currently have openid + guacamole working, but am trying to implement the
> guacamole-client for tighter integration.
>
I'm not sure what you mean when you say you have OpenID + Guacamole
working, but you're trying to implement Guacamole Client "for lighter
integration?" Guacamole Client is one of the two components of
Guacamole - Guacamole Client and Guacamole Server (guacd), unless
you've written a custom client to replace the Guacamole Client
component.
> Having to store a users guacamole user/pass seems like the only way to make
> this work, but wanted to reach out here for clarification.
>
Guacamole's support for OpenID, via the guacamole-auth-openid
extension, allows you to authenticate users to Guacamole via OpenID
Connect, but does not support storing connection data within OpenID.
For that you will need another module - JDBC is the most common and
popular, but you could also use guacamole-auth-json to deliver the
connection data to Guacamole via encrypted JSON.
-Nick
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
