Hi All,
I'm trying to import Guacamole into my organization. Currently, I'm
conducting a feasibility study of the authentication process. After
reading through the documentation, I'm not sure how to integrate
Guacamole with the authentication services in the organization.
In my organization, two services are related to auth. One is the
authentication service. This service adopts Keycloak which uses OpenID
to realize single sign-on. Therefore, it is compatible with the OpenID
extension of Guacamole. I have already integrated Guacamole with
Keycloak, and it works smoothly.
The other auth service is the authorization service. This service is a
permission management service. It records the roles of the members of
the organization. And which roles have permission to access which
contents. I'm not sure how to integrate this service with Guacamole.
One of the possible approaches is to adopt both OpenID and database
authentication. In this approach, we have to develop another service to
keep Guacamole database up to date with the authorization service of the
organization.
Another possible approach is to adopt OpenID and custom authentication.
With custom authentication, we can acquire user-mapping data from the
authorization service. Therefore, the permission can be managed.
However, it seems that there are conflicts between the settings of
OpenID and custom authentication. I'm not sure if it works.
Any advice would be appreciated. Thank you.
Sincerely,
Han-Tuo Lin
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
