From user-return-4704-archive-asf-public=cust-asf.ponee.io@guacamole.apache.org Mon Nov 12 17:23:08 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 446B1180660 for ; Mon, 12 Nov 2018 17:23:08 +0100 (CET) Received: (qmail 20095 invoked by uid 500); 12 Nov 2018 16:23:07 -0000 Mailing-List: contact user-help@guacamole.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@guacamole.apache.org Delivered-To: mailing list user@guacamole.apache.org Received: (qmail 20086 invoked by uid 99); 12 Nov 2018 16:23:07 -0000 Received: from mail-relay.apache.org (HELO mailrelay1-lw-us.apache.org) (207.244.88.152) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 12 Nov 2018 16:23:07 +0000 Received: from mail-ed1-f52.google.com (mail-ed1-f52.google.com [209.85.208.52]) by mailrelay1-lw-us.apache.org (ASF Mail Server at mailrelay1-lw-us.apache.org) with ESMTPSA id 3CFBE1728 for ; Mon, 12 Nov 2018 16:23:06 +0000 (UTC) Received: by mail-ed1-f52.google.com with SMTP id a2-v6so7880342edt.3 for ; Mon, 12 Nov 2018 08:23:06 -0800 (PST) X-Gm-Message-State: AGRZ1gJfA0H5mltgmyddREwH1ZT2v7x3liTJcc4jUHkBBBvo7fm8qI3X jaWlv+uP1Sd5/OJs1aQdKh57vhEg57Nd7AQhOuE= X-Google-Smtp-Source: AJdET5ecZFvTjUl5ZaqUqOvsJ1GIvUX7fMfyiRx+mtMNAY4gsauC9LhJdl8nVwK51xhL6v6LZMf5pG+WGBsk9MpunyM= X-Received: by 2002:a17:906:bb02:: with SMTP id jz2-v6mr9609015ejb.59.1542039785264; Mon, 12 Nov 2018 08:23:05 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Nick Couchman Date: Mon, 12 Nov 2018 11:22:53 -0500 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: two factor auth To: user@guacamole.apache.org Content-Type: multipart/alternative; boundary="000000000000a15bef057a7a1d0d" --000000000000a15bef057a7a1d0d Content-Type: text/plain; charset="UTF-8" On Mon, Nov 12, 2018 at 11:02 AM SergeyKh wrote: > oh i see. thank you very much. > do you any have plans to make some kind of flexible authorization that > could use one or two authorization sources like radius? > ldap+radius or radius+radius or local-sql+radius > ? > > There are no current plans for any such functionality, aside from the ones that are already implemented that way (TOTP and Duo). As already mentioned, the RADIUS module handles this internally (with challenge/response) and a RADIUS server can likely be configured to accomplish what you're trying to do. You're welcome to take a look at the current issues and submit a request for a new feature if you don't see one that accomplishes what you're trying to do. Issue tracker is here: https://issues.apache.org/jira/projects/GUACAMOLE/summary -Nick > --000000000000a15bef057a7a1d0d Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On Mon, Nov 12, 2018 at 11:02 AM SergeyKh <mail4sergey@gmail.com> wrote:
oh i see. thank you ve= ry much.
do you any have plans to make some kind of flexible authorizat= ion that could use one or two authorization sources like radius?=C2=A0
=C2=A0ldap+radius or radius+radius or local-sql+radius=C2=A0
?


There are no= current plans for any such functionality, aside from the ones that are alr= eady implemented that way (TOTP and Duo).=C2=A0 As already mentioned, the R= ADIUS module handles this internally (with challenge/response) and a RADIUS= server can likely be configured to accomplish what you're trying to do= .=C2=A0 You're welcome to take a look at the current issues and submit = a request for a new feature if you don't see one that accomplishes what= you're trying to do.=C2=A0 Issue tracker is here:

=
-Nick