guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Couchman <vn...@apache.org>
Subject Re: Authentification using Certificat
Date Tue, 02 Apr 2019 16:36:54 GMT
On Tue, Apr 2, 2019 at 11:31 AM Kamal Ezzaki <kamalezzaki1@gmail.com> wrote:

> Hello
>
> Just a question , is guacamole support authentification with certificat ?
>

Certificate-based authentication - that is, having the client browser have
a private key and certificate pair that the server looks at to determine
identity and allow a user to log in (such as a Smart Card, PKI, etc.) - is
not currently implemented in the Guacamole Client.

You can accomplish it in other ways, though.  I can think of at least two
off the top of my head, and a third possibility:
- CAS SSO, which is supported by Guacamole, also supports Client
Certificate Authentication (PKI), so you could implement it in CAS and then
use that module in Guacamole to authenticate.
- The Header module could be used in a similar way, authenticating the
certificate via the web server (I'm reasonably certain that both Apache
httpd and Nginx support this) and then pass through that identity in an
HTTP header
- I wouldn't be surprised if OpenID also supports some form of
certificate-based authentication, though I'm not entirely certain about
that.

-Nick

Mime
View raw message