[jira] [Updated] (GUACAMOLE-839) Add support for smart card authentication

Thu, 19 Jan 2023 13:01:08 -0800 


     [ 
https://issues.apache.org/jira/browse/GUACAMOLE-839?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Mike Jumper updated GUACAMOLE-839:
----------------------------------
    Description: 
Similar to the other supported SSO mechanisms like SAML and OpenID, the 
Guacamole web application should provide for authentication of users using 
smart cards (and similar hardware devices). Leveraging SSL/TLS client 
authentication, it should be possible to allow users to sign in with any 
hardware device supported by their browser as long as those devices contain a 
certificate that was signed by a certificate authority that the administrator 
has configured the Guacamole webapp to accept.

*NOTE:* This is only related to authentication with the web application. The 
concept of authenticating with remote desktop services using smart cards is 
very separate and would likely involve adding support for Kerberos or somehow 
directly interacting with the card reader over USB.

  was:Implement Universal 2nd Factor authentication support, which appears to 
be a hardware key mechanism.


> Add support for smart card authentication
> -----------------------------------------
>
>                 Key: GUACAMOLE-839
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-839
>             Project: Guacamole
>          Issue Type: New Feature
>          Components: guacamole-client
>            Reporter: Bastian Machek
>            Priority: Minor
>
> Similar to the other supported SSO mechanisms like SAML and OpenID, the 
> Guacamole web application should provide for authentication of users using 
> smart cards (and similar hardware devices). Leveraging SSL/TLS client 
> authentication, it should be possible to allow users to sign in with any 
> hardware device supported by their browser as long as those devices contain a 
> certificate that was signed by a certificate authority that the administrator 
> has configured the Guacamole webapp to accept.
> *NOTE:* This is only related to authentication with the web application. The 
> concept of authenticating with remote desktop services using smart cards is 
> very separate and would likely involve adding support for Kerberos or somehow 
> directly interacting with the card reader over USB.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to