[
https://issues.apache.org/jira/browse/GUACAMOLE-1955?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
scpcom updated GUACAMOLE-1955:
------------------------------
Description:
With privacyIDEA you can implement push two-factor authentication on your own
server.
I would like to add this as auth extension for guacamole.
The implementation may be quite simple. Here is a demonstration how it works
with curl.
First the server (guacamole) tells privacyIDEA to ask the user jon.doe to
accept the login on the mobile device:
{code:java}
transaction_id=`curl -k --silent --request POST --data
"realm=defrealm&user=jon.doe&pass="
https://myprivacyidea.example/validate/check | jq .detail.transaction_id | cut
-d '"' -f 2`{code}
Next the server (guacamole) has to wait until the result of this request is
"ACCEPT"
{code:java}
curl -k --silent --request GET --data "transaction_id=$transaction_id"
https://myprivacyidea.example/validate/polltransaction | jq
.result.authentication{code}
You can find a Java example on the official java-client here:
[https://github.com/privacyidea/java-client/blob/master/src/test/java/org/privacyidea/TestPollTransaction.java]
I tried to modify a copy of extensions/guacamole-auth-duo and
extensions/guacamole-auth-totp to understand how to implement it but did not
have success yet.
was:
With privacyIDEA you can implement push two-factor authentication on your own
server.
I would like to ad this as auth extension for guacamole.
The implementation may be quite simple. Here is a demonstration how it works
with curl.
First the server (guacamole) tells privacyIDEA to ask the user jon.doe to
accept the login on the mobile device:
{code:java}
transaction_id=`curl -k --silent --request POST --data
"realm=defrealm&user=jon.doe&pass="
https://myprivacyidea.example/validate/check | jq .detail.transaction_id | cut
-d '"' -f 2`{code}
Next the server (guacamole) has to wait until the result of this request is
"ACCEPT"
{code:java}
curl -k --silent --request GET --data "transaction_id=$transaction_id"
https://myprivacyidea.example/validate/polltransaction | jq
.result.authentication{code}
You can find a Java example on the official java-client here:
[https://github.com/privacyidea/java-client/blob/master/src/test/java/org/privacyidea/TestPollTransaction.java]
I tried to modify a copy of extensions/guacamole-auth-duo and
extensions/guacamole-auth-totp to understand how to implement it but did not
have success yet.
> Auth extension for privacyIDEA push two-factor authentication
> -------------------------------------------------------------
>
> Key: GUACAMOLE-1955
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1955
> Project: Guacamole
> Issue Type: Wish
> Components: guacamole-client
> Reporter: scpcom
> Priority: Major
>
> With privacyIDEA you can implement push two-factor authentication on your own
> server.
> I would like to add this as auth extension for guacamole.
> The implementation may be quite simple. Here is a demonstration how it works
> with curl.
> First the server (guacamole) tells privacyIDEA to ask the user jon.doe to
> accept the login on the mobile device:
> {code:java}
> transaction_id=`curl -k --silent --request POST --data
> "realm=defrealm&user=jon.doe&pass="
> https://myprivacyidea.example/validate/check | jq .detail.transaction_id |
> cut -d '"' -f 2`{code}
> Next the server (guacamole) has to wait until the result of this request is
> "ACCEPT"
> {code:java}
> curl -k --silent --request GET --data "transaction_id=$transaction_id"
> https://myprivacyidea.example/validate/polltransaction | jq
> .result.authentication{code}
> You can find a Java example on the official java-client here:
> [https://github.com/privacyidea/java-client/blob/master/src/test/java/org/privacyidea/TestPollTransaction.java]
> I tried to modify a copy of extensions/guacamole-auth-duo and
> extensions/guacamole-auth-totp to understand how to implement it but did not
> have success yet.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
