Bug 8247 - Single sign-on support in Web Access
Summary: Single sign-on support in Web Access
Status: NEW
Alias: None
Product: ThinLinc
Classification: Unclassified
Component: Web Access (show other bugs)
Version: trunk
Hardware: PC Unknown
: P2 Normal
Target Milestone: LowPrio
Assignee: Bugzilla mail exporter
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-10-31 12:42 CET by Pierre Ossman
Modified: 2023-11-30 21:17 CET (History)
2 users (show)

See Also:
Acceptance Criteria:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Pierre Ossman cendio 2023-10-31 12:42:12 CET 
Some users are using a central login for their web services that allows their end users to seamless access many services without repeated logins. They would ideally like to integrate ThinLinc's Web Access in to this as well.

The big standards in this area are SAML and OpenID Connect (OIDC). The former is older, more complex, but more widely deployed.
Comment 2 Pierre Ossman cendio 2023-10-31 12:43:33 CET 
Nice DCV has some rudimentary support for this via a general mechanism where it's up to the users to actually integrate it to the specific systems/protocols:

https://docs.aws.amazon.com/dcv/latest/adminguide/external-authentication.html
Comment 3 Pierre Ossman cendio 2023-10-31 12:45:38 CET 
In some cases, the single sign-on is not just about user convenience, but also about delegating the responsibility of authentication. A site can then get rid of a lot of the burden of fulfilling all compliance requirements by having a central authority verify the users. They can then reduce their burden to just enforcing the access for that identity.
Note You need to log in before you can comment on or make changes to this bug.