On Thu, Nov 14, 2024 at 7:12 AM Scott Thompson <lordne...@gmail.com> wrote:
> In a previous item on Github (GUACAMOLE-839) > <https://github.com/apache/guacamole-client/pull/797> the following was > mentioned: > > "NOTE: This does not mean that you can pass through that authentication > result to an RDP server that accepts smart cards. That's an entirely > different can of worms." > > Is that something that is at all technically possible to be added within > Guacamole? Are there technical limitations that prevent this from being > possible? I know client side installed RDP software can typically perform > USB redirects (Microsoft AVD, AWS Workspaces, etc), but is there any > possibility for browser based RDP to do this? > Thanks. > Absolutely technically possible, yes, and I do not know of any limitations other than just someone taking the time to write the code to accomplish this. In particular, the code needs to: * Prompt the user for a certificate to use. * Provide that certificate information to guacd via a connection parameter or data stream or something similar. * guacd needs to be able to take that certificate and/or stream and provide it to the RDP connection to authenticate. -Nick
