guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tabarane <>
Subject Re: Authentication cache
Date Wed, 29 Mar 2017 07:18:07 GMT
Hello, i think there is a mistake in the forum, i got answer for another
topic inside my topic :)

Mike Jumper wrote
> On Tue, Mar 28, 2017 at 4:21 AM, Alexey Mayanov &lt;

> amayanov@

> &gt; wrote:
>> Hello!
>> I use Guacamole 0.9.11 incubating with MySQL Auth Extension. My issue is
>> follow:
>> 1. I have multiple users. For example UserA and UserB.
>> 2. At first I logged in to Guacamole by UserA.
>> 3. Then I closed browser's tab with Guacamole without pushing Exit
>> button.
>> For example I just finished my RDP session.
>> 4. I opened new tab and want to see username/password prompt and login to
>> Guacamole as UserB. But when I opened my Guacamole URL in new tab I
>> become
>> automatically logged in as UserA.
>> As I understand it happened due to authentication sessions was not closed
>> manually.
> Correct.
> If you want to log out of Guacamole, you need to explicitly do so. You
> will be automatically logged out after being inactive for long enough
> (see below), but otherwise you really need to log out if you want to
> log out.
>> Is it possible to close the session automatically when user closes
>> browser's tab or create new session each time when user tries to
>> reconnect
>> to Guacamole  to prevent automatic login using previous session that has
>> not
>> been expired yet?
> No. You can, however, reduce the amount of time such a session remains
> valid despite inactivity using the "api-session-timeout" property:
> Beyond that, if you're concerned that other users may gain access to
> your session, the best remedy is really to be diligent about logging
> out when you're done.
> - Mike

View this message in context:
Sent from the Apache Guacamole (incubating) - Users mailing list archive at

View raw message