guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Jumper <>
Subject Re: Authentication mechanism.. Was: New user questions...
Date Sun, 04 Mar 2018 20:29:54 GMT
On Sun, Mar 4, 2018 at 12:18 AM, Joachim Lindenberg <>

> Hi Nick,
> you remember correct. It is an attempt to conserve resources (CPU and
> memory) on the Hyper-V host. I am suspending/saving VMs regularly if there
> are no terminal sessions (I am monitoring port 2179 of the host), and
> obviously this is based on assumptions how the VMs are used (mainly
> interactively).
> Actually my authentication mechanism already returns the state of a VM and
> I could save it. If only there was a defined API call when a user selects a
> connection in which I can check state and trigger a change (just another
> service call).

There is no need for an additional service call. Rather than adding side
effects to getters, you should instead look into the "connect()" function
provided by the Connectable interface, inherited by both Connection and

This is the function which actually provides the semantics you're looking
for. It is invoked in an imperative manner to fulfill a request to
establish a connection and is the sole means of doing so.

Based on observations, guacamole only obtains properties if a user selected
> a connection, but that is not an observation I would like to rely on long
> term. My proposal would be to have another method in the authentication
> interface or simpleauthentication super class (as I am only implementing
> that, but in fact it could be another interface implemented in the same
> extension) that gets called with the selected configuration and the
> credentials used.

You will likely need to move away from using the Simple* classes, which
intentionally mask much of the complexity available within the Guacamole
extension API, and instead implement AuthenticationProvider, UserContext,
etc. as necessary to achieve what you're looking for. The
SimpleAuthenticationProvider class provides a simple means of adding custom
auth, but it is inherently limited. For more complex use cases, you will
need to branch out and look deeper.

- Mike

View raw message