guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Couchman <vn...@apache.org>
Subject Re: 1.0.0 LocalStorage auth instead of cookies
Date Mon, 04 Mar 2019 18:15:46 GMT
On Sun, Mar 3, 2019 at 12:40 AM Lev Dubinets <levdubinets@live.com> wrote:

> Hi,
>
> Prior to 1.0.0 I had a reverse proxy in front of Guacamole that modified
> the GUAC_AUTH cookie paths so that I could have two browser windows open
> with two different Guacamole sessions (one at domain .com/username1 and
> other at domain .com/username2).
>
> With 1.0.0 and the LocalStorage changes theres no way to "path" the
> entries at all. What are some recommended solutions for this? Is it
> possible to write some kind of auth plugin to use cookies instead of
> localstorage?
>

I don't think this would work, no - you could write an authentication
extension that would authenticate with cookies, yes, but I don't think this
would solve the issue you're seeing, because, once logged in, Guacamole
would still issue a token based on the LocalStorage method of storing data
within the browser, which would likely circumvent your cookie-based
authentication.

What is it that you're trying to accomplish, in the end?  Why do you
need/want two different sessions under two different accounts?  On the rare
occasions that I require this, I usually end up using Chrome's Incognito
mode for the second session, but I wouldn't consider my usage routine, so I
can understand that there might be situations that don't lend themselves
quite as easily to that.

-Nick

>

Mime
View raw message