guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Jumper <mjum...@apache.org>
Subject Re: 1.0.0 LocalStorage auth instead of cookies
Date Tue, 05 Mar 2019 04:08:01 GMT
On Mon, Mar 4, 2019 at 7:49 PM Lev Dubinets <levdubinets@live.com> wrote:

> To add to that, I'd bet that most serious deployments of guacamole are
> putting it behind nginx or some other proxy and/or load balancer.
>

Yes, though it's mainly guacd that needs the most balancing.

The cookies allow the backend to control and isolate guacamole sessions or
> deployments. This is really useful. For large-scale deployments this has to
> be a must-have feature.
>

No. With respect to routing of sticky sessions, the typical case would
involve configuring the balancer to set its own cookie independent of the
backend session.

Setting an HTTP header specifically for use by balancers (such that they
can properly route future requests based on the "token" parameter) might be
a good way to expand this case. Additionally setting and accepting a cookie
as an optional alternative to the "token" parameter might also be worth
doing. It's definitely not a requirement for a deployment to be
large/serious.

- Mike

Mime
View raw message