[
https://issues.apache.org/jira/browse/GUACAMOLE-452?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16275786#comment-16275786
]
Mitchell Schuh commented on GUACAMOLE-452:
------------------------------------------
This is actually something that I've been looking at for a while. Although I
agree that in the strict sense, Guacamole is a remote desktop gateway, I think
it is seen by quite a few people as more of a remote access gateway to services
on the sterile side of a network. There are quite a few instances where a
reverse proxy may not be practical or even possible when a Guacamole session
would be a great solution. Some examples from the dozen or so installs that I
have floating around:
* I don't control DNS and therefore can't use hostnames for a reverse proxy.
* Some web applications cannot change their root url making a reverse proxy
even more cumbersome (if you have minimal control over DNS).
* I would end up needing to build out a complete auth for a reverse proxy (and
integrating with Guacamole) when often all I want is a single web page. This
would need to be repeated for every install.
* A lot of our intranet installs have iframes embedded and, without controlling
DNS, we cannot use HTTPS due to cross origin if we point directly at the
target. If we can access a Guacamole session (limiting the number of DNS
entries and SSL certs needed), it means we can have SSL to the client browser.
We already do this very successfully with RDP and VNC connections.
* When we need to give vendor support access to internal services (think
building lighting control systems), they often need HTTP access to things like
embedded controllers. Right now, I need to either have a VM ready for them to
RDP into and then lock that down or give them VPN access. A quick Guacamole
account with a single connection would be an elegant and easy to manage
solution. The screen recording feature of Guacamole is especially enticing for
this kind of situation.
I understand if it's deemed out of scope at the moment but HTTP would be a game
changer in how we work.
> Allow admins to define web protocol which enable vpn users to access private
> internal web server
> -------------------------------------------------------------------------------------------------
>
> Key: GUACAMOLE-452
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-452
> Project: Guacamole
> Issue Type: New Feature
> Reporter: Murat BULBUL
> Priority: Trivial
>
> There are four protocols, RDP,VNC,TELNET,SSH. Additionally, there should be
> WEB protocol which allow us to define only local web link access, which is
> not open to public.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
