[
https://issues.apache.org/jira/browse/GUACAMOLE-235?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15897756#comment-15897756
]
Michael Jumper commented on GUACAMOLE-235:
------------------------------------------
Sorry, no, there were never any such plans, and I don't personally think this
would be a good idea. That extension relies on embedding raw connection
parameters within the URL, which can potentially contain sensitive information
and are not intended to be exposed to the user in the general case.
There is a third-party extension I helped write which achieves similar,
https://github.com/glyptodon/guacamole-auth-json/, and there were tentative
plans to merge that via downstream
[GUAC-1482|https://glyptodon.org/jira/browse/GUAC-1482] ... but I would now be
worried that such an extension would merely serve as a crutch for integration,
forever avoiding use of the API, much in the same way that NoAuth has grown to
be used.
I think the project would benefit greater from some sort of low-level REST API
which is independent of the current extension subsystem - some sort of
separation of the main interface from the rest of the application, similar to
what is proposed by GUACAMOLE-59.
> HMAC authentication extensions
> ------------------------------
>
> Key: GUACAMOLE-235
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-235
> Project: Guacamole
> Issue Type: Wish
> Components: guacamole
> Reporter: Marcin Janczarski
> Priority: Minor
>
> Any plans to include it to the project?
> https://github.com/wells/guacamole-auth-hmac-config
> I remember that there was a plan to merge it to the main project.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
