necouchman commented on issue #430: GUACAMOLE-221: Client-side changes for parameter prompting URL: https://github.com/apache/guacamole-client/pull/430#issuecomment-613096533 @trengri It is implemented this way because that's the way the FreeRDP API works - it tries authentication, first, and, if that fails, it issues a callback to an authentication function, if that function is defined. See: https://github.com/apache/guacamole-server/pull/228/files#diff-b9d603d00d2586ba7230ea4ba2267ff1L198-L232 and the original code... https://github.com/apache/guacamole-server/blob/bbb794966bdebdea1c670062d573561c066a7504/src/protocols/rdp/rdp.c#L371 https://github.com/apache/guacamole-server/blob/bbb794966bdebdea1c670062d573561c066a7504/src/protocols/rdp/rdp.c#L198-L232 And, aside from authentication itself, it is part of the negotiation process for the security protocol, as mentioned before. I'm not dead set against tweaking the behavior, but I believe the FreeRDP API is operating in the most compatible fashion to determine the security mechanisms supported by the server and the information required to make that authentication happen. I'm just working within the API :-). If there's a solid reason to modify this behavior, then we can do that, but I don't see that it's all that big a deal to set the Security Type to NLA for connections that are going to be prompting for credentials and where the server actually requires NLA??
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
