[ https://issues.apache.org/jira/browse/GUACAMOLE-221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16910573#comment-16910573 ]
Joseph Gullo commented on GUACAMOLE-221: ---------------------------------------- Awesome, I hadn't seen that. Still, the workflow I'm thinking of is the following: 1) I authenticate into guacamole as my regular user account 2) I connect to my normal desktop using a parameter, no issue. 3) I see a connection to a domain controller, I want to connect to that session with a separate domain admin account. I'd like to be able to enter credentials. 4) I see a connection to a switch. I want to connect to that session with separate network admin credentials. 5) I see a connection to a server, I want to connect to that session with separate server admin credentials. In theory, the only possible credentials that can successfully authenticate from the internet are my un-privileged ones, then you would need to know additional credentials once inside the network. I don't like the idea of storing my admin credentials, and I don't like the idea of my admin accounts accessible to a WAN login. I know I can bounce from RDP once inside my regular session, but RDP-through-RDP starts to feel sloppy. > Parameter prompting within client interface > ------------------------------------------- > > Key: GUACAMOLE-221 > URL: https://issues.apache.org/jira/browse/GUACAMOLE-221 > Project: Guacamole > Issue Type: New Feature > Components: guacamole > Reporter: Michael Jumper > Assignee: Nick Couchman > Priority: Major > > {panel:bgColor=#FFFFEE} > *The description of this issue was copied from > [GUAC-335|https://glyptodon.org/jira/browse/GUAC-335], an issue in the JIRA > instance used by the Guacamole project prior to its acceptance into the > Apache Incubator.* > Comments, attachments, related issues, and history from prior to acceptance > *have not been copied* and can be found instead at the original issue. > {panel} > Some parameters, such as the username/password for VNC or RDP, are better > entered manually within the client when connecting rather than stored on the > server in MySQL or {{user-mapping.xml}}. > Storing secure data within parameters on the server side has security > implications that don't fit well with all use cases. > Further, some connections would benefit if their settings can be modified > locally before connecting. A user could change the color depth or screen size > of their RDP session, for example, for the sake of a slower connection. -- This message was sent by Atlassian Jira (v8.3.2#803003)