[
https://issues.apache.org/jira/browse/GUACAMOLE-221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16910573#comment-16910573
]
Joseph Gullo commented on GUACAMOLE-221:
----------------------------------------
Awesome, I hadn't seen that.
Still, the workflow I'm thinking of is the following:
1) I authenticate into guacamole as my regular user account
2) I connect to my normal desktop using a parameter, no issue.
3) I see a connection to a domain controller, I want to connect to that session
with a separate domain admin account. I'd like to be able to enter credentials.
4) I see a connection to a switch. I want to connect to that session with
separate network admin credentials.
5) I see a connection to a server, I want to connect to that session with
separate server admin credentials.
In theory, the only possible credentials that can successfully authenticate
from the internet are my un-privileged ones, then you would need to know
additional credentials once inside the network. I don't like the idea of
storing my admin credentials, and I don't like the idea of my admin accounts
accessible to a WAN login. I know I can bounce from RDP once inside my regular
session, but RDP-through-RDP starts to feel sloppy.
> Parameter prompting within client interface
> -------------------------------------------
>
> Key: GUACAMOLE-221
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-221
> Project: Guacamole
> Issue Type: New Feature
> Components: guacamole
> Reporter: Michael Jumper
> Assignee: Nick Couchman
> Priority: Major
>
> {panel:bgColor=#FFFFEE}
> *The description of this issue was copied from
> [GUAC-335|https://glyptodon.org/jira/browse/GUAC-335], an issue in the JIRA
> instance used by the Guacamole project prior to its acceptance into the
> Apache Incubator.*
> Comments, attachments, related issues, and history from prior to acceptance
> *have not been copied* and can be found instead at the original issue.
> {panel}
> Some parameters, such as the username/password for VNC or RDP, are better
> entered manually within the client when connecting rather than stored on the
> server in MySQL or {{user-mapping.xml}}.
> Storing secure data within parameters on the server side has security
> implications that don't fit well with all use cases.
> Further, some connections would benefit if their settings can be modified
> locally before connecting. A user could change the color depth or screen size
> of their RDP session, for example, for the sake of a slower connection.
--
This message was sent by Atlassian Jira
(v8.3.2#803003)
