Tony Guadagno created GUACAMOLE-2206:
----------------------------------------
Summary: Add the ability to limit administrator logins via source
IP
Key: GUACAMOLE-2206
URL: https://issues.apache.org/jira/browse/GUACAMOLE-2206
Project: Guacamole
Issue Type: Wish
Components: guacamole-auth-restrict
Affects Versions: 1.6.0
Reporter: Tony Guadagno
Hi, as discussed in the email thread, I feel it is important to be able to
limit administrator accounts to IP ranges. The way I would use this is I would
limit administrator logins to our internal IP range so that external hackers
cannot gain admin level access to the system.
I would argue that it is as (or even more) important for these restrictions
be available on administrator accounts as for regular users.
I understand that this could lead to a situation where administrators are
locked out. I would then suggest a special startup switch that, if invoked,
would bypass the restrictions to temporarily let admins back in.
Alternatively, an admin could simply start guac up without the extended
restrictions enabled...I think this would have the same effect.
thanks for all your work.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
