Thanks Antoine!I am just starting to look into this aspect and trying to
understand what the risks are.
I understand that risks are very use case dependent. So please excuse me for
vague question.
Do you think that once I setup TLS transport for the HTML5 client, it will make
client reasonably secured against most common security concerns?If I plan to
take up a project for myself, would it be super hard to try to integrate the
HTML5 client with some sort of single-sign-on using Auth0 or something
similar?Do you have any recommendations or thoughts?
Regards,
Mukul
On Thursday, December 29, 2016 8:29 PM, Antoine Martin via shifter-users
<[email protected]> wrote:
On 24/12/16 04:47, Mukul Agrawal via shifter-users wrote:
> Do you have some documentation/link that provides some insight on the
> authentication is being used with HTML5 client?
The (optional) authentication credentials are sent in the http request.
Those are processed by the HTML5 client javascript code.
> Is there any cookie, token or session ID included in communication
with XPRA server?
No.
The HTML5 client only uses a single websocket connection to the server.
> Does the server check for state or session existence on every request?
There are no HTTP requests after downloading the HTML5 client.
> Does an authenticated session expire?
What "session"? (as per above, there is no HTTP session)
The HTML5 websocket connection to the xpra server does not expire.
Cheers
Antoine
>
> Regards,
> Mukul
>
>
> On Sunday, December 11, 2016 4:14 AM, Antoine Martin via shifter-users
><[email protected]> wrote:
>
>
> On 11/12/16 07:43, Philip Loewen via shifter-users wrote:
>> Thanks for Xpra, excellent software. I use it on both Ubuntu and CentOS.
>> Right now only CentOS is willing to upgrade to version 1.0.
>>
>> I see deb files named xpra_1.0... in
>> xpra.org/dists/yakkety/main/binary-amd64,
>> but in the corresponding directory for xenial the latest is xpra_17.6.
> Thanks for reminding me, I had forgotten to push those. Done now.
>
>> Is there some easy way to upgrade Xpra on my xenial systems?
> apt-get update && apt-get upgrade
> Should work this time.
>
> Cheers
> Antoine
>
>>
>> Thanks, Philip
>>
>>
>> _______________________________________________
>> shifter-users mailing list
>> [email protected]
>> http://lists.devloop.org.uk/mailman/listinfo/shifter-users
>
> _______________________________________________
> shifter-users mailing list
> [email protected]
> http://lists.devloop.org.uk/mailman/listinfo/shifter-users
>
>
>
> _______________________________________________
> shifter-users mailing list
> [email protected]
> http://lists.devloop.org.uk/mailman/listinfo/shifter-users
>
_______________________________________________
shifter-users mailing list
[email protected]
http://lists.devloop.org.uk/mailman/listinfo/shifter-users
_______________________________________________
shifter-users mailing list
[email protected]
http://lists.devloop.org.uk/mailman/listinfo/shifter-users
