On Mon, Jan 14, 2019 at 2:07 PM Mike Jumper <mjum...@apache.org> wrote:
> On Mon, Jan 14, 2019, 10:56 sciUser <shulb...@securitycentric.net wrote: > >> ... >> >> Looking for something that can generate a one time URL or even a secure >> URL >> per access. >> >> Example 2 of something we do want: >> https://10.20.20.3/guacamole/#/?labtoken=kjhsdf986sdfgjhsgdf765sdf >> >> > You can do this through writing an extension which generates/accepts > tokens of whatever sort you like. > > There are third-party implementations of the same concept. I implemented > the below at $dayjob, though it's not yet up to date with the recent 1.0.0 > release: > > https://github.com/glyptodon/guacamole-auth-json > I've also written some Python code that POSTs to the REST endpoint to obtain a token: https://github.com/necouchman/guacamole-python/blob/9ac3f9ff7728d976d6107809700cbdd6f0c97fdd/guacamole-cli.py#L21-L32 The output of this should be the token value you can add as a parameter to the other URLs in order to use those REST endpoints. -Nick > > LDAP not an option since it can be hacked very easily. >> > > [Citation needed] > > Yes, the back-end you use for authentication should be independent of how you access the Guacamole URLs. I'm not quite sure what this means, here... -Nick