On Wed, Feb 27, 2019 at 7:16 PM Lee <[email protected]> wrote: > Auth Code: https://github.com/VTLee/guac-auth-ext > ... >
> Note how the second connection didn't even mention AuthenticationProvider > -- > something bypassed that entire step (and there's no pathway that passes > through getAuthorizedConfigurations that doesn't log a message). I have no > way to alter this process within my extension anymore. > > Nothing bypassed the step - your extension as written would have worked this way for all releases of Guacamole, including 0.9.14. The SimpleAuthenticationProvider class always caches the GuacamoleConfiguration instances returned by getAuthorizedConfigurations(). The authenticateUser() function is invoked only at the beginning of the user's session. Until the user logs out or their session expires (or they use a different machine/browser that isn't logged in), this will only be invoked once. After that point, the existing user will only be updated if the extension implements updateAuthenticatedUser(). Data associated with the session like connections, accessed via the UserContext returned by getUserContext(), will similarly only be updated if updateUserContext() is implemented. > The intended functionality (that worked in 9.14) is for the user to be able > to have several simultaneous connections to guacamole which route to > different servers based on an initial cookie value which is used to lookup > connection information (think: multiple tabs to different machines). The > cookie is simply a one-time use primary key in a table that says the target > machine info (host, port, protocol). > If you want the user's session to be updated when your cookie changes, you will need to write an extension which implements updateUserContext() to update the UserContext associated with their session with respect to that cookie. I suspect that if you retest your extension with 0.9.14, you'll find that the behavior is unchanged, and the result of processing the cookie is still cached. - Mike
