On Mon, Mar 4, 2019 at 2:32 PM Lee <[email protected]> wrote: > Thanks Nick and Mike. > > The change ended up being on the front end & connection to the > authentication module. We were destroying the users cookie if they tried to > re-connect. With the changes to have that information in local storage, > that > broke our authentication process before it started. I suppose we'll have to > see if deleting the local storage objects as well now will work.
I wouldn't recommend destroying local storage objects as a means of achieving this. You old solution (destroying the user's cookie) is built upon a workaround which actively fights the internals of the webapp, and so will be brittle. You should instead look to a solution which is built upon (not against) what's provided. The extension API allows for user data to be derived dynamically (see previous emails in this thread), including based on changes to the request like the cookie that your system generates. I recommend leveraging that aspect of the API to achieve what it's designed to do. You might additionally look into using the anonymous username for your users on the Guacamole side: http://guacamole.apache.org/doc/guacamole-ext/org/apache/guacamole/net/auth/AuthenticatedUser.html#ANONYMOUS_IDENTIFIER The anonymous user has different semantics and will not persist the auth token: https://github.com/apache/guacamole-client/blob/5ce0c0f0358096d87e19c7decdb4d6dfd21aeff5/guacamole/src/main/webapp/app/auth/service/authenticationService.js#L118-L120 - Mike
