On Fri, Jun 28, 2019, 07:34 sciUser <[email protected]> wrote:
> Hello > > Find the main index.html (located in the tomcat / guacamole directory) and > just after the header add java code to delete cookies. > Please do not do this. First, if the intent is that auth data is not stored, there is a mechanism for this already. There is need for such a hack. See below. Second, Guacamole does not use cookies for authentication since 1.0.0. This will have no effect. I use this so when if the browser is closed or refreshed the cookies are > gone and the user needs re-authentication. If the intent is to not store auth data such each new tab will effectively have its own session, the mechanism provided for this is the anonymous user identifier: http://guacamole.apache.org/doc/guacamole-ext/org/apache/guacamole/net/auth/AuthenticatedUser.html#ANONYMOUS_IDENTIFIER A user authenticated as having the username "" will be rendered differently and their session token will be stored only in memory. - Mike
