Hello We have beaten guacamole into submission and made it work the way we wanted it; in a multi tenant environment, if you have multiple browser tabs (Same Browser) opened and do not kill the cached cookie for authentication when leaving or refreshing and a user has access to multiple VMs, you will at times get the same VM because of the browser caching.
Now granted our system will look for specific items like user first name user ID and what lab they are launching from, as long as they are logged in to our LMS and refresh the browser or close it out our API system looks for this then passes a redirect to the Guac server. So deleting the cookie every time ensure that the user meets specific requirements. In sort we don't let guacamole write any new users to the database our API provisioning system handles all this and there is no need for LDAP which is slow layer. So we add the code to kill cookies to /var/lib/tomcat/webapps/guacamole/index.html We don't create extension but alter guacamole directly. This works fine, but there is a heavy degree of Python programming controlling everything. Again we are a specific use case for virtual labs like (Udemy, academia's (WGU, SNHU, ect...) or migrating people off AWS. Hope that clears up why I said just delete the cookies. ----- A Cybersecurity Enablement Company We don't just run you through the motions, Our labs teach you how to think! Known good Guacamole installations -- Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/ --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
