On Mon, Dec 2, 2019 at 9:36 AM Vieri <[email protected]> wrote:
> Hi, > > I was wondering if Guacamole could also support the HTTP protocol. The > idea is that a user can connect to the Guacamole portal, and from there > connect to an internal HTTP server whose communication would be tunneled > through Guacamole (HTTPS). > It possibly *could* be done; however, this has been discussed in the past, and it has been determined that such support is out of scope for this project. Guacamole is a client-less remote desktop gateway, but is not designed to be a complete VPN/Gateway solution. See: https://issues.apache.org/jira/browse/GUACAMOLE-57 > > I know this is usually the job of a reverse proxy, but it's not always > trivial. > In my case, the "internal HTTP server" sends HTTP redirects to the client > (to non-HTTPS urls), and this breaks the reverse proxy user experience... > > Yes, and Guacamole can be used in conjunction with such solutions to create an overall client-less VPN/gateway solution, but itself does not support HTTP(S), nor is it something we are open to putting into the project. > I find the Guacamole UI to be simple and easy. I was wondering if it were > easy to add support for HTTP. > We appreciate that :-). Adding support for HTTP(S) might be doable, however it isn't as straight-forward as it seems. It would involve considerable work on the guacd side to attempt to render the web pages and then send images of those pages across. Doing this in a way that gives people the look and feel, and interaction, they expect from a web page would be challenging. Furthermore, you'd likely run into some issues with differences in rendering as expected based on the difference between guacd attempting to do that with a library vs. the browser on the user screen. Again, doable - maybe - but not easy, and, out of scope. The alternative to doing that rendering in guacd is just to have the Guacamole system tunnel the HTTP(S) connection over the HTTP(S) connection used for the other Guacamole traffic. However, if you're going to do this, why not just use one of the existing reverse proxy configurations out there? Guacamole can certainly be part of such a solution to handle the remote desktop protocols, but you'll need to find something else to do the HTTP(S) tunneling. -Nick
