I think to satisfy half of this Use Case you can user a Listener in an guacamole-ext to listen to the TunnelClose events and trigger off that to invalid the session. The case that isn't covered is if they log in and don't select a connection, closing the browser then wouldn't trigger the TunnelClose.
Alternatively, you can try to achieve this with a front-end guacamole-extension module following this overflow answer to achieve a 'on window close' function that calls logout() in the authenticationService.js. https://stackoverflow.com/questions/30345446/how-to-trigger-a-function-on-window-close-using-angularjs On Fri, Nov 13, 2020 at 5:39 AM Vieri <[email protected]> wrote: > Hi, > > I wonder if it's possible to force the user to re-login when he/she closes > the browser window without explicitly signing out. > > I'm asking because it's a security concern when several absent-minded > users need to access their connections from the same client computer. > > I've read about api-session-timeout, but it only accepts minutes as a > value -- seconds would be better. > Can this be done with Tomcat instead? > > Regards, > > Vieri > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
