Hi Cyrus, It is much more than an add-on to Guacamole, otherwise I believe the Guacamole team would have added the support.
Our solution is not open source, and let me check with you off line. Thanks, Yang > On Mar 31, 2022, at 09:24, Cyrus <[email protected]> wrote: > > I'm not from an Space Agency, but I'm curious about your implementation. > > Is there public documentation somewhere?, is that something publicly > available?, paid addon? > > Regards, > CI.- > > On Tue, Mar 29, 2022, 22:33 Yang Yang <[email protected]> wrote: > We have build a solution to extend Guacamole with http(s) support with a > similar approach/concept, which Nick actually had mentioned in this mailing > list for a couple of times as I remembered. The user experience with > Chrome/Firefox in kiosk mode cannot not provide plausible user experience, > e.g. upload and download issues, inconvenient when accessing hyperlinks that > open a new tab, without buttons to check previous or next page, and we had to > build a customized browser core for this case. > > With our solution, per user request to a connection, a virtual environment > with customized browser core will be instantly created and launch the URL > specified and then we have Guacamole connecting to the virtual environment > and taking care of user actions. When the user access session ends, the > virtual environment will be destroyed and released. > > Although efforts invested on this project were more than we had originally > planed, the overall experience is actually beyond our expectation, easy to > use and much better security. Please feel free to let me know if you are > interested to know more. > > Thanks, > Yang > >> On Mar 29, 2022, at 21:23, Guillermo Vargas-Dellacasa >> <[email protected] <mailto:[email protected]>> wrote: >> >> I was going to suggest the same as a workaround. Launching a browser in >> kiosk mode as a webapp on an RDP session should accomplish restricted https >> access to a particular application (haven't tried but sounds plausible). One >> possible advantage of this approach vs a standard proxy will be that you >> eliminate any possible issues that sometimes come up with proxies (e.g. >> WebRTC or Certs issues). >> >> Every solution has its pros and cons. I have used Fortinet's SSL VPN Web >> mode for RDP and it has limitations vs Guac (no print redirect, no file >> sharing, no integrated copy-paste). The workaround for Fortinet's is to use >> it in tunnel model, but then that requires a client. So, everything has >> pros/cons. As a side note, in my experience Guac RDP is way faster than >> Fortinet's RDP over SSL VPN Web mode (or even tunnel mode; again, in my >> experience). The main advantage of Fortinet is that it is all done in a >> firewall unit (which you anyway need). That's Fortinet's approach: trying to >> offer everything under the sun on the firewall. Judging from one of the >> responses before, it might be that Guac doesn't want to go that route as a >> project. That would be fine with me. >> >> G. >> >> On Tue, Mar 29, 2022 at 7:52 AM Vendel Colja <[email protected] >> <mailto:[email protected]>> wrote: >> But what’s your problem? Just access a single webbrowser on a RDP host as an >> application an you can access whatever http/https site via that browser. If >> you’d like to restrict the range of pages, let’s say to a single site, >> that’s subject to that browser and system you are accessing via guacamole >> and RDP. >> >> >> >> Colja >> >> >> >> Von: Stefan Bogdan Cimpeanu [mailto:[email protected] >> <mailto:[email protected]>] >> Gesendet: Dienstag, 29. März 2022 13:28 >> An: [email protected] <mailto:[email protected]> >> Betreff: Re: Support protocols >> >> >> >> I will get so much hate for this, but, there are other commercial solutions >> that allow you to access webpages defined or user-provided from within the >> solution, such as Fortinet. >> >> Different ACL’s can be implemented, 2FA, and all the bells and whistles. >> >> >> >> Bogdan >> >> >> >> >> On 29 Mar 2022, at 11:38, Ricardo García Arroyo <[email protected] >> <mailto:[email protected]>> wrote: >> >> >> >> Hello, good morning. >> >> >> >> We ask because aur client is the ESA (European Space Agency). >> >> Is it possible to create a future release with ESA requirement with an >> estimation (in time and value) of your work? My team and ESA would evaluate >> your estimation. >> >> >> >> Thanks and regards. >> >> Ricardo >> >> >> >> From: Alessandro Sironi <[email protected] >> <mailto:[email protected]>> >> Sent: martes, 29 de marzo de 2022 9:18 >> To: [email protected] <mailto:[email protected]> >> Subject: Re: Support protocols >> >> >> >> Hello, if you mean to be able to direct open a webpage in http(s) than it’s >> definitely not possibile and not in any future release. >> >> Inviato da iPhone >> >> >> >> >> >> Il giorno 29 mar 2022, alle ore 09:14, Ricardo García Arroyo >> <[email protected] <mailto:[email protected]>> ha scritto: >> >> >> >> Hello. >> >> >> >> We are using a NGINX proxy, we are asking that to know if in future >> developments of the tools can be implemented the http(s) access like VNC or >> RDP without the use of NGINX proxy. >> >> >> >> Thanks. >> >> Regards. >> >> Ricardo >> >> >> >> From: Sean Hulbert <[email protected] >> <mailto:[email protected]>> >> Sent: martes, 29 de marzo de 2022 9:11 >> To: [email protected] <mailto:[email protected]> >> Subject: RE: Support protocols >> >> >> >> Guacamole absolutely can be accessed using http(s) , install it with NGINX >> and proxy it. I do highly recommend TLSv1.3 since login information can be >> seen outside a secure unnel. >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> Sent by Android Ai hijacked INS communications 6G >> >> >> >> >> >> -------- Original message -------- >> >> From: Ricardo García Arroyo <[email protected] <mailto:[email protected]>> >> >> Date: 3/28/22 11:57 PM (GMT-08:00) >> >> To: [email protected] <mailto:[email protected]> >> Subject: Support protocols >> >> >> >> Good morning. >> >> >> >> I’m Ricardo from an IT company in Spain. >> >> >> >> My team and me are working in a project with Apache Guacamole tool. We >> provide access to clients by VNC, RDP and SSH with guacamole. Our customer >> requests us access by http or https. We watch that your tool doesn’t allow >> this access for that moment. Is it possible a development for that or is >> programed for future versions of Guacamole? >> >> >> >> If that question has been sent to a wrong email, can you tell me where can I >> ask our question? >> >> >> >> Thanks and regards. >> >> Ricardo >> >> >> >> >> Confidentiality Notice: This e-mail contains information that is privileged >> and confidential and subject to legal restrictions and penalties regarding >> its unauthorized disclosure or other use. You are prohibited from copying, >> distributing or otherwise using this information if you are not the intended >> recipient. If you have received this e-mail in error, please notify us >> immediately by return e-mail and delete this e-mail and all attachments from >> your system. Thank You. >> >
