I think you'd be better off writing an extension that decorates the Connection objects returned by other extensions:
https://guacamole.apache.org/doc/guacamole-ext/org/apache/guacamole/net/auth/AbstractAuthenticationProvider.html#decorate(org.apache.guacamole.net.auth.UserContext,org.apache.guacamole.net.auth.AuthenticatedUser,org.apache.guacamole.net.auth.Credentials) After decorating the UserContext of another extension, you can further decorate the Directory<Connection> returned by getConnectionDirectory(). The DecoratingDirectory class is intended to make this easier: https://guacamole.apache.org/doc/guacamole-ext/org/apache/guacamole/net/auth/DecoratingDirectory.html You can then decorate (wrap) any Connection returned by that Directory with your own implementation that does whatever it likes. In this case, you'd wrap the GuacamoleTunnel returned by connect() and inspect the instructions received. The FilteredGuacamoleSocket class would be the best candidate for that kind of checking: https://guacamole.apache.org/doc/guacamole-common/org/apache/guacamole/protocol/FilteredGuacamoleSocket.html That class lets you provide filters that can inspect, drop, or override instructions that are sent or received. - Mike On Fri, Dec 2, 2022 at 1:35 AM Dejan Milovanovic < [email protected]> wrote: > Hi Nick, > > thank you for the response. > > I did manage to record guac protocol to a file, but that removes the > "real-time" factor of the analysis. > > You've mentioned recording guacd protocol to socket, I haven't seen an > example of that online. What would I have to do to achieve this? > Do I need to make some changes to guacd code, or is there some > configuration magic that I don't know of? > > Kind regards, > Dejan > ------------------------------ > *From:* Nick Couchman <[email protected]> > *Sent:* 01 December 2022 19:32 > *To:* [email protected] <[email protected]> > *Subject:* Re: Shared connection input passthrough > > On Thu, Dec 1, 2022 at 4:52 AM Dejan Milovanovic > <[email protected]> wrote: > > > > Hi all, > > > > I'm using guacamole to provide users with access to remote windows > machines, and I'm trying to analyse user's actions on these machines in > real-time. > > > > What I tried to do is generate shared connection and listen for > guacamole protocol messages on that shared connection. This works great, > but the issue I have with this approach is that keyboard and mouse actions > are not transmitted on the shared connection socket. > > > > Is there a way to have these missing messages in the shared connection ? > > Or is there another way of observing users tunnel without disturbing > their RDP session? > > No, I do not think what you're asking to do is going to work, because > the input from a share connection is not sent to all of the users, nor > is there any particular way to enable that at the moment. The > non-owner participants in a connection are usually only going to get > the image data that is sent from guacd back to any joined connections. > > It is likely possible to implement what you're asking for - it's > essentially what enabling recording does, which just writes the guac > protocol data to a file. Have you considered trying to record to a > file (or, perhaps, a socket) and then pointing your analysis tool at > that, instead? Beyond that, you'd probably need some code changes to > guacd to do what you're wanting to do. > > -Nick > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
