On Sat, Apr 29, 2023 at 9:38 PM Gabriel Huerta Araujo
<[email protected]> wrote:
>
> Nick
>
> > If you're asking what would have to change in order to share active 
> > connection information between two systems, that's a fairly complex task. 
> > Currently the JDBC module is the only module that implements
> > active connection tracking, and it would need to be modified such that it 
> > would synchronize information with another system/module. This would likely 
> > require some modeling of the active connections, too,
> > similar to what is done with the rest of the information in the JDBC 
> > module, since you don't actually want to synchronize the entire connection, 
> > just the record of the connection, between the two systems.
> > There's no doubt in my mind that it's doable, but I wouldn't consider it a 
> > simple task.
>
> My question is related to when a user enters into Guacamole web application 
> in a computer and they should not enter with their same account into another 
> computer. I would try to change Guacamole application, question here is where 
> I would do it? That is why I meant there are two places to do the changes: 
> When user log in (to record log in access and ask the next time when same 
> user access) and when user log out (delete record access to make it 
> accesible).  Is there a way to make it, using Open-Close principle (close to 
> change, open to extension).

Ah, I got confused between this question and your other questions
related to HA. Yes, it should be possible, and probably not too
difficult, to either restrict a user to a single session, or to
restrict a user to only log in from a single source IP address. You'd
just need to check these conditions during login - if sessions are
present for other users, and/or what IP address the session is coming
from and if other sessions already exist - and then throw an exception
if one of these conditions if violated.

-Nick

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to