I've spend a little time looking into the code, it seems like the password
may be stored in a StandardTokens object. Is that correct?
Could this be as simple as writing a Authentication extension that set
GUAC_PASSWORD to be null after the user has been logged in for XX minutes?
Or is something that would be much more complicated?
On Tue, Sep 20, 2016 at 8:21 PM, Peter Burdine <pburd...@gmail.com> wrote:
> We are currently using guacamole, and it is great!
>
> For our environment, we use LDAP authentication to authenticate against
> AD, which is great. However, we have some requirements where if the RDP
> session has been disconnected due to error or session timeout, the user
> should have to reauthenticate to get back into the RDP session. Since we
> are currently passing ${GUAC_USERNAME} and ${GUAC_PASSWORD}, it allows the
> user to reconnect without authenticating, even hours later.
>
> Are there any options to have the system "forget" the credentials after a
> certain time period or being used? We would really like to keep the only
> having to login once (at least of the first RDP connection attempt),
> especially since most of our users only have one connection setup so they
> login and sent right to the desktop, but if their session times out, they
> should be asked for credentials again.
>
> Thanks,
> Peter
>
