Is Guacamole RESTAPI AuthToken stored in memory ?

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Is Guacamole RESTAPI AuthToken stored in memory ?

faris backer
Hi,
We have deployed guacamole container under ECS fargate with loadbalancer in
front of it.

While invoking RESTApi we are getting authentication(403) failure. AuthToken
was generated successfully, But further request with authtoken failed wih
403 error. By deep diving we understood that its because
both request was going to different container. Authtoken generated was only
valid for container in which it was invoked.

Is Authtoken saved in memory ? Can authoken be used for both container ?

Workaround as of now, I am planning is to use cookies with request and
enable stickiness in loadbalancer.

Thanks,
- Faris



--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Is Guacamole RESTAPI AuthToken stored in memory ?

vnick
On Fri, Jul 10, 2020 at 6:26 AM faris backer <[hidden email]> wrote:
Hi,
We have deployed guacamole container under ECS fargate with loadbalancer in
front of it.

While invoking RESTApi we are getting authentication(403) failure. AuthToken
was generated successfully, But further request with authtoken failed wih
403 error. By deep diving we understood that its because
both request was going to different container. Authtoken generated was only
valid for container in which it was invoked.

Is Authtoken saved in memory ? Can authoken be used for both container ?


Yes, the auth token is currently only stored in-memory.  There have been discussions about finding other ways to store both auth tokens and connection information, but no significant progress.  See:

 
Workaround as of now, I am planning is to use cookies with request and
enable stickiness in loadbalancer.


That seems like a reasonable approach.

-Nick