Hello Mike, thanks for the pointer to Connectable interface. However I also don´t want to re-implement a lot that is already working, and connections work. And in fact I did that experiment with abusing a property getter and it works – quick and dirty. After doing that my biggest issue is, that I cannot detect disconnects of specific connections which lets me really consider better approaches. (I would probably not suspend immediately on tunnel close on the server part but give a grace period for reconnections).
Now I am wondering whether Connectable is the right pointer or whether http://guacamole.apache.org/doc/guacamole-ext/org/apache/guacamole/net/event/listener/Listener.html (listening for http://guacamole.apache.org/doc/guacamole-ext/org/apache/guacamole/net/event/TunnelEvent.html) would be a better alternative. There is a getTunnel() method, but class org.apache.guacamole.net.GuacamoleTunnel is not in the Javadocs, and in fact I would need the configuration or at least the connection name. I assume the same extension can implement authentication and listener? Thanks & Best Regards, Joachim Von: Mike Jumper [mailto:mike.jum...@guac-dev.org] Gesendet: Sonntag, 4. März 2018 21:30 An: user@guacamole.apache.org Betreff: Re: Authentication mechanism.. Was: New user questions... On Sun, Mar 4, 2018 at 12:18 AM, Joachim Lindenberg <joac...@lindenberg.one <mailto:joac...@lindenberg.one> > wrote: Hi Nick, you remember correct. It is an attempt to conserve resources (CPU and memory) on the Hyper-V host. I am suspending/saving VMs regularly if there are no terminal sessions (I am monitoring port 2179 of the host), and obviously this is based on assumptions how the VMs are used (mainly interactively). Actually my authentication mechanism already returns the state of a VM and I could save it. If only there was a defined API call when a user selects a connection in which I can check state and trigger a change (just another service call). There is no need for an additional service call. Rather than adding side effects to getters, you should instead look into the "connect()" function provided by the Connectable interface, inherited by both Connection and ConnectionGroup: http://guacamole.apache.org/doc/guacamole-ext/org/apache/guacamole/net/auth/Connectable.html#connect-org.apache.guacamole.protocol.GuacamoleClientInformation- This is the function which actually provides the semantics you're looking for. It is invoked in an imperative manner to fulfill a request to establish a connection and is the sole means of doing so. Based on observations, guacamole only obtains properties if a user selected a connection, but that is not an observation I would like to rely on long term. My proposal would be to have another method in the authentication interface or simpleauthentication super class (as I am only implementing that, but in fact it could be another interface implemented in the same extension) that gets called with the selected configuration and the credentials used. You will likely need to move away from using the Simple* classes, which intentionally mask much of the complexity available within the Guacamole extension API, and instead implement AuthenticationProvider, UserContext, etc. as necessary to achieve what you're looking for. The SimpleAuthenticationProvider class provides a simple means of adding custom auth, but it is inherently limited. For more complex use cases, you will need to branch out and look deeper. - Mike
