[
https://issues.apache.org/jira/browse/GUACAMOLE-1871?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17778723#comment-17778723
]
Mike Jumper commented on GUACAMOLE-1871:
----------------------------------------
The only case where what you describe will work as expected is if you set the
{{"username"}} property of the JSON to {{""}} - the value used for anonymous
sessions. In all other cases, you are already authenticated from the first JSON
and your session is still active with the original data that created that
session, yes.
> Multiple connections from the same browser not possible with JSON
> authentication
> --------------------------------------------------------------------------------
>
> Key: GUACAMOLE-1871
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1871
> Project: Guacamole
> Issue Type: Bug
> Components: guacamole-auth-json
> Affects Versions: 1.4.0, 1.5.2
> Reporter: phreakocious
> Priority: Minor
>
> When only JSON authentication is in use, it is not possible to have multiple
> connections open from the same browser.
> * a connection has been established already using {{?data=connection1_json}}
> * a subsequent request for {{?data=connection2_json}} is submitted
> * the json is not decrypted or validated
> * the user is redirected to {{{}/client/...?data=connection2_json{}}}, but
> the json is ignored and a second connection is made to {{connection1}}
> It appears that the original session is cached in some way. Adding something
> to the JSON body or a URL parameter to control this unintuitive behavior
> would be very helpful.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
