Trevor Kuhlengel created GUACAMOLE-2138:
-------------------------------------------
Summary: Add an optional maximum connection timeout
Key: GUACAMOLE-2138
URL: https://issues.apache.org/jira/browse/GUACAMOLE-2138
Project: Guacamole
Issue Type: Improvement
Components: guacamole
Affects Versions: 1.6.0
Environment: Any
Reporter: Trevor Kuhlengel
In my company's business use case for Guacamole, for security and auditing
purposes, we need to be able to ensure that any idle user is disconnected and
logged off within a set period of time of idleness.
In an *ideal* version of this, we would do the following.
# Check if user has interacted with connection in last X minutes, or if an
active SFTP transfer is happening on the connection.
# If not, terminate the user connection after X minutes of inactivity.
# If they remain idle, Guacamole idle timer will log them out after the
pre-configured login idle timout.
This requires a lot of conditionals and would be more difficult to implement
and maintain in an on-going project like Guacamole.
A {*}more practical{*}, yet sufficient, version is:
# Admin sets a maximum duration of ANY connection, given in minutes.
# Any connection that exceeds that duration, regardless of activity, is
terminated, while the user remains logged in. They are free to reconnect if
the user is still active.
# The login idle timeout starts when the connection ends.
This second option would meet our business need, and we would like to share it
with others.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
