You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by Remco Klappe || Tetra <re...@tetra.nl> on 2016/10/13 15:14:05 UTC
Logout from Guacamole
Hi everyone,
Maybe a stupid question, but how can i invalidate a Guacamole session from another application? In version 0.8.3 is used to call the logout-url, but this doesn't work anymore.
Thanks in advance!
Remco
Re: Logout from Guacamole
Posted by Remco Klappe || Tetra <re...@tetra.nl>.
Thanks Mike! I'll have a look at this.
Regards,
Remco
----- Oorspronkelijk bericht -----
Van: "Mike Jumper" <mi...@guac-dev.org>
Aan: user@guacamole.incubator.apache.org
Verzonden: Dinsdag 18 oktober 2016 00:48:26
Onderwerp: Re: Logout from Guacamole
On Thu, Oct 13, 2016 at 8:14 AM, Remco Klappe || Tetra < remco@tetra.nl > wrote:
Hi everyone,
Maybe a stupid question, but how can i invalidate a Guacamole session from another application? In version 0.8.3 is used to call the logout-url, but this doesn't work anymore.
Hi Remco,
Just send a DELETE request to the ".../api/tokens/AUTH_TOKEN_OF_SESSION" endpoint beneath wherever Guacamole is deployed. For example, if the auth token of the session is "7130237FBAAA8D4518A899DEB579AB0E798B566D1F8A06DB9345D778CE2D2782", and your Guacamole instance is deployed to " https://example.com/guacamole/ ", then you would issue an HTTP DELETE to " https://example.com/guacamole/api/tokens/7130237FBAAA8D4518A899DEB579AB0E798B566D1F8A06DB9345D778CE2D2782 ".
This is actually what the web interface does internally when a user clicks logout:
https://github.com/apache/incubator-guacamole-client/blob/02a03c83f0770e4bb6a737eb8ccf1ba72b1486de/guacamole/src/main/webapp/app/auth/service/authenticationService.js#L318-L322
You can see this happen yourself if you log in to Guacamole, open up your browser's dev tools, go to the "network" tab, and look at the request sent when you click "Logout".
- Mike
Re: Logout from Guacamole
Posted by Mike Jumper <mi...@guac-dev.org>.
On Thu, Oct 13, 2016 at 8:14 AM, Remco Klappe || Tetra <re...@tetra.nl>
wrote:
> Hi everyone,
>
> Maybe a stupid question, but how can i invalidate a Guacamole session from
> another application? In version 0.8.3 is used to call the logout-url, but
> this doesn't work anymore.
>
>
Hi Remco,
Just send a DELETE request to the ".../api/tokens/AUTH_TOKEN_OF_SESSION"
endpoint beneath wherever Guacamole is deployed. For example, if the auth
token of the session is
"7130237FBAAA8D4518A899DEB579AB0E798B566D1F8A06DB9345D778CE2D2782", and
your Guacamole instance is deployed to "https://example.com/guacamole/",
then you would issue an HTTP DELETE to "
https://example.com/guacamole/api/tokens/7130237FBAAA8D4518A899DEB579AB0E798B566D1F8A06DB9345D778CE2D2782
".
This is actually what the web interface does internally when a user clicks
logout:
https://github.com/apache/incubator-guacamole-client/blob/02a03c83f0770e4bb6a737eb8ccf1ba72b1486de/guacamole/src/main/webapp/app/auth/service/authenticationService.js#L318-L322
You can see this happen yourself if you log in to Guacamole, open up your
browser's dev tools, go to the "network" tab, and look at the request sent
when you click "Logout".
- Mike