HI Walid, On Do 01 Jun 2017 10:46:55 CEST, Walid MOGHRABI wrote: > I'll take your requests into account but just to clarify : > > >> 1. Please split up the RDP broker creds as session creds from the >> --close-disconnect change. > > This little fix is related to this support since, in that particular > case which is broker mode + RDP session + --close-disconnect > activated, you couldn't have a one time authentication (at broker > auth). > For that "one time auth" to work, I need a way to pass broker > credentials to the session and to close the client at the end of the > session in order to force a re-auth at broker login. > Without the --close-disconnect fix, I can pass my credentials to the > RDP session but when finishing the session, I'm still on the broker > page with my session list and I don't re-auth which is what I wanted. > I can easily split these patches since they are quite clearly > separated but I thought they were related to the same need that's > why I kept them together. Please split off the change for --close-disconnect into a separate commit. >> 2. Please let the cmdline option start with --broker-... >> >> --broker-use-creds-for-session > > ok > >> 3. Don't limit this functionality to RDP sessions only. It is >> useful for all sorts of session >> types (X2Go, DirectRDP, DirectXDMCP if already in (there were >> rumours about such a new feature)). > > Well, I'm not aware of XDMCP and have nothing under my hand to test it. > This patch affect RDP sessions only in fact because X2Go sessions > have heir own way to pass credentials from broker to x2go server > with the intermediate key auth so using this method for this kind of > session is purely useless. > On the other hand, RDP sessions have no such key authentication > available so it is necessary to pass credentials as plaintext to > xfreerdp/rdesktop because in the case of the broker mode only, when > clicking on the session profile, the client is waiting for the > credentials but you are not prompted for them so the client stay > stuck in an unusable situation. > So really, this is a "broker + RDP only" method that's why I > precised this was for RDP only in order not to confuse users who > might think this could be used for any type of connection. > > I'll modify the cmdline option name and wait for your comments on my > precisions. > IMHO, the --broker-use-creds-for-session could be a nice and cheap alternative to setting up x2gobroker-agent based authentication. So, it would be nice to have it working for X2Go and RDP sessions. Thanks, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby mobile: +49 (1520) 1976 148 landline: +49 (4354) 8390 139 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de