-
Notifications
You must be signed in to change notification settings - Fork 1
Clients
jdeananderson edited this page Nov 18, 2020
·
5 revisions
A cabs client, is Python code that runs on an end-user's computer that queries the broker for an available machine. The cabs client allows a user to choose what kind of machine to connect to from a list of pools. Once a pool is chosen, the broker returns the name of an available agent machine from that pool. The cabs client then will launch the appropriate protocol specific client, to connect to the machine specified by the broker.
- The cabs client authenticates to the cabs broker
- The broker uses LDAP to see what groups a user is a member of, queries the database to see what pools that user may access based on their group memberships
- The cabs client then receives a list of pools that they may choose from
- The user chooses a pool
- The broker looks to see if that user already has an established connection on a machine in that pool
- If the user already has an established session on a machine in that pool, they are reconnected to that machine
- If the user does not already have an established connection, a random machine is chosen from the selected pool
- The broker reserves this machine for this user for a number of minutes to allow the user time to log in
- If the user does not log in within the specified number of minutes, the reservation is lost
- Agents check on each machine often to see if a user is logged in. The type of login (local terminal, ssh, RDP, RGS, etc) does not matter. If a user is detected on a machine, that machine is not available for new connections.
- If a user asks for a machine in a pool, receives a reservation, and reconnects to the broker again within a couple of minutes and asks for a machine in that same pool, it is assigned a new machine. This is to prevent users being connected to broken machines repeatedly.
- If the protocol specific client allows a username and/or password to be passed to it, then the cabs client will pass this information to the protocol client to save the end user from typing their username and/or password multiple times.