Guacamole currently provides multiple storage mechanisms for connection data, but generally relies on the security of the server(s) hosting those mechanisms to guard sensitive data. The same goes for the contents of guacamole.properties. With the widespread availability of vault services providing secure storage and retrieval of sensitive data, it would be useful if Guacamole could dynamically retrieve sensitive data from these vaults, including:
- Sensitive connection data that may otherwise be stored directly in a database.
- Sensitive configuration information that may otherwise need to be stored directly in guacamole.properties.