Hi All, I tried testing saml-auth developed in https://github.com/ necouchman/guacamole-client/tree/723b15dcae4ea72593d9c5adc0be37 ab1b010047/extensions/guacamole-auth-saml.
The authentication module is behaving strangely and I'm not sure if I have improper configuration. When I visit my guacamole page, I'm redirected to IDP and the authentication process proceeds as expected. But once the authentication is complete, I'm redirected to the default guacamole login page instead of being redirected to the connections page. On going through the tomcat log files the following was present. *Extension "guacamole-auth-saml-0.9.14.jar" could not be loaded: Authentication provider class cannot be loaded (wrong version of API?)* I'm running 0.9.14, so it's not an issue with API version. (The guac_manifest for saml is also 0.9.14). Moreover, if the extension was not loaded, how was I redirected to the IDP? My guacamole.properties files is as follows. guacd-hostname: localhost guacd-port: 4822 mysql-hostname: sql_container mysql-port: 3306 mysql-database: guacamole_db mysql-username: XXXXXXXXXX mysql-password: XXXXXXXXXXXXXXXXXXX saml-idp-metadata: https://XXXXXXXXXXX/shibboleth-idp/shibboleth saml-idp-url: https://XXXXXXXXXX/shibboleth-idp/shibboleth saml-entity-id: https://XXXXXXXXXXXXX/shibboleth saml-callback-url: https://XXXXXXX/guacamole/ saml-logout-url: https://XXXXXXXXXX/logout Regards, Kaushik Srinivasan On Sat, Mar 24, 2018 at 12:33 AM, Mike Jumper <[email protected]> wrote: > On Fri, Mar 23, 2018 at 8:26 PM, Kaushik Srinivasan <[email protected]> > wrote: > > > Hi Mike, > > > > Thanks a lot. HTTP header authentication would better suit our needs. > > > > > OK. > > We are trying to move away from Guacamole authentication modules as we want > > to get SAML working asap and apache can be "easily" configured for that > > instead of waiting for the module development ... > > > Understood, but you might also consider leveraging your need to help this > community with theirs. There's an outstanding pull request for the SAML > module which is in need of code review and testing. If you have a SAML > service already deployed and working on your end, you may be able to help > by testing the new module and providing feedback. > > https://github.com/apache/guacamole-client/pull/254 > > ... by your team. > > > > Apache Guacamole is developed by a community, not by any individual's team. > > - Mike > -- Regards, Kaushik Srinivasan
