> > Thanks for your answer. You were right it is not a POST request but a GET > request that is coming from keycloak redirect, and it is bundled with the > token that contains the necessary informations. > > After seeing some Guacamole logs i am verifying that guacamole cant read > the token that i am sending to it. I am using > guacamole-auth-openid-1.0.0.jar module for the Open Id adaptation. > > There are a few things that i tried like changing the preferred_username > keycloak attribute to email using mappers in order to give the credentials > to guacamole as it is asked but still i think GUacame cant read the token > that i am sending. > > Also another problem that i have is that i cant monitor the logs from the > open id module in GUACAMOLE . > > I would really appreciate any suggestions for this issue. All threads that > were found in the internet are ending in the same place that i am with this > implementation. > > A couple of things I can think of: - Might try setting DEBUG logging for Guacamole client and see if anything else useful is logged: http://guacamole.apache.org/doc/gug/configuring-guacamole.html#webapp-logging - The OpenID module only supports the Implicit Flow, and not the Authentication (Basic) Flow. If Keycloak does not implement or accept the Implicit Flow, but expects Authentication Flow, you may be hitting an issue with that.
-Nick
