On 2019/02/25 18:54:44, Nick Couchman <[email protected]> wrote:
> >
> > Thanks for your answer. You were right it is not a POST request but a GET
> > request that is coming from keycloak redirect, and it is bundled with the
> > token that contains the necessary informations.
> >
> > After seeing some Guacamole logs i am verifying that guacamole cant read
> > the token that i am sending to it. I am using
> > guacamole-auth-openid-1.0.0.jar module for the Open Id adaptation.
> >
> > There are a few things that i tried like changing the preferred_username
> > keycloak attribute to email using mappers in order to give the credentials
> > to guacamole as it is asked but still i think GUacame cant read the token
> > that i am sending.
> >
> > Also another problem that i have is that i cant monitor the logs from the
> > open id module in GUACAMOLE .
> >
> > I would really appreciate any suggestions for this issue. All threads that
> > were found in the internet are ending in the same place that i am with this
> > implementation.
> >
> >
> A couple of things I can think of:
> - Might try setting DEBUG logging for Guacamole client and see if anything
> else useful is logged:
> http://guacamole.apache.org/doc/gug/configuring-guacamole.html#webapp-logging
> - The OpenID module only supports the Implicit Flow, and not the
> Authentication (Basic) Flow. If Keycloak does not implement or accept the
> Implicit Flow, but expects Authentication Flow, you may be hitting an issue
> with that.
>
> -Nick
>
Hi Nick thanks for your feedpack, I have already enabled implicit flow. I am
trying to use logs in order to loate the actual problem . I am using centos7
for both guacamole and keycloak. Even though i have edited logback.xml and set
it to trace accord to
https://guacamole.apache.org/doc/gug/configuring-guacamole.html , i cant get
back any trace in centos 7 in /var/log/messages or in catalina.out.
Do you have any experience with logging on guacamole ??Any tip is appreciated.
Thanks in advance
Konstantinos
