On Thursday, December 22, 2016 9:55 AM, "[email protected]" <[email protected]> wrote: > > >On Wednesday, December 21, 2016 5:55 PM, Mike Jumper ><[email protected]> wrote: > > >> >> >>On Wed, Dec 21, 2016 at 12:12 PM, <[email protected]> wrote: >>> And, yet another update on this. The URL/URI that is being processed in the >>> authenticateUser function, passed through via the credentials argument, is >>> for the /api/tokens location. Furthermore, I'm proxying Tomcat behind >>> Apache HTTPD, so the full URL shows up as: >>> http://localhost:8080/guacamole/api/tokens >>> and the URI as: >>> /guacamole/api/tokens >>> >>> This explains why the method is always showing up as POST and why the ticket >>> parameter cannot be found. Any ideas where I should go next in tweaking >>> this? Basically when authenticating to CAS you pass a service= parameter in >>> the URL that tells CAS what page to call after authentication succeeds. I >>> currently have that set to /guacamole, so CAS authenticates, then calls >>> /guacamole?ticket=<TICKET NUMBER> - but that's not what is picked up by this >>> function. >>> >> >>Guacamole will automatically grab parameters from the URL (via >>JavaScript) and forward them along with the POST to .../api/tokens, >>but Angular (and thus Guacamole) will only see those parameters if >>they are after the "/#/" that Angular uses for its own URLs. Somehow >>the URL format needs to get reformatted to: >> > >>.../guacamole/#/?ticket=<TICKET NUMBER> > >Aha. This must be what is going on. When I look at the URL that is >continuously reloading, I see the following; >https://web.example.com/guacamole/?ticket=ST-199-DURW3q3FEbv9oSllXp2w-web.example.com#/ > > >Looking further at the code, it looks like Angular's routeProvider object only >looks at route parameters, not HTTP GET parameters. So, because CAS is >redirecting back to /guacamole/?ticket= rather than /guacamole/ticket=, the >routeProvider.when() method doesn't get called. Also, it looks like the ? in >routeProvider has special meaning (optional parameters) and doesn't get >interpreted as ?ticket=. Based on some reading, it sounds like the way to go >is to look at the routeParams object, which is an array of all of the >parameters, including the HTTP GET ones, and look for the ticket parameter >there and then do something with it. Unfortunately this means rewriting the >module a little more than anticipated because I can't use the >routeProvider.when() method, so I'll have some trial-and-error today while I >figure out the best way to do this. >Thanks for the hint! > >-Nick >
Well, this turned into quite the adventure today, mainly because of URL anchoring and Angular's unwillingness to cope with anything in front of the hash tag in the URL. I ended up ditching the routeProvider code altogether and just using some plain javascript to deal with this. I'm sure this is incredibly poor form, and if someone wants to tell me how I can improve it, I'm open to suggestions. The code is below. Unfortunately after fixing this (and it does work, authenticates through CAS SSO, and username gets set to the correct value from CAS) I'm running into another issue. When I try to go to Settings (to, you know, configure a connection), I get a spinning gear, and the javascript console is showing the following error: GET https://web.example.com/guacamole/api/session/data/cas/self/permissions?token=DB8D7B8CD1F713AE2EE49CAC00550C080DA1D88E999E1F19026B4DE2BFC12F4A 404 () So, after authenticating through the CAS module it looks like it's expecting to find an API call for that module that perhaps the module isn't correctly configured to supply? I'm trying to "stack" the CAS module on top of the JDBC module the way the LDAP module does since permissions and connections will never actually be stored in or delivered via CAS SSO. -Nick == JS Code for URL == /** * Config block which augments the existing routing, providing special handling * for the "ticket=" fragments provided by OpenID Connect. */ angular.module('index').config(['$routeProvider', function indexRouteConfig($routeProvider) { console.log("In route configuration."); var curPath = window.location.href; var ticketPos = curPath.indexOf("?ticket=") + 8; var hashPos = curPath.indexOf("#/"); if(ticketPos > 0 && ticketPos < hashPos) { var ticket = curPath.substring(ticketPos, hashPos); console.log("Found ticket: " + ticket); var newPath = curPath.substring(0,ticketPos - 8) + '#/?ticket=' + ticket; console.log(newPath); window.location=newPath; } console.log("Route configuration complete."); }]);
