[
https://issues.apache.org/jira/browse/GUACAMOLE-808?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16900538#comment-16900538
]
Kazuhiko Tanaka commented on GUACAMOLE-808:
-------------------------------------------
I have a problem related to this case.
There are guacamoles on the internal network and a reverse proxy for publishing
to external networks. Guacamole and reverse proxy are published with different
FQDNs (for example, aaa.local for internal and bbb.local for external).
However, since openid-redirect-uri is a fixed value, everything is redirected
to the internal FQDN. I think it would be desirable to be redirected to the
requesting URI.
> Support redirecting to originally requested URL after successful OpenID login
> -----------------------------------------------------------------------------
>
> Key: GUACAMOLE-808
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-808
> Project: Guacamole
> Issue Type: Improvement
> Components: guacamole, guacamole-auth-openid
> Affects Versions: 1.0.0
> Reporter: Parth Mishra
> Priority: Minor
>
> Upon successful authentication via OIDC, the user is returned to the redirect
> URI (e.g. {{https://myserver.com/guacamole/}}) even if they were requesting
> another Guacamole resource such as a Connection link. It would be nice if the
> user could be routed to the requested resource after successful
> authentication.
> This way, if they were to click a direct link to a guacamole Connection they
> have access too, the successful authentication via the IDP can reroute them
> directly to the requested connection URL rather than the guacamole UI.
> Typically this is done with encoding the request URL with the "state"
> parameter of OIDC and verifying with the nonce.
> This feature could be really useful for relying on custom frontends without
> having to modify or reimplement the web app.
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
