[
https://issues.apache.org/jira/browse/GUACAMOLE-808?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18091326#comment-18091326
]
Nick Couchman commented on GUACAMOLE-808:
-----------------------------------------
Yeah, I don't think that the event classes are the right place to do it.
I think it should probably be implemented in the SSO base provider, from which
the other SSO implementations derive much of their settings. It might even make
sense to move the SAML session manager classes([1]) up to the base provider, so
that all of the SSO providers can make use of the session management framework
that SAML currently leverages, and either implement it, there, or, at the very
least, put the groundwork into those classes and then implement as required at
each provider?
[1]https://github.com/apache/guacamole-client/tree/main/extensions/guacamole-auth-sso/modules/guacamole-auth-sso-saml/src/main/java/org/apache/guacamole/auth/saml/acs
> Support redirecting to originally requested URL after successful SSO login
> --------------------------------------------------------------------------
>
> Key: GUACAMOLE-808
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-808
> Project: Guacamole
> Issue Type: Improvement
> Components: guacamole, guacamole-auth-sso-cas,
> guacamole-auth-sso-openid, guacamole-auth-sso-saml
> Reporter: Parth Mishra
> Priority: Minor
>
> Upon successful authentication via OIDC, the user is returned to the redirect
> URI (e.g. {{https://myserver.com/guacamole/}}) even if they were requesting
> another Guacamole resource such as a Connection link. It would be nice if the
> user could be routed to the requested resource after successful
> authentication.
> This way, if they were to click a direct link to a guacamole Connection they
> have access too, the successful authentication via the IDP can reroute them
> directly to the requested connection URL rather than the guacamole UI.
> Typically this is done with encoding the request URL with the "state"
> parameter of OIDC and verifying with the nonce.
> This feature could be really useful for relying on custom frontends without
> having to modify or reimplement the web app.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)