Burping the whole session, I found some infos. It seems Guacamole considers
invalid credentials:
{"message":"Invalid login.","translatableMessage":{"key":"Invalid
login.","variables":null},"statusCode":null,"expected":[{"name":"id_token","type":"GUAC_OPENID_TOKEN","authorizationURI":"https://auth/oxauth/restv1/authorize?scope=openid+email+profile&response_type=id_token&client_id=%40%213CBA.9C61.872A.9B54%210001%218204.1C64%210008%215F53.D604.4734.13E8&redirect_uri=https%3A%2F%2Fguacamole.security.equant.com%2Fguacamole%2F&nonce=buo73qjm36bac5uobsvjra2tjo"}],"type":"INVALID_CREDENTIALS"}
entering infinite loop with OIDC server (Gluu).I wonder where Guacamole gets the user attribute to make the link between OIDC username & Guacamole username. Also wondering about the password. To reduce risk from differences, the user (test) has password "test" in both OIDC & MySQL local database. Also my guacamole properties has MySQL details (to manage user profile) but no mysql auth jdbc. I noticed I could have both OIDC+MySQL jar files, OIDC loading first with a rename if needed. did not tested that yet. -- Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
