Hi, I never set up saml on guacamole, but what looks “suspicious” to me is your callback url... port 8080 is usually not https (unless you explicitly set it up like that.)
> On 9. Aug 2020, at 04:47, Daniel Storey <[email protected]> > wrote: > > > Hi Everyone, > > I’m struggling to get SAML authentication working for Guacamole 1.2 with > onelogin.com. I’ve created the following guacamole.properties file: > > # GuacD properties > guacd-hostname: localhost > guacd-port: 4822 > user-mapping: /etc/guacamole/user-mapping.xml > # MySQL properties > mysql-hostname: localhost > mysql-port: 3306 > mysql-database: guacamole_db > mysql-username: guacamole_user > mysql-password: pWAR53fht786!@# > # SAML Properties > saml-idp-url: https://<domain>.onelogin.com/ > saml-entity-id: > https://app.onelogin.com/saml/metadata/7c0aafc5-cb37-478b-b1d0-9efee78ac59c > saml-callback-url: https://<servername>.rededucation.com:8080/guacamole/ > saml-idp-metadata-url: /home/dan/guacamole.xml > saml-debug: True > saml-strict: False > > I’m following the blog at > https://cloudfish.hatenablog.com/entry/2020/07/15/212107 which has been > translated by Chrome into English, but I’ve modified the suggestions of the > values to insert into guacamole.properties into lowercase and using hyphens > rather than underscores. > > I’m trying to get trace logging working in Guacamole to be able to determine > what’s happening, but I can’t seem to get any traces in > /var/log/tomcat9/catalina.out or /var/log/syslog. > > What I’m currently seeing in the log is: > > [2020-08-09 01:23:49] [info] 01:23:49.848 [http-nio-8080-exec-5] DEBUG > o.a.g.r.auth.AuthenticationService - Anonymous authentication attempt from > <IP ADDRESS OF CONNECTING MACHINE> failed. > > I’m not sure what to do to fix this. Any suggestions are welcome. > > Cheers, > > Daniel Storey > Red Education > >
