On Sun, Jan 3, 2021 at 2:38 PM Владислав Львов <[email protected]> wrote:
> > Hello! > I need help with OpenID > My project: > > I need to provide users with access to remote desktops (RDP) via browser. > But I want to use standalone server like Gluu (the one that we are > currently using) or even better - Keycloak, so we won't have to use > Guacamole for authorization. I tested both of them, the result looks quite > the same. > ... > Now setup is over. I open browser and try to go to https://guac.homelab > I enter login and password and get into the loop as it's shown in the > videos: > https://youtu.be/OjwhCB9pjQw > https://youtu.be/1dbNnVKp6PA > > It's possible you're running into this issue: https://issues.apache.org/jira/browse/GUACAMOLE-560 Certain OpenID providers require the "state" parameter, even though the specification for that flow doesn't explicitly call it out. > Guacamole logs are attached below or available here: > https://dropmefiles.com/d2D95 > > Can you tell me what am I doing wrong? > My colleagues suggest that the problem could be in the character #, which > is used by Guacamole. Could it be the reason of the issue? > No, I don't think the "#" in the URL is causing an issue - I believe it's likely the lack of the state parameter. -Nick
