On Sat, Apr 9, 2022 at 2:50 AM Vieri <[email protected]> wrote:
> ... > >> The 1.4.0 release tightened SAML request validation. > >> > >> Rather than leverage your reverse proxy to rewrite the path from > "/guacamole" to "/", I would recommend just reploying the webapp at the > desired path to begin with, and > >>reconfiguring your reverse proxy accordingly. The webapp can be deployed > directly at "/" by renaming the .war file to "ROOT.war". > > So with that in mind, one cannot have more than one backend on the reverse > proxy? > Sure you can. You just need to make sure that the webapp's .war file matches the path that you've specified when you registered the webapp with your SAML IdP. If the path that the webapp is served at by Tomcat doesn't match the publicly-visible path, then SAML validation will fail. - Mike
