On 10/13/2023 12:10 PM, Oliver, Dario N wrote:
Hi,
I am using Guacamole with Docker and enabled the SAML extension for
authentication.
When I am in a proxied network, I can’t make the SAML extension to fetch
the SAML_IDP_METADATA file that is externally hosted.
I tried setting JAVA_OPTS and CATALINA_OPTS with the proxy configuration
but looks like they have no effect in the extension.
I made it work by downloading the metadata file and providing that to
the guacamole container with a volume mount, which worked fine.
But I am wondering if I am not setting the proxy parameters properly, or
if the SAML extension is ignoring JAVA_OPTS (or CATALINA_OPTS but I
think this one doesn’t apply here)
For reference, this is how I am running the container with docker compose:
...
- JAVA_OPTS=” -Dhttp.proxyHost=10.0.0.100 -Dhttp.proxyPort=8800”
...
Any hints on what might be wrong with my setup?
I'm not sure whether the JVM parameters for proxy usage will affect the
outbound HTTP connections created by the SAML library, but if they do I
suspect you'll need to use CATALINA_OPTS. This would also allow you to
see whether your options are being received as expected, as Tomcat will
log the value of CATALINA_OPTS during startup.
Is this a verbatim copy of the configuration you're using? If so, the
quotes around your "JAVA_OPTS" value are not double quotes, but the
Unicode character U+201D ("Right Double Quotation Mark"). I don't think
those will be interpreted in the same way as a double quote by YAML.
- Mike
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
