>
>
>> So, I think the approach you need to take is that, within the SAML
>> extension itself, you need to create a REST endpoint that consumes handles
>> a POST call to it, processes the data from the POST, and then translates
>> that to the correct call to /guacamole/api/tokens to tell Guacamole that
>> the login has succeeded. You can have a look at the other REST source code
>> to see code that creates these types of services:
>>
>> https://github.com/apache/incubator-guacamole-client/tree/
>> master/guacamole/src/main/java/org/apache/guacamole/rest
>>
>> I've not actually implemented an extension-specific REST endpoint myself,
>> so I can't provide very detailed instructions, but it is possible - Mike
>> can probably provide further guidance, if needed.
>>
>
>
Here's a quick-and-dirty example of an extension-specific REST endpoint. I
just did a quick modification to the JDBC base module.
- First, I created a new class inside the extension code. I created a new
directory called "rest" and a file called TestRESTModule.java:
---TestRESTModule.java---
package org.apache.guacamole.auth.jdbc.rest;
import com.google.inject.Inject;
import java.util.List;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.GuacamoleResourceNotFoundException;
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
public class TestRESTModule {
private final String hello = "Hello, world.";
@GET
@Path("hello")
public String getHello() {
return hello;
}
}
---End TestRESTModule.java---
- Next, in the Authentication Provider part of the module (for JDBC it's in
the InjectedAuthenticationProvider.java file), locate the getResource()
method and have it return this class (don't forget to import it):
@Override
public Object getResource() throws GuacamoleException {
return new TestRESTModule();
}
- Finally, log in to Guacamole, then pull up a tab with the URL (I'm using
the PostgreSQL JDBC module):
http://guacamole.example.com/guacamole/api/ext/postgresql/hello?token=<YOUR
LOGIN TOKEN>
And you should see "Hello, world."
Obviously this isn't very useful, but should give you an idea of one way to
go about this. Whatever class you return in getResource() can have the
necessary methods to process the SAML POST, read in the body of the POST,
and then accomplish whatever needs to be done to cause the login to succeed
and reload the page.
Hope this is of some use, or you've already figured it out! :-)
-Nick
