guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Jumper <mike.jum...@guac-dev.org>
Subject Re: guacamole-auth-cas-0.9.13 Session not handled correctly after login
Date Tue, 06 Jun 2017 18:02:47 GMT
On Tue, Jun 6, 2017 at 10:31 AM, santino83 <gsantini@voiptech.it> wrote:
> Hello,
>
> I need to use CAS for authentication, so I've used the new auth-cas
> extension. It works, meaning, authentication against CAS is done
> successfully and user got authenticated. However, web interface breaks
> ...

Do you seen any errors in your Tomcat logs?

>
> /api/session/data/cas/self/USER_ID_LOGGED?token=.... with status 404,
> response: "no session associated with authentication provider cas". And so
> on for other apis, like session/data/cas/users, session/ext/cas... etc
>

This is to be expected, and is not a bug. Guacamole's REST service
will return HTTP 404 under normal circumstances to indicate that a
particular resource is not available. If the CAS extension doesn't
provide those resources, then 404 is the expected response, and the
interface should adjust itself accordingly.

If you see anything 500 or above, however - that would be a problem.

> The only way I found as workaround was editing
> CASAuthenticationProvider.java and changed the provider identifier from
> "cas" to "postgresql". Everything now seems to work, but it is just an
> horrible workaround

Please do not do this. Even if things seem to work, I can't imagine
the sort of horrible things must be happening inside the web
application when this is in place. It's important that these
identifiers are unique.

- Mike

Mime
View raw message