Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id ED699200D0B for ; Wed, 27 Sep 2017 23:35:23 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id EBE7E1609CA; Wed, 27 Sep 2017 21:35:23 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 3C0961609C1 for ; Wed, 27 Sep 2017 23:35:23 +0200 (CEST) Received: (qmail 80386 invoked by uid 500); 27 Sep 2017 21:35:22 -0000 Mailing-List: contact user-help@guacamole.incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@guacamole.incubator.apache.org Delivered-To: mailing list user@guacamole.incubator.apache.org Received: (qmail 80374 invoked by uid 99); 27 Sep 2017 21:35:22 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 27 Sep 2017 21:35:22 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id 01CE01A4E4C for ; Wed, 27 Sep 2017 21:35:22 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 5.012 X-Spam-Level: ***** X-Spam-Status: No, score=5.012 tagged_above=-999 required=6.31 tests=[KAM_LAZY_DOMAIN_SECURITY=1, RCVD_IN_PSBL=2.7, SPF_HELO_PASS=-0.001, URI_HEX=1.313] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id N1BFC_DE0oAO for ; Wed, 27 Sep 2017 21:35:19 +0000 (UTC) Received: from n4.nabble.com (n4.nabble.com [162.253.133.72]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id C88865F3F5 for ; Wed, 27 Sep 2017 21:35:15 +0000 (UTC) Received: from mben.nabble.com (localhost [127.0.0.1]) by n4.nabble.com (Postfix) with ESMTP id E18FC14943480 for ; Wed, 27 Sep 2017 14:35:13 -0700 (MST) Date: Wed, 27 Sep 2017 14:35:13 -0700 (MST) From: Colin McGuigan To: user@guacamole.incubator.apache.org Message-ID: <1506548113921-0.post@n4.nabble.com> In-Reply-To: <1506452175565-0.post@n4.nabble.com> References: <1506116383746-0.post@n4.nabble.com> <1506452175565-0.post@n4.nabble.com> Subject: Re: Handling a SAML POST response MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit archived-at: Wed, 27 Sep 2017 21:35:24 -0000 So I went ahead and created an external web service that internally calls /guacamole/api/tokens, and then redirects to /guacamole/#/token= Doesn't work. Investigation of the network traffic shows that the /guacamole/api/tokens call does not have the token in it at all (in Mike's OpenID implementation id_token is passed along this way, and I was hoping it would work the same for token). Changing the name of the parameter, so it's now redirecting to /guacamole/#/id_token= also does not pass a token_id parameter to /guacamole/api/tokens, which confuses me, because I saw this behavior with the OpenID plugin. So new questions: 1) Is this a valid approach? Ie, can a Guacamole authorization token even be passed around in this manner? 2) Why is the token not being passed from /guacamole/#/token= to /guacamole/api/tokens? -- Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/