guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From B3r3n <B3...@argosnet.com>
Subject Re: Guacamole & OpenID
Date Wed, 21 Nov 2018 09:41:33 GMT
Burping the whole session, I found some infos. It seems Guacamole considers
invalid credentials:
{"message":"Invalid login.","translatableMessage":{"key":"Invalid
login.","variables":null},"statusCode":null,"expected":[{"name":"id_token","type":"GUAC_OPENID_TOKEN","authorizationURI":"https://auth/oxauth/restv1/authorize?scope=openid+email+profile&response_type=id_token&client_id=%40%213CBA.9C61.872A.9B54%210001%218204.1C64%210008%215F53.D604.4734.13E8&redirect_uri=https%3A%2F%2Fguacamole.security.equant.com%2Fguacamole%2F&nonce=buo73qjm36bac5uobsvjra2tjo"}],"type":"INVALID_CREDENTIALS"}
entering infinite loop with OIDC server (Gluu).

I wonder where Guacamole gets the user attribute to make the link between
OIDC username & Guacamole username. Also wondering about the password.
To reduce risk from differences, the user (test) has password "test" in both
OIDC & MySQL local database.

Also my guacamole properties has MySQL details (to manage user profile) but
no mysql auth jdbc.

I noticed I could have both OIDC+MySQL jar files, OIDC loading first with a
rename if needed. did not tested that yet.




--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/

Mime
View raw message