Yes, I am aware of the logout issue. It's actually not necessarily specific to Guacamole - many applications that add SSO authentication in have trouble with the other SSO - Single Sign Out. Kind of on my list of things to look at - see if there's some way to override the logout button/location from the CAS module such that the logout could be redirected to the CAS logout URL. In the meantime, you should be able to go to the CAS logout URL (https://server/cas/logout) and then when you go back to the Guacamole page it should detect that your ticket is no longer valid and push you back to the CAS page. -Nick
On Thursday, July 27, 2017, 8:36:47 PM EDT, Kaushik Srinivasan <kausr...@umail.iu.edu> wrote: Hi Nick, I noticed another issue which I think is important that you know. After authenticating with CAS module, I'm redirected to my connection. The connection is RDP to an windoes XP machine. When I cancel the connection on the Windows login page, Guacamole prompts with Disconnected page. When you click on logout on this Disconnected prompt *you are not logged out.* When you click logout, you are redirected to guacamole authentication page, but the CAS cookie is still present and you are immediately logged back in and immediately connected to the only connection I have configured. When logout is clicked, is there a way to detect the Guacamole cookie and remove it from the browser? Regards Kaushik Srinivasan On Tue, Jul 25, 2017 at 10:22 PM, Nick Couchman < nick.couch...@yahoo.com.invalid> wrote: > Glad I was able to help. > I'm not sure there's currently anywhere to put your Dockerfile within the > Guacamole project, but I'd suggest creating a Github repo with your work > and checking it in there - that way others can use/fork/contribute to it. > I'm sure there are others who could benefit from something that would work > on the ARM architecture. > -Nick > > On Tuesday, July 25, 2017, 9:54:42 PM EDT, Kaushik Srinivasan < > kausr...@umail.iu.edu> wrote: > > Hi Nick > > You are a lifesaver. > > It worked once i changed the CAS login url like you suggested. Removal of > /login solves this problem. > > I would now be able to proceed with my university project. Thanks a lot > again for everyone. > > Is there any other information that is required of me? > > Also Should I somehow contribute my dockerfile as it works on raspberry pi > (arm architecture) while the docker file officially provided has issues in > that architecture. > > Regards > Kaushik Srinivasan > > On Mon, Jul 24, 2017 at 10:09 PM, Kaushik Srinivasan < > kausr...@umail.iu.edu> > wrote: > > > Ah, I see. I will test it in a day or two and get back to you. > > > > Sorry for the delay. > > > > Regards > > Kaushik Srinivasan > > > > On 24 Jul 2017 9:23 p.m., "Nick Couchman" <nick.couch...@yahoo.com. > invalid> > > wrote: > > > >> JIRA issue GUACAMOLE-355 has been created to track this: > >> https://issues.apache.org/jira/browse/GUACAMOLE-355 > >> -Nick > >> > >> On Monday, July 24, 2017, 8:44:48 PM EDT, Nick Couchman < > >> nick.couch...@yahoo.com.INVALID> wrote: > >> > >> > >> I'm fairly certain this is the issue - I was able to set up Guacamole + > >> CAS with my system with the /login on the end and get the 500 error that > >> you're seeing. The CAS extension expects that parameter to be the base > of > >> the CAS install, not the login URL, since it not only uses the login > >> redirect but also does ticket validation against the CAS service. > >> I think this still warrants a JIRA issue opened - there are two > >> possibilities that I see that could help others avoid this:- Make sure > >> documentation is specific enough to tell users where to point it.- Try > to > >> do some error handling in the CAS module to throw meaningful errors > when it > >> cannot find the CAS service. > >> -Nick > >> > >> On Monday, July 24, 2017, 8:38:04 PM EDT, Nick Couchman < > >> nick.couch...@yahoo.com.INVALID> wrote: > >> > >> > >> Hey, Kaushik, > >> I'm still working on getting the RPi environment set up here and getting > >> Guacamole running in it. I do have one more suggestion for you to try > >> while I work on that - I see in your guacamole.properties file you have > >> your cas-authorization-endpoint set to > >> https://cas.iu.edu/cas/login > >> Can you take off the /login at the end, so that it is just: > >> https://cas.iu.edu/cas > >> and see if that works? > >> Thanks,Nick > >> > >> On Wednesday, July 19, 2017, 1:37:17 PM EDT, Kaushik Srinivasan < > >> kausr...@umail.iu.edu> wrote: > >> > >> > >> guacamole.properties file > >> > >> #Hostname and Port of guacamole proxy > >> guacd-hostname: localhost > >> guacd-port: 4822 > >> > >> #NoAuth Properties > >> #noauth-config: /etc/guacamole/noauth-config.xml > >> > >> #user-mapping: /etc/guacamole/user-mapping.xml > >> > >> # Username and password > >> tutorial-user: tutorial > >> tutorial-password: password > >> > >> # Connection information > >> tutorial-protocol: rdp > >> tutorial-parameters: hostname=192.168.0.7, port=3389 > >> > >> > >> cas-authorization-endpoint: https://cas.iu.edu/cas/login > >> cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole > >> > >> #Authentication Provider Class > >> #auth-provider: > >> net.sourceforge.guacamole.net.basic.BasicFileAuthenticationPr$ > >> > >> #Properties used by BasicFileAuthenticationProvider > >> #basic-user-mapping: /etc/guacamole/user-mapping.xml > >> > >> > >> > >> On Wed, Jul 19, 2017 at 12:56 PM, Mike Jumper <mike.jum...@guac-dev.org > > > >> wrote: > >> > >> > On Wed, Jul 19, 2017 at 9:38 AM, Kaushik Srinivasan > >> > <kausr...@umail.iu.edu> wrote: > >> > > I have attached the guacamole.properties file. > >> > > > >> > > >> > Unfortunately, there is no attachment. Assuming it was indeed > >> > attached, the mailing list may have removed it prior to sending the > >> > message out to subscribers. > >> > > >> > Perhaps you can paste the contents into a message instead (or post the > >> > file elsewhere and link to that)? > >> > > > > > >
