Thanks Simon, that helped me. So there is no way to configure signed requests in Guacamole to the IDP?
> Gesendet: Freitag, 16. April 2021 um 15:35 Uhr > Von: "Simon Müller" <simon.muel...@bechtle.com> > An: user@guacamole.apache.org > Betreff: Re: SAML SP Metadata > > You do not necessarily provide SP Metadata to your IdP, it's optional. If you > really have to implement this you need to create the metadata.xml and make > it (publicly) available to your IdP. > The important part is that you can reach your IdP's metadata.xml and this > URL has to be entered as value for the "saml-idp-metadata-url" key. > > The parameter to only accept signed SamlResponses is "saml-strict: true" in > your guacamole.properties file, it's up to the SP to decide if it accepts > signed or unsigned responses from the IdP. > > As ACS URL you can tell your IdP to use the FQDN of Guacamole like a user > accessing your guacamole instance would type it. > > > Regards, > Simon Müller > > > > -- > Sent from: > http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/ > > --------------------------------------------------------------------- > To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org > For additional commands, e-mail: user-h...@guacamole.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
