Nick;
Thanks for all your help. Let me elaborate.
When I say I have a REST service, it's just as you described -- a WS
annotated class that is returned from the authentication provider's
getResource method. I can call this REST service just fine, and know that
it works.
This service takes in as POST (from the SAML identity provider), calls the
existing /api/tokens endpoint, passing all of the same content, and receives
a Guacamole authentication token -- ie, the user is know authenticated by
Guacamole (specifically by my authentication provider), and is stored in the
session. This also works. I receive the token just fine.
The problem is I need to pass this token, somehow, to the Guacamole UI so
that when it calls /api/tokens itself, it can pass in the same token. The
essentials of the REST method:
@POST
@Path("/postredirect")
public Response redirectSamlPostToGet(@Context HttpServletRequest
request, String content) throws GuacamoleException, URISyntaxException {
try {
String token = callTokenService(request, content);
return Response.seeOther(new
URI("http://<site>/guacamole/#/token=" +
token)).build();
} catch (Exception e) {
logger.error("Error occurred in postredirect", e);
throw new RuntimeException(e);
}
}
There is no errors in the logs. In network traffic I see the redirect
happen correctly. However, Guacamole is ignoring the token=<token> portion
of the URL. I've tried using id_token instead, but that is also ignored.
--
Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
