On Thu, Sep 28, 2017 at 12:20 PM, Colin McGuigan <
colin_guacam...@walkingshadows.org> wrote:
> Nick;
>
> Thanks for all your help. Let me elaborate.
>
> When I say I have a REST service, it's just as you described -- a WS
> annotated class that is returned from the authentication provider's
> getResource method. I can call this REST service just fine, and know that
> it works.
>
>
Very nice.
> This service takes in as POST (from the SAML identity provider), calls the
> existing /api/tokens endpoint, passing all of the same content, and
> receives
> a Guacamole authentication token -- ie, the user is know authenticated by
> Guacamole (specifically by my authentication provider), and is stored in
> the
> session. This also works. I receive the token just fine.
>
> The problem is I need to pass this token, somehow, to the Guacamole UI so
> that when it calls /api/tokens itself, it can pass in the same token. The
> essentials of the REST method:
>
> @POST
> @Path("/postredirect")
> public Response redirectSamlPostToGet(@Context HttpServletRequest
> request, String content) throws GuacamoleException, URISyntaxException {
> try {
> String token = callTokenService(request, content);
> return Response.seeOther(new URI("http://
> <site>/guacamole/#/token=" +
> token)).build();
> } catch (Exception e) {
> logger.error("Error occurred in postredirect", e);
> throw new RuntimeException(e);
> }
> }
>
> There is no errors in the logs. In network traffic I see the redirect
> happen correctly. However, Guacamole is ignoring the token=<token> portion
> of the URL. I've tried using id_token instead, but that is also ignored.
>
>
What if you try:
return Response.seeOther(new URI("http://<site>/guacamole/#/?token=" +
token)).build();
(Add the ? between the token parameter and the Guacamole URL). Does that
work?
-Nick
