[
https://issues.apache.org/jira/browse/GUACAMOLE-1964?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17862876#comment-17862876
]
Mike Jumper commented on GUACAMOLE-1964:
----------------------------------------
Yeah - that's definitely the issue right there. The ability to configure the
SSO extensions to be secondary to others instead of always primary was
introduced in 1.4.0:
[https://guacamole.apache.org/releases/1.4.0/#support-for-secondary-sso-providers]
1.2.0 is the very first release of SAML support for Guacamole. It would not
have any other operating mode and would always present itself as the primary
auth mechanism (always redirect).
> Bug on layered auth?
> --------------------
>
> Key: GUACAMOLE-1964
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1964
> Project: Guacamole
> Issue Type: Bug
> Components: guacamole-auth-saml
> Affects Versions: 1.5.5
> Environment: Ubuntu 22.04
> Reporter: André Galvão
> Priority: Minor
>
> Hey, so i have a problem where i followed the manual doc's guidelines for
> having both SSO with SAML extension on version 1.2.0, and jdbc-mysql on
> 1.5.5, at the same time, which should: "ensure users are given a normal
> Guacamole login screen and have the option to log in with traditional
> credentials _or_ with SAML, ensure the SAML extension does not have priority:
> extension-priority: *, saml"
> I don't get the login screen presented, it always redirects me to my entity
> provider, the only workaround i found was disabling SAML lines in
> guacamole.properties and add skip-if-unavailable flag, so it uses the mysql
> local login instead of auto redirecting to entity provider.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
