[jira] [Comment Edited] (GUACAMOLE-1964) Bug on layered auth?

Wed, 03 Jul 2024 12:41:23 -0700 


    [ 
https://issues.apache.org/jira/browse/GUACAMOLE-1964?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17862876#comment-17862876
 ] 

Mike Jumper edited comment on GUACAMOLE-1964 at 7/3/24 7:40 PM:
----------------------------------------------------------------

Yeah - that's definitely the issue right there. The ability to configure the 
SSO extensions to be secondary to others instead of always primary was 
introduced in 1.4.0:

[https://guacamole.apache.org/releases/1.4.0/#support-for-secondary-sso-providers]

1.2.0 is the very first release of SAML support for Guacamole. It would not 
have any other operating mode and would always present itself as the primary 
auth mechanism (always redirect).


was (Author: mike.jumper):
Yeah - that's definitely the issue right there. The ability to configure the 
SSO extensions to be secondary to others instead of always primary was 
introduced in 1.4.0:

[https://guacamole.apache.org/releases/1.4.0/#support-for-secondary-sso-providers]

1.2.0 is the very first release of SAML support for Guacamole. It would not 
have any other operating mode and would always present itself as the primary 
auth mechanism (always redirect).

 

> Bug on layered auth?
> --------------------
>
>                 Key: GUACAMOLE-1964
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-1964
>             Project: Guacamole
>          Issue Type: Bug
>          Components: guacamole-auth-saml
>    Affects Versions: 1.5.5
>         Environment: Ubuntu 22.04
>            Reporter: André Galvão
>            Priority: Minor
>
> Hey, so i have a problem where i followed the manual doc's guidelines for 
> having both SSO with SAML extension on version 1.2.0, and jdbc-mysql on 
> 1.5.5, at the same time, which should: "ensure users are given a normal 
> Guacamole login screen and have the option to log in with traditional 
> credentials _or_ with SAML, ensure the SAML extension does not have priority: 
> extension-priority: *, saml"
> I don't get the login screen presented, it always redirects me to my entity 
> provider, the only workaround i found was disabling SAML lines in 
> guacamole.properties and add skip-if-unavailable flag, so it uses the mysql 
> local login instead of auto redirecting to entity provider. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to