On Thursday, April 10, 2025 at 07:50:31 PM GMT+2, Nick Couchman
wrote:
> I suspect that the length of the HTTP headers is limited
Here's what I do in Apache & Mellon:
RequestHeader set MEL-userGroups %{MELLON_urn:oid:1.2.840.113556.1.2.102}e
env=MELLON_urn:oid:1.2.840.113556.1.2.102
In an
On Wed, Apr 9, 2025 at 7:57 AM Vieri wrote:
> On Tuesday, April 8, 2025 at 04:35:35 PM GMT+2, Nick Couchman <
> vn...@apache.org> wrote:
>
> > I'm not sure I understand why, if you're using mod_auth_mellon (SAML
> authentication for httpd) you'd need to move Guacamole away from SAML to
> > heade
On Tuesday, April 8, 2025 at 04:35:35 PM GMT+2, Nick Couchman
wrote:
> I'm not sure I understand why, if you're using mod_auth_mellon (SAML
> authentication for httpd) you'd need to move Guacamole away from SAML to
> header-based authentication? Why not keep the SAML authentication in
> Gua
On Mon, Apr 7, 2025 at 6:51 PM Vieri wrote:
> The reason I'm trying to move from SAML to HTTP Headers is also related to
>
> https://issues.apache.org/jira/browse/GUACAMOLE-1659
>
> I need to add HTTP/S connections, and one way (albeit tedious) is with
> Apache HTTP rever
The reason I'm trying to move from SAML to HTTP Headers is also related to
https://issues.apache.org/jira/browse/GUACAMOLE-1659
I need to add HTTP/S connections, and one way (albeit tedious) is with Apache
HTTP reverse proxy.
I also need federated auth, so I am using mod_auth_mellon for
Hi,
I'm currently running Guacamole with SAML SSO (extension):
guacd-hostname: 127.0.0.1
guacd-port: 4822
api-session-timeout: 1
extension-priority: saml
saml-idp-metadata-url: https://domain.org/idp
saml-entity-id: https://my.domain.org/guac
saml-callback-url: https://my.domain.org/guac
saml-de
Hi,
Comparing source codes of different auth provider extensions (eg. SAML SSO vs
HTTP Header) - in particular the java code in the "user" subdir - it seems that
the HTTP header module ONLY handles identifying the user but nothing else (ie.
no groups). Other auth providers handle group informat
