On Thu, Jun 5, 2025 at 6:42 AM Palaash Jain <[email protected]> wrote:
> Hi, > > I have been struggling to modifying the guacamole client in such a way > that: > 1) We perform our own authentication externally, > 2) I want to pass something like, > http://localhost:8080/guacamole/?{my_parameters} > 3) For doing this, I don't want the guacamole welcome page login screen > and instead just proceed directly with the connection. > 4) Rest of the communication, passing the connection details, etc. will > then be done. > > Hello, Palaash, How are you performing the external authentication? Are you using a SSO provider, or have you written a custom extension? In Guacamole, once you've authenticated, you can get directly to a connection or connection group using the URL that shows up in the browser when you go to that connection. It's a Base64-encode combination of the data source name (e.g. mysql), the type (c = connection, g = connection group), and the identifier. That said, right now, with external providers like SAML and OpenID that redirect away from Guacamole for authentication and then back when authentication is completed, Guacamole does not keep track of the original request or pass that information along, so that'll get "lost" in the redirect. There's at least one Jira issue out there to pass a state variable to SSO providers that would help with this, it just hasn't been done, yet. -Nick >
