Re: SAML authentication setup

[David Brodbeck <br...@math.ucsb.edu>]

Still struggling with this, but I can't tell if the problem is on my end or
if it's something the people running the ID server are missing. The initial
redirect works but I get "The application you have accessed is not
registered for use with this service" back from their server.

To be honest I originally wanted to use LDAP, which is simple and easy to
set up...OK, LDAP isn't simple at all, but it's simpler than this and I
understand it. ;) However they've deprecated LDAP authentication so I'm
sort of stuck.


On Sun, Jan 31, 2021 at 1:58 PM Nick Couchman <vn...@apache.org> wrote:

> On Thu, Jan 28, 2021 at 4:41 PM David Brodbeck <br...@math.ucsb.edu>
> wrote:
>
>>
>> On Wed, Jan 27, 2021 at 1:07 PM Nick Couchman <vn...@apache.org> wrote:
>>
>>> The Guacamole SAML extension module does not have any built-in way to
>>> generate the XML file. However, you can use a third party service like the
>>> one below to generate the file...
>>>
>>> https://www.samltool.com/sp_metadata.php
>>>
>>> That's the one I used when developing the extension to test it out -
>>> there may be other folks out there that have used other sites or methods
>>> for generating SP XML metadata that can respond, as well.
>>>
>>>
>> In this form, would "Attribute Consume Service Endpoint" be the main
>> Guacamole URL? e.g. if I have Guacamole appearing at
>> https://example.com/guacamole/, would that be both my entity-id and my
>> service endpoint?
>>
>>
> Yes, I think that's correct.
>
>
>> I'm sure this is a really basic question, but I'm pretty new to SAML.
>>
>>
> No worries - I'm pretty new at it, too, so that's a guess - if it causes
> problems don't hesitate to post back :-).
>
> -Nick
>


-- 
David Brodbeck (they/them)
System Administrator, Department of Mathematics
University of California, Santa Barbara