Technical Forum
Ask questions. Discover Answers.
Showing results for 
Search instead for 
Did you mean: 

Getting SAML working from APM to Guacamole


Hi All,


I'm currently using an iRule to create a password for guacamole and using URL based login using a predetermined username and that password (which has been synchronised on the back-end to mysql).


But now with Guacamole 1.2, they've included SAML support which I've been able to get working with, but not with F5 APM. I see a request from APM to Guacamole and then a response back from Guacamole and then these entries in the APM logs:


Aug 21 09:56:05 f5-vpn notice tmm1[13465]: 014d1602:5: /Common/ SSO: BIG-IP as IdP (/Common/ sent SAML response (Assertion) (size: 8573) with status (urn:oasis:names:tc:SAML:2.0:status:Success) to SP (/Common/saml_guacamole) for subject type (urn:oasis:names:tc:SAML:2.0:nameid-format:persistent) value (hn8cYnzVXUegJBO89ITyAA==)

Aug 21 09:56:17 f5-vpn err tmm1[13465]: 014d1005:3: /Common/ SSO: Error: No SP Connector attached to SAML SSO from assigned SAML resources matching authentication request. If ACS URL is present in authentication request it should match ACS URL from SP Connector. If Issuer is present in authentication request it should match entity_id from SP connector

Aug 21 09:56:17 f5-vpn err tmm1[13465]: 014d1014:3: /Common/ SSO: Error(16) Unable to find SAML SSO/SP Connector object matching SAML Authn Request

Aug 21 09:56:17 f5-vpn err tmm1[13465]: 014d1011:3: /Common/ SSO: Abort reason:  Error in decompression callback

Aug 21 09:56:24 f5-vpn notice tmm[13465]: 01490521:5: /Common/ Session statistics - bytes in: 4962, bytes out: 4146


I'm wondering what these log messages mean? The SAML SSO/SP Connector that has a matching url in it, so I'm not sure why it's not able to be contacted when guacamole refers back to APM.


Any help would be much appreciated!




Daniel Storey




Got it working. I didn't have the ACS url correctly matching what was being passed back on the SAML request from guacamole - it's working!