Corey Hickey
Corey Hickey
To describe the use case a bit more, I currently need to instruct our users to: 1. Run `./gp_saml_gui.py -g ` 2. Copy/paste the command printed. 3. Edit the last...
> I'm aware of this issue, but I really wish we could "autodetect" the correct solution rather than requiring users to figure it out and specify yet another configuration option....
> > For some gateways, we get a message from gp-saml-gui: IMPORTANT: During the SAML auth, you were redirected from [...] > > When do you run into this? I'm...
gp-saml-gui can auth to the portal via the `--portal` option, but then connecting to the portal via openconnect gives a message like: ``` 2 gateway servers available: example-gateway1 (gateway1.example.com) example-gateway2...
> If we're going to add an argument, shouldn't it align with OpenConnect's implementation: > > * `--usergroup gateway` > * or tack on `/gateway` to the end of the...
> If the portal and gateway are on separate servers, then it seems weird that you could authenticate directly to a gateway as that would presumably defeat the purpose of...
@dlenski can you please provide some guidance on this? I understand that an automatic solution would be ideal, but unless any of us see a way to implement that, I...
I rebased and fixed a typo in the notification message. @dlenski when you have time, can you please check this? As I mention above, I am advocating that this simple...
Nice, thank you!
As a follow up to this, supporting TLS 1.3 on the Palo Alto side does indeed make the problem go away. -Corey