top of page
Search
Suraj Roy

Page can't be found error while accessing Horizon View resource via UAG with SAML Enabled

Updated: Sep 9, 2021

VMware Unified Access Gateway is a Linus appliance which work as a proxy between external network clients and VDI machine hosted on-prem or cloud.


The Security Assertion Markup Language (SAML) is an XML-based standard that is used to describe and exchange authentication and authorization information between different security domains. SAML passes information about users between identity providers and service providers in XML documents called SAML assertions.


When SAML is integrated with UAG and if proxy pattern is configured incorrectly, it may throw below error:





The above message may appear in both the Single and Double DMZ UAG configuration.


The may appear due to misconfigured proxy pattern.


In this blog we have a Double DMZ setup. DMZ1 UAG is configured for Reverse Proxy for DMZ2 UAG.


User is able to access horizon resource via View client but it failed when try to access using HTML


As per the log:


nioEventLoopGroup-7-3]WARN networkcore.HttpsRequestRouter[channelRead: 158][]: Error message:null. No proxying rules for http request GET /broker/resources/icon/64280E7D3547FA9D5906B8CDCF300922-broker.png08/25


nioEventLoopGroup-12-2]WARN networkcore.HttpsRequestRouter[channelRead: 158][]: Error message:null. No proxying rules for http request GET /view-client/1.0/index.html?SAMLart=92ddfd83-a125-49f3-9f32-297965555933



To allow these, they must be included in their URL pattern of allowed URLs that they configure on any reverse proxy. e.g.


(/broker/xml(.*)|/xmlapi(.*)|/broker/resources/(.*)|/ice/(.*)|/r/(.*)|/portal(.*)|/view-client/(.*)|/)

(/broker/xml(.*)|/xmlapi(.*)|/broker/resources/(.*)|/ice/(.*)|/r/(.*)|/portal(.*)|/appblast(.*)|/view-client/(.*)|/)




316 views0 comments

Comments


Post: Blog2 Post
bottom of page