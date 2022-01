After a lot of great help from support we have SAML working correctly for our external users but I have a lingering security issue with my internal users I have to button up. So we are running horizon 7.13 on premise and UAG 3.10 with no cloud. The problem comes up with my internal users. If they know the FQDN of broker2 they can bypass SAML and login just using the client. In view under broker1 I have the Delegation of authentication to VMware Horizon (SAML 2.0 Authenticator): set to required and it does as it should. If I do that on broker 2 then nobody can login internally or externally. On UAG Broker2 is the designated connection server and Saml is set for auth method saml and passthrough.

SOFTWARE ・ 1 DAY AGO