I would grealy appreciate some help with this guacamole docker, SAML sso authentication issue.
I'm guessing I'm doing something simple completely wrong, but this is the best that I can scape from the very limited detail in the admin manual and Google FU to find relevant configs from others which are quite lacking. It would be VERY helpful if the project team could provide a working example configuration with the various URLs etc referenced even if it is IDP specific. When user clicks JumpCloud chicklet it opens new tab to guacamole service and then continuously reloads flipping between JumpCloud and the guacamole page. Nothing in the page, just white background. If I change 'extension-priority: saml' to 'extension-priority: *, saml' then the looping goes away and I get the standard login page. Which is expected as when it fails IDP auth that would redirect to internal auth. Heres a quick rundown of my setup. 1. Base system is Debian 12, minimal server with docker / docker-compose. 2. Im using your official 1.5.3 Docker images in a docker-compse.yaml 3. I have a MariaDB container in the compose and have configured the database & table 4. I have an Apache reverse proxy in play for public internet access it is configured for grds.my.domain.net and ProxyPass: http://10.0.0.206:8080/guacamole 5. I successfully accessed the UI at http://grds.my.domain.net with guacadmin and created a new user account in my DB, placing that user in a group with all role rights. 6. I successfully accessed guacamole via the DB user account. Now we mess with SAML 1. I installed the SSO SAML plugin per docs 2. I created SAML config in JumpCloud a. Idp Entity: https://grds.my.domain.net/ b. SP Entity: https://grds.my.domain.net/ c. ACS URLs: https://grds.my.domain.net/ d. SAMLSubject NameID: username e. SAMLSubject NameID Format: urn:oasis:names:tv:SAML:2.0:nameid-format:persistent f. Signature Algorithm: RSA-SHA256 g. Sign Assertion: Enabled h. Login URL: https://grds.my.domain.net/ i. IDP URL: https://sso.jumpcloud.com/saml2/NUNYABUSINESS j. Group Attributes: Enabled k. Include Group Attribute: group l. I assigned a JumpCloud user group that includes my testuser account. This JumpCloud group name matches exactly the Guac DB Group I created that includes my testuser DB account. I wasnt able to get guacamole to use my metadata.xml file likely something with file:/// path and docker volume paths Im not getting right so I set values manually in guacamole.preferences file. <guacamole.preferences> recording-search-path: /_recordings #saml-idp-metadata-url: file:///guacamole_home/guac-saml-metadata.xml saml-idp-url: https://sso.jumpcloud.com/saml2/NUNYABUSINESS saml-entity-id: https://grds.my.meyertech.net/ saml-callback-url: https://grds.my.meyertech.net/ saml-compress-request: true saml-compress-response: true saml-group-attribute: group saml-debug: true extension-priority: saml </guacamole.preferences> <logback.xml> <configuration> <!-- Appender for debugging --> <appender name="GUAC-DEBUG" class="ch.qos.logback.core.ConsoleAppender"> <encoder> <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern> </encoder> </appender> <!-- Log at DEBUG level --> <root level="debug"> <appender-ref ref="GUAC-DEBUG"/> </root> </configuration> </logback.xml> <docker-compose.yaml> version: '3' services: mariadb: container_name: mariadb image: mariadb/server:latest restart: always env_file: .env environment: MYSQL_ROOT_PASSWORD: "${MYSQL_ROOT_PASSWORD}" MYSQL_DATABASE: "${MYSQL_DATABASE}" MYSQL_USER: "${MYSQL_USER}" MYSQL_PASSWORD: "${MYSQL_PASSWORD}" volumes: - /data/mariadb:/var/lib/mysql guacd: tty: true stdin_open: true image: guacamole/guacd restart: always env_file: .env ports: - 4822:4822 environment: MYSQL_DATABASE: "${MYSQL_DATABASE}" MYSQL_USER: "${MYSQL_USER}" MYSQL_PASSWORD: "${MYSQL_PASSWORD}" MYSQL_HOSTNAME: "${MYSQL_HOSTNAME}" volumes: - /data/_recordings:/_recordings - /data/_vdisk:/_vdisk - /data/etc/guacamole:/etc/guacamole guacamole: tty: true stdin_open: true image: guacamole/guacamole restart: always env_file: .env ports: - 8080:8080 environment: MYSQL_DATABASE: "${MYSQL_DATABASE}" MYSQL_USER: "${MYSQL_USER}" MYSQL_PASSWORD: "${MYSQL_PASSWORD}" MYSQL_HOSTNAME: "${MYSQL_HOSTNAME}" GUACD_HOSTNAME: "${GUACD_HOSTNAME}" GUACAMOLE_HOME: "/guacamole_home" volumes: - /data/guacamole_home:/guacamole_home - /data/_recordings:/_recordings </docker-compse.yaml> <docker-compose log output> root@guacamole01:/data# docker-compose up Starting mariadb ... done Starting data_guacamole_1 ... done Starting data_guacd_1 ... done Attaching to data_guacd_1, mariadb, data_guacamole_1 guacd_1 | guacd[1]: INFO: Guacamole proxy daemon (guacd) version 1.5.3 started guacd_1 | guacd[1]: INFO: Listening on host 0.0.0.0, port 4822 mariadb | This image is deprecated and will be replaced by https://hub.docker.com/_/mariadb in the future. mariadb | 2023-08-29 20:26:28 0 [Note] mysqld (mysqld 10.5.10-MariaDB-1:10.5.10+maria~bionic) starting as process 1 ... guacamole_1 | Using CATALINA_BASE: /home/guacamole/tomcat guacamole_1 | Using CATALINA_HOME: /usr/local/tomcat guacamole_1 | Using CATALINA_TMPDIR: /home/guacamole/tomcat/temp guacamole_1 | Using JRE_HOME: /opt/java/openjdk guacamole_1 | Using CLASSPATH: /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar guacamole_1 | Using CATALINA_OPTS: mariadb | 2023-08-29 20:26:28 0 [Note] InnoDB: Uses event mutexes mariadb | 2023-08-29 20:26:28 0 [Note] InnoDB: Compressed tables use zlib 1.2.11 mariadb | 2023-08-29 20:26:28 0 [Note] InnoDB: Number of pools: 1 mariadb | 2023-08-29 20:26:28 0 [Note] InnoDB: Using crc32 + pclmulqdq instructions mariadb | 2023-08-29 20:26:28 0 [Note] mysqld: O_TMPFILE is not supported on /tmp (disabling future attempts) mariadb | 2023-08-29 20:26:29 0 [Note] InnoDB: Using Linux native AIO mariadb | 2023-08-29 20:26:29 0 [Note] InnoDB: Initializing buffer pool, total size = 134217728, chunk size = 134217728 mariadb | 2023-08-29 20:26:29 0 [Note] InnoDB: Completed initialization of buffer pool mariadb | 2023-08-29 20:26:29 0 [Note] InnoDB: 128 rollback segments are active. mariadb | 2023-08-29 20:26:29 0 [Note] InnoDB: Creating shared tablespace for temporary tables mariadb | 2023-08-29 20:26:29 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ... mariadb | 2023-08-29 20:26:29 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB. mariadb | 2023-08-29 20:26:29 0 [Note] InnoDB: 10.5.10 started; log sequence number 243383; transaction id 261 mariadb | 2023-08-29 20:26:29 0 [Note] Plugin 'FEEDBACK' is disabled. mariadb | 2023-08-29 20:26:29 0 [Note] Server socket created on IP: '::'. mariadb | 2023-08-29 20:26:29 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool mariadb | 2023-08-29 20:26:29 0 [Note] InnoDB: Buffer pool(s) load completed at 230829 20:26:29 mariadb | 2023-08-29 20:26:29 0 [Warning] 'proxies_priv' entry '@% root@685f72a64628' ignored in --skip-name-resolve mode. mariadb | 2023-08-29 20:26:29 0 [Note] Reading of all Master_info entries succeeded mariadb | 2023-08-29 20:26:29 0 [Note] Added new Master_info '' to hash table mariadb | 2023-08-29 20:26:29 0 [Note] mysqld: ready for connections. mariadb | Version: '10.5.10-MariaDB-1:10.5.10+maria~bionic' socket: '/run/mysqld/mysqld.sock' port: 3306 mariadb.org binary distribution guacamole_1 | 29-Aug-2023 20:26:29.707 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version name: Apache Tomcat/8.5.93 guacamole_1 | 29-Aug-2023 20:26:29.709 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server built: Aug 23 2023 22:43:14 UTC guacamole_1 | 29-Aug-2023 20:26:29.709 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version number: 8.5.93.0 guacamole_1 | 29-Aug-2023 20:26:29.709 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Name: Linux guacamole_1 | 29-Aug-2023 20:26:29.710 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Version: 6.1.0-11-amd64 guacamole_1 | 29-Aug-2023 20:26:29.710 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Architecture: amd64 guacamole_1 | 29-Aug-2023 20:26:29.710 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Java Home: /opt/java/openjdk/jre guacamole_1 | 29-Aug-2023 20:26:29.710 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Version: 1.8.0_382-b05 guacamole_1 | 29-Aug-2023 20:26:29.710 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Vendor: Temurin guacamole_1 | 29-Aug-2023 20:26:29.711 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_BASE: /home/guacamole/tomcat guacamole_1 | 29-Aug-2023 20:26:29.711 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_HOME: /usr/local/tomcat guacamole_1 | 29-Aug-2023 20:26:29.712 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.config.file=/home/guacamole/tomcat/conf/logging.properti es guacamole_1 | 29-Aug-2023 20:26:29.712 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager guacamole_1 | 29-Aug-2023 20:26:29.712 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djdk.tls.ephemeralDHKeySize=2048 guacamole_1 | 29-Aug-2023 20:26:29.712 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.protocol.handler.pkgs=org.apache.catalina.webresources guacamole_1 | 29-Aug-2023 20:26:29.712 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 guacamole_1 | 29-Aug-2023 20:26:29.713 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dignore.endorsed.dirs= guacamole_1 | 29-Aug-2023 20:26:29.713 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.base=/home/guacamole/tomcat guacamole_1 | 29-Aug-2023 20:26:29.713 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.home=/usr/local/tomcat guacamole_1 | 29-Aug-2023 20:26:29.713 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.io.tmpdir=/home/guacamole/tomcat/temp guacamole_1 | 29-Aug-2023 20:26:29.714 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded Apache Tomcat Native library [1.2.38] using APR version [1.7.0]. guacamole_1 | 29-Aug-2023 20:26:29.714 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true], UDS [{4}]. guacamole_1 | 29-Aug-2023 20:26:29.714 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR/OpenSSL configuration: useAprConnector [false], useOpenSSL [true] guacamole_1 | 29-Aug-2023 20:26:29.723 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL successfully initialized [OpenSSL 3.0.2 15 Mar 2022] guacamole_1 | 29-Aug-2023 20:26:29.807 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ["http-nio-8080"] guacamole_1 | 29-Aug-2023 20:26:29.828 INFO [main] org.apache.catalina.startup.Catalina.load Initialization processed in 648 ms guacamole_1 | 29-Aug-2023 20:26:29.857 INFO [main] org.apache.catalina.core.StandardService.startInternal Starting service [Catalina] guacamole_1 | 29-Aug-2023 20:26:29.857 INFO [main] org.apache.catalina.core.StandardEngine.startInternal Starting Servlet engine: [Apache Tomcat/8.5.93] guacamole_1 | 29-Aug-2023 20:26:29.875 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Deploying web application archive [/home/guacamole/tomcat/webapps/guacamole.war] guacamole_1 | 29-Aug-2023 20:26:31.453 INFO [localhost-startStop-1] org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this logger for a complete list of JARs that were scanned but no TLDs were found in them. Skipping unneeded JARs during scanning can improve startup time and JSP compilation time. guacamole_1 | 20:26:32.057 [localhost-startStop-1] INFO o.a.g.environment.LocalEnvironment - GUACAMOLE_HOME is "/home/guacamole/.guacamole". guacamole_1 | 20:26:32.189 [localhost-startStop-1] INFO o.a.g.GuacamoleServletContextListener - Read configuration parameters from "/home/guacamole/.guacamole/guacamole.properties". guacamole_1 | 20:26:32.192 [localhost-startStop-1] INFO o.a.g.rest.auth.HashTokenSessionMap - Sessions will expire after 60 minutes of inactivity. guacamole_1 | 20:26:32.390 [localhost-startStop-1] INFO org.apache.guacamole.log.LogModule - Loading logback configuration from "/home/guacamole/.guacamole/logback.xml". guacamole_1 | 20:26:32.509 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Added language: "ko" guacamole_1 | 20:26:32.509 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Added language: "zh" guacamole_1 | 20:26:32.509 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Added language: "pt" guacamole_1 | 20:26:32.509 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Added language: "ru" guacamole_1 | 20:26:32.510 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Added language: "de" guacamole_1 | 20:26:32.510 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Added language: "ja" guacamole_1 | 20:26:32.510 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Added language: "es" guacamole_1 | 20:26:32.511 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Added language: "nl" guacamole_1 | 20:26:32.511 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Added language: "cs" guacamole_1 | 20:26:32.512 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Added language: "en" guacamole_1 | 20:26:32.512 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Added language: "fr" guacamole_1 | 20:26:32.512 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Added language: "ca" guacamole_1 | 20:26:32.513 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Added language: "no" guacamole_1 | 20:26:32.513 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Added language: "it" guacamole_1 | 20:26:32.514 [localhost-startStop-1] DEBUG o.a.g.extension.ExtensionModule - Reading extension: "guacamole-auth-sso-saml-1.5.3.jar" guacamole_1 | 20:26:32.652 [localhost-startStop-1] DEBUG o.a.g.extension.ExtensionClassLoader - Libraries bundled within extension "/home/guacamole/.guacamole/extensions/guacamole-auth-sso-saml-1.5.3.jar" have been copied to temporary directory "/home/guacamole/tomcat/temp/guac-extension-lib-5111453319356038964". guacamole_1 | 20:26:32.661 [localhost-startStop-1] DEBUG o.a.g.extension.ExtensionModule - Reading extension: "guacamole-auth-jdbc-mysql-1.5.3.jar" guacamole_1 | 20:26:32.778 [localhost-startStop-1] DEBUG o.a.g.extension.ExtensionClassLoader - Libraries bundled within extension "/home/guacamole/.guacamole/extensions/guacamole-auth-jdbc-mysql-1.5.3.jar" have been copied to temporary directory "/home/guacamole/tomcat/temp/guac-extension-lib-7768107525040093242". guacamole_1 | 20:26:32.784 [localhost-startStop-1] DEBUG o.a.g.extension.ExtensionModule - Reading extension: "guacamole-history-recording-storage-1.5.3.jar" guacamole_1 | 20:26:32.786 [localhost-startStop-1] INFO o.a.g.extension.ExtensionModule - Multiple extensions are installed and will be loaded in order of decreasing priority: guacamole_1 | 20:26:32.786 [localhost-startStop-1] INFO o.a.g.extension.ExtensionModule - - [saml] "SAML Authentication Extension" (/home/guacamole/.guacamole/extensions/guacamole-auth-sso-saml-1.5.3.jar) guacamole_1 | 20:26:32.787 [localhost-startStop-1] INFO o.a.g.extension.ExtensionModule - - [mysql] "MySQL Authentication" (/home/guacamole/.guacamole/extensions/guacamole-auth-jdbc-mysql-1.5.3.jar) guacamole_1 | 20:26:32.787 [localhost-startStop-1] INFO o.a.g.extension.ExtensionModule - - [recording-storage] "Session Recording Storage" (/home/guacamole/.guacamole/extensions/guacamole-history-recording-storage-1 .5.3.jar) guacamole_1 | 20:26:32.788 [localhost-startStop-1] INFO o.a.g.extension.ExtensionModule - To change this order, set the "extension-priority" property or rename the extension files. The default priority of extensions is dictated by the sort order of their filenames. guacamole_1 | 20:26:32.788 [localhost-startStop-1] DEBUG o.a.g.extension.ExtensionModule - [0] Binding AuthenticationProvider "org.apache.guacamole.auth.saml.SAMLAuthenticationProvider". guacamole_1 | 20:26:33.027 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "ca" guacamole_1 | 20:26:33.032 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "de" guacamole_1 | 20:26:33.036 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "en" guacamole_1 | 20:26:33.040 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "fr" guacamole_1 | 20:26:33.052 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "ja" guacamole_1 | 20:26:33.056 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "ko" guacamole_1 | 20:26:33.060 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "pt" guacamole_1 | 20:26:33.062 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "ru" guacamole_1 | 20:26:33.064 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "zh" guacamole_1 | 20:26:33.065 [localhost-startStop-1] INFO o.a.g.extension.ExtensionModule - Extension "SAML Authentication Extension" (saml) loaded. guacamole_1 | 20:26:33.065 [localhost-startStop-1] DEBUG o.a.g.extension.ExtensionModule - [1] Binding AuthenticationProvider "org.apache.guacamole.auth.mysql.MySQLAuthenticationProvider". guacamole_1 | 20:26:33.087 [localhost-startStop-1] INFO o.a.g.a.mysql.conf.MySQLEnvironment - Installed JDBC driver for MySQL/MariaDB detected as "MySQL Connector/J". guacamole_1 | 20:26:33.248 [localhost-startStop-1] DEBUG o.apache.ibatis.logging.LogFactory - Logging initialized using 'class org.apache.ibatis.logging.slf4j.Slf4jImpl' adapter. guacamole_1 | 20:26:33.539 [localhost-startStop-1] DEBUG o.a.i.d.pooled.PooledDataSource - PooledDataSource forcefully closed/removed all connections. guacamole_1 | 20:26:33.539 [localhost-startStop-1] DEBUG o.a.i.d.pooled.PooledDataSource - PooledDataSource forcefully closed/removed all connections. guacamole_1 | 20:26:33.539 [localhost-startStop-1] DEBUG o.a.i.d.pooled.PooledDataSource - PooledDataSource forcefully closed/removed all connections. guacamole_1 | 20:26:33.539 [localhost-startStop-1] DEBUG o.a.i.d.pooled.PooledDataSource - PooledDataSource forcefully closed/removed all connections. guacamole_1 | 20:26:33.540 [localhost-startStop-1] DEBUG o.a.i.d.pooled.PooledDataSource - PooledDataSource forcefully closed/removed all connections. guacamole_1 | 20:26:34.238 [localhost-startStop-1] DEBUG o.a.g.extension.ExtensionModule - [2] Binding AuthenticationProvider "org.apache.guacamole.auth.mysql.MySQLSharedAuthenticationProvider". guacamole_1 | 20:26:34.262 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "ca" guacamole_1 | 20:26:34.269 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "de" guacamole_1 | 20:26:34.271 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "en" guacamole_1 | 20:26:34.276 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "es" guacamole_1 | 20:26:34.279 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "fr" guacamole_1 | 20:26:34.281 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "ja" guacamole_1 | 20:26:34.286 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "ko" guacamole_1 | 20:26:34.290 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "pt" guacamole_1 | 20:26:34.292 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "ru" guacamole_1 | 20:26:34.295 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "zh" guacamole_1 | 20:26:34.296 [localhost-startStop-1] INFO o.a.g.extension.ExtensionModule - Extension "MySQL Authentication" (mysql) loaded. guacamole_1 | 20:26:34.297 [localhost-startStop-1] DEBUG o.a.g.extension.ExtensionModule - [3] Binding AuthenticationProvider "org.apache.guacamole.history.HistoryAuthenticationProvider". guacamole_1 | 20:26:34.300 [localhost-startStop-1] DEBUG o.a.g.e.LanguageResourceService - Merged strings with existing language: "en" guacamole_1 | 20:26:34.301 [localhost-startStop-1] INFO o.a.g.extension.ExtensionModule - Extension "Session Recording Storage" (recording-storage) loaded. guacamole_1 | 20:26:34.303 [localhost-startStop-1] DEBUG o.a.g.extension.ExtensionModule - [4] Binding AuthenticationProvider "org.apache.guacamole.auth.file.FileAuthenticationProvider". guacamole_1 | 20:26:34.494 [localhost-startStop-1] INFO o.a.g.t.w.WebSocketTunnelModule - Loading JSR-356 WebSocket support... guacamole_1 | 20:26:34.515 [localhost-startStop-1] DEBUG o.a.guacamole.tunnel.TunnelModule - WebSocket module loaded: org.apache.guacamole.tunnel.websocket.WebSocketTunnelModule guacamole_1 | 29-Aug-2023 20:26:35.772 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Deployment of web application archive [/home/guacamole/tomcat/webapps/guacamole.war] has finished in [5,896] ms guacamole_1 | 29-Aug-2023 20:26:35.776 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["http-nio-8080"] guacamole_1 | 29-Aug-2023 20:26:35.799 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in 5970 ms guacamole_1 | 20:26:53.739 [http-nio-8080-exec-6] DEBUG org.apache.xml.security.Init - Registering default algorithms __THIS BIT HERE CONTINUOUSLY REPEATS AS THE BROWSER CONTINUOUSLY RELOADS__ guacamole_1 | 20:26:53.814 [http-nio-8080-exec-6] DEBUG c.onelogin.saml2.authn.AuthnRequest - AuthNRequest --> <samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="ONELOGIN_10b93e5f-e6c1-4eb4-93c2-f99adc1e6bde" Version="2.0" IssueInstant="2023-08-29T20:26:53Z" Destination=https://sso.jumpcloud.com/saml2/ODliYTM0YW ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL=https://grds.my.domain.net/api/ext/saml/callback ><saml:Issuer>https://grds.my.domain.net/</saml:Issuer><samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" AllowCreate="true" /></samlp:AuthnRequest> guacamole_1 | 20:26:53.841 [http-nio-8080-exec-6] DEBUG o.a.i.t.jdbc.JdbcTransaction - Opening JDBC Connection guacamole_1 | 20:26:53.842 [http-nio-8080-exec-6] DEBUG o.a.g.a.j.DynamicallyAuthenticatedDataSource - Creating new database connection for pool. guacamole_1 | Loading class `com.mysql.jdbc.Driver'. This is deprecated. The new driver class is `com.mysql.cj.jdbc.Driver'. The driver is automatically registered via the SPI and manual loading of the driver class is generally unnecessary. guacamole_1 | 20:26:54.148 [http-nio-8080-exec-6] DEBUG o.a.i.d.pooled.PooledDataSource - Created connection 1514662072. guacamole_1 | 20:26:54.148 [http-nio-8080-exec-6] DEBUG o.a.i.d.pooled.PooledDataSource - Testing connection 1514662072 ... guacamole_1 | 20:26:54.182 [http-nio-8080-exec-6] DEBUG o.a.i.d.pooled.PooledDataSource - Connection 1514662072 is GOOD! guacamole_1 | 20:26:54.186 [http-nio-8080-exec-6] DEBUG o.a.g.a.j.user.UserMapper.selectOne - ==> Preparing: SELECT guacamole_user.user_id, guacamole_entity.entity_id, guacamole_entity.name, password_hash, password_salt, password_date, disabled, expired, access_window_start, access_window_end, valid_from, valid_until, timezone, full_name, email_address, organization, organizational_role, MAX(start_date) AS last_active FROM guacamole_user JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id LEFT JOIN guacamole_user_history ON guacamole_user_history.user_id = guacamole_user.user_id WHERE guacamole_entity.name = ? AND guacamole_entity.type = 'USER' GROUP BY guacamole_user.user_id, guacamole_entity.entity_id; SELECT guacamole_user_attribute.user_id, guacamole_user_attribute.attribute_name, guacamole_user_attribute.attribute_value FROM guacamole_user_attribute JOIN guacamole_user ON guacamole_user.user_id = guacamole_user_attribute.user_id JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id WHERE guacamole_entity.name = ? AND guacamole_entity.type = 'USER' guacamole_1 | 20:26:54.211 [http-nio-8080-exec-6] DEBUG o.a.g.a.j.user.UserMapper.selectOne - ==> Parameters: null, null guacamole_1 | 20:26:54.226 [http-nio-8080-exec-6] DEBUG o.a.g.a.j.user.UserMapper.selectOne - <== Total: 0 guacamole_1 | 20:26:54.227 [http-nio-8080-exec-6] DEBUG o.a.i.t.jdbc.JdbcTransaction - Resetting autocommit to true on JDBC Connection [com.mysql.cj.jdbc.ConnectionImpl@5a47e8b8] guacamole_1 | 20:26:54.228 [http-nio-8080-exec-6] DEBUG o.a.i.t.jdbc.JdbcTransaction - Closing JDBC Connection [com.mysql.cj.jdbc.ConnectionImpl@5a47e8b8] guacamole_1 | 20:26:54.228 [http-nio-8080-exec-6] DEBUG o.a.i.d.pooled.PooledDataSource - Testing connection 1514662072 ... guacamole_1 | 20:26:54.229 [http-nio-8080-exec-6] DEBUG o.a.i.d.pooled.PooledDataSource - Connection 1514662072 is GOOD! guacamole_1 | 20:26:54.229 [http-nio-8080-exec-6] DEBUG o.a.i.d.pooled.PooledDataSource - Returned connection 1514662072 to pool. guacamole_1 | 20:26:54.230 [http-nio-8080-exec-6] DEBUG o.a.g.a.f.FileAuthenticationProvider - User mapping file "/home/guacamole/.guacamole/user-mapping.xml" does not exist and will not be read. guacamole_1 | 20:26:54.231 [http-nio-8080-exec-6] DEBUG o.a.g.r.auth.AuthenticationService - Anonymous authentication attempt from [10.0.0.1, 10.0.0.6] failed. guacamole_1 | 20:26:54.237 [http-nio-8080-exec-6] DEBUG o.a.g.rest.RESTExceptionMapper - Client request rejected: Redirecting to SAML IdP. guacamole_1 | 20:26:54.857 [http-nio-8080-exec-9] DEBUG o.a.g.resource.ResourceServlet - Resource not modified: "/app.css" guacamole_1 | 20:26:54.862 [http-nio-8080-exec-10] DEBUG o.a.g.resource.ResourceServlet - Resource not modified: "/app.js" __AND I CTRL-C TO EXIT__ ^CGracefully stopping... (press Ctrl+C again to force) Stopping mariadb ... done Stopping data_guacamole_1 ... done Stopping data_guacd_1 ... done root@guacamole01:/data# </docker-compose log output> In your service, Aaron Meyer --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
