RE: Issue with logging into a new test Guac server

Tue, 03 Sep 2024 11:30:47 -0700 

OK, I think I got it.  I removed the symbolic link from 
/usr/share/tomcat/.guacamole/guacamole.properties, and copied that file to 
/usr/share/tomcat/.guacamole.  I then put a symbolic link to that under 
/etc/guacamole, and made sure that everything under 
/usr/share/tomcat/.guacamole was owned by the tomcat user.  Now I can log in as 
guacadmin as well as my LDAP user.

Thanks,
Harry

-----Original Message-----
From: Devine, Harry (FAA) <harry.dev...@faa.gov.INVALID> 
Sent: Tuesday, September 3, 2024 2:21 PM
To: user@guacamole.apache.org
Subject: RE: Issue with logging into a new test Guac server

CAUTION: This email originated from outside of the Federal Aviation 
Administration (FAA). Do not click on links or open attachments unless you 
recognize the sender and know the content is safe.


In between my initial message and your reply, I looked at a working system and 
it looked like some config files under /usr/share/tomcat/.guacamole weren't 
right, so I fixed that/cleaned that up.  Now Guac starts better (has my custom 
branding, etc.), but when I try to log in, I get the following in 
/var/log/messages:

Sep  3 14:14:56 test-access server[184595]: 14:14:56.780 [http-nio-8080-exec-3] 
WARN  o.a.g.e.AuthenticationProviderFacade - Authentication attempt ignored 
because the relevant authentication provider could not be loaded. Please check 
for errors earlier in the logs.
Sep  3 14:14:56 test-access server[184595]: 14:14:56.780 [http-nio-8080-exec-3] 
WARN  o.a.g.e.AuthenticationProviderFacade - The "ldap" authentication provider 
has encountered an internal error which will halt the authentication process. 
If this is unexpected or you are the developer of this authentication provider, 
you may wish to enable debug-level logging. If this is expected and you wish to 
ignore such failures in the future, please set "skip-if-unavailable: ldap" 
within your guacamole.properties.
Sep  3 14:14:56 test-access server[184595]: 14:14:56.781 [http-nio-8080-exec-3] 
WARN  o.a.g.r.auth.AuthenticationService - Authentication attempt from 
[xxx.xxx.xxx.xxx, 127.0.0.1] for user "guacadmin" failed.
Sep  3 14:14:56 test-access server[184595]: 14:14:56.781 [http-nio-8080-exec-3] 
ERROR o.a.g.rest.RESTExceptionMapper - Request could not be processed: Property 
ldap-user-base-dn is required.

In /etc/guacamole/guacamole.properties, I do have LDAP set up as I do on the 
working system, and ldap-user-base-dn is configured.  So why would that be 
missing, or not read properly?  Perhaps a symbolic link to guacamole.properties 
not being correct somewhere?

Thanks,
Harry

-----Original Message-----
From: Michael Jumper <mjum...@apache.org>
Sent: Tuesday, September 3, 2024 2:13 PM
To: user@guacamole.apache.org
Subject: Re: Issue with logging into a new test Guac server

CAUTION: This email originated from outside of the Federal Aviation 
Administration (FAA). Do not click on links or open attachments unless you 
recognize the sender and know the content is safe.


On 9/3/24 10:46 AM, Devine, Harry (FAA) wrote:
> We have setup a test server on our development system to use for 
> security testing and upgrades.  I have imported the MySQL database 
> from a working system, so I know that the guacadmin password is 
> correct and set, but I cannot login to this new system either as 
> guacadmin or my own LDAP user.  All I get in /var/log/messages is:
>
> Sep  3 13:43:20 test-access server[1479]: 13:43:20.325 
> [http-nio-8080-exec-2] WARN  o.a.g.r.auth.AuthenticationService - 
> Authentication attempt from [xxx.xxx.xxx.xxx, 127.0.0.1] for user 
> "harry.devine" failed.
>
> Sep  3 13:43:27 test-access server[1479]: 13:43:27.698 
> [http-nio-8080-exec-5] WARN  o.a.g.r.auth.AuthenticationService - 
> Authentication attempt from [xxx.xxx.xxx.xxx, 127.0.0.1] for user 
> "harry.devine" failed.
>
> Sep  3 13:43:37 test-access server[1479]: 13:43:37.679 
> [http-nio-8080-exec-4] WARN  o.a.g.r.auth.AuthenticationService - 
> Authentication attempt from [xxx.xxx.xxx.xxx, 127.0.0.1] for user 
> "guacadmin" failed.
>
> Sep  3 13:43:40 test-access server[1479]: 13:43:40.538 
> [http-nio-8080-exec-6] WARN  o.a.g.r.auth.AuthenticationService - 
> Authentication attempt from [xxx.xxx.xxx.xxx, 127.0.0.1] for user 
> "guacadmin" failed.
>
> Sep  3 13:43:44 test-access server[1479]: 13:43:44.939 
> [http-nio-8080-exec-10] WARN  o.a.g.r.auth.AuthenticationService - 
> Authentication attempt from [xxx.xxx.xxx.xxx, 127.0.0.1] for user 
> "guacadmin" failed.
>
> Is there any other logging information I can look at to determine why 
> I can’t log in?
>

Can you provide the logs from the point that Tomcat started? The details logged 
during webapp startup may be relevant.

- Mike

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

B KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB  [  
X  ܚX KK[XZ[
 \ \ ][  X  ܚX P XX [[ K \X K ܙ B  ܈Y][ۘ[  [X[  K[XZ[
 \ \ Z[ XX [[ K \X K ܙ B

Reply via email to