On Sun, Apr 26, 2020 at 10:32 AM Adrian Owen <[email protected]> wrote:
> Cleared out calalina.out ready to test, clicked and 403 > > > > I saw hundreds of trace messages, before I cleared it. > > > > But these only ones shown before 403 . V 0.9.14. No Trace only debug > > > > JDBC Connection [com.mysql.jdbc.JDBC4Connection@1e709431] > > 20:06:57.106 [http-nio-8080-exec-1] DEBUG o.a.i.d.pooled.PooledDataSource > - Testing connection 510694449 ... > > 20:06:57.106 [http-nio-8080-exec-1] DEBUG o.a.i.d.pooled.PooledDataSource > - Connection 510694449 is GOOD! > > 20:06:57.106 [http-nio-8080-exec-1] DEBUG o.a.i.d.pooled.PooledDataSource > - Returned connection 510694449 to pool. > > 20:06:57.129 [http-nio-8080-exec-1] DEBUG > o.g.g.a.j.RequestValidationService - Authentication request from > "127.0.0.1" is ALLOWED (no restrictions). > My guess is that this is the source of your issue, here. You mentioned the "JSON API" in your first post, which, I'm going to guess is Mike's JSON authentication extension. My guess is that the extension is, for some reason, triggering the failure - it looks like whatever data you're providing with the JSON extension is not recognized by the underlying Guacamole authentication system as anything but an anonymous login attempt, and it's rejecting the anonymous login (next message). At this point I don't know why that is - I'm not overly-familiar with that particular extension - but perhaps you could post sample JSON requests you're making to the REST API portion of that extension - one that succeeds and one that fails? That might help narrow down the cause... 20:06:57.191 [http-nio-8080-exec-1] DEBUG > o.a.g.r.auth.AuthenticationService - Anonymous authentication attempt from > [10.10.220.74, 127.0.0.1] failed. > > > -Nick >
