I see following in the syslogs:
Sep 1 03:14:14 debian systemd[1]: Started Session 53 of user root.
Sep 1 03:15:36 debian guacd[897]: Creating new client for protocol "rdp"
Sep 1 03:15:36 debian guacd[897]: Connection ID is
"$df64bc90-f57d-419b-b06c-65ddaddd3e16"
Sep 1 03:15:36 debian guacd[6628]: No security mode specified. Defaulting to
security mode negotiation with server.
Sep 1 03:15:36 debian guacd[6628]: Resize method: none
Sep 1 03:15:36 debian guacd[6628]: User
"@756f9962-0528-43ac-81cd-f035a9f7c5a6" joined connection
"$df64bc90-f57d-419b-b06c-65ddaddd3e16" (1 users now present)
Sep 1 03:15:36 debian guacd[6628]: Loading keymap "base"
Sep 1 03:15:36 debian guacd[6628]: Loading keymap "en-us-qwerty"
Sep 1 03:15:36 debian guacd[6628]: Certificate validation failed
Sep 1 03:15:36 debian guacd[6628]: Error connecting to RDP server
Sep 1 03:15:36 debian guacd[6628]: User
"@756f9962-0528-43ac-81cd-f035a9f7c5a6" disconnected (0 users remain)
Sep 1 03:15:36 debian guacd[6628]: Last user of connection
"$df64bc90-f57d-419b-b06c-65ddaddd3e16" disconnected
Sep 1 03:15:36 debian guacd[897]: Connection
"$df64bc90-f57d-419b-b06c-65ddaddd3e16" removed.
Can you please send me a sample JSON with “ignore-cert” and “security”
parameters?
I am using below JSON which is failing:
{
"username" : "administrator",
"expires" : "1599764011",
"ignore-cert" : "true",
"connections" :
{
"SQLDB" :
{
"protocol" : "rdp",
"parameters" :
{
"hostname" : "10.9.31.85",
"port" : "3389",
}
}
}
}
Prashant K
+91-120-4394400 430 D | +91-7428905742 C
[email protected]<mailto:[email protected]>
[cid:[email protected]]<http://www.agreeya.com/>
AgreeYa Solutions | www.agreeya.com<http://www.agreeya.com/>
From: Mike Jumper <[email protected]>
Sent: Tuesday, September 1, 2020 4:30 AM
To: [email protected]
Subject: Re: guacamole-auth-json is not working
The message below indicates an orderly disconnect on the web application side.
Given how brief that connection is, it looks like the underlying RDP connection
has failed early in the connection process. You would need to check the guacd
logs to see what might be going wrong there, but the cause is most likely
incorrect connection parameters within your JSON.
- Mike
On Mon, Aug 31, 2020 at 12:17 PM Prashant K
<[email protected]<mailto:[email protected]>> wrote:
Hi Nick,
You are absolutely correct, guacd didn’t automatically started when I rebooted
the server.
So the below error is resolved with guacd service start, but now it is throwing
below error:
12:05:30.646 [http-nio-8080-exec-9] DEBUG o.a.g.net.InetGuacamoleSocket -
Connecting to guacd at localhost:4822.
12:05:30.784 [http-nio-8080-exec-9] INFO o.a.g.tunnel.TunnelRequestService -
User "administrator" connected to connection "BMC-CLONE".
Exception in thread "Thread-124" java.lang.IllegalStateException: Message will
not be sent because the WebSocket session has been closed
12:05:30.975 [http-nio-8080-exec-5] INFO o.a.g.tunnel.TunnelRequestService -
User "administrator" disconnected from connection "BMC-CLONE". Duration: 189
milliseconds
12:05:30.976 [http-nio-8080-exec-5] DEBUG o.a.g.net.InetGuacamoleSocket -
Closing socket to guacd.
at
org.apache.tomcat.websocket.WsRemoteEndpointImplBase.writeMessagePart(WsRemoteEndpointImplBase.java:430)
at
org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendMessageBlock(WsRemoteEndpointImplBase.java:309)
at
org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendMessageBlock(WsRemoteEndpointImplBase.java:250)
at
org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendString(WsRemoteEndpointImplBase.java:191)
at
org.apache.tomcat.websocket.WsRemoteEndpointBasic.sendText(WsRemoteEndpointBasic.java:37)
at
org.apache.guacamole.websocket.GuacamoleWebSocketTunnelEndpoint.sendInstruction(GuacamoleWebSocketTunnelEndpoint.java:152)
at
org.apache.guacamole.websocket.GuacamoleWebSocketTunnelEndpoint.access$200(GuacamoleWebSocketTunnelEndpoint.java:53)
at
org.apache.guacamole.websocket.GuacamoleWebSocketTunnelEndpoint$2.run(GuacamoleWebSocketTunnelEndpoint.java:253)
Regards,
Prashant
From: Nick Couchman <[email protected]<mailto:[email protected]>>
Sent: Monday, August 31, 2020 7:47 PM
To: [email protected]<mailto:[email protected]>
Subject: Re: guacamole-auth-json is not working
On Mon, Aug 31, 2020 at 9:04 AM Prashant K
<[email protected]<mailto:[email protected]>> wrote:
Thanks for the prompt response guys.
I resolved the permission denied issue, the issue was json extension was not
properly installed. I reinstalled the extension and now I can generate the
token using curl command.
But when I use that token in the browser connection fails with below error in
the Tomcat:
05:57:15.777 [http-nio-8080-exec-1] INFO o.a.g.environment.LocalEnvironment -
GUACAMOLE_HOME is "/etc/guacamole".
05:57:15.930 [http-nio-8080-exec-2] DEBUG o.a.g.net.InetGuacamoleSocket -
Connecting to guacd at localhost:4822.
05:57:15.939 [http-nio-8080-exec-2] ERROR
o.a.g.w.GuacamoleWebSocketTunnelEndpoint - Creation of WebSocket tunnel to
guacd failed: java.net.ConnectException: Connection refused (Connection refused)
05:57:15.949 [http-nio-8080-exec-2] DEBUG
o.a.g.w.GuacamoleWebSocketTunnelEndpoint - Error connecting WebSocket tunnel.
org.apache.guacamole.GuacamoleServerException: java.net.ConnectException:
Connection refused (Connection refused)
at
org.apache.guacamole.net.InetGuacamoleSocket.<init>(InetGuacamoleSocket.java:114)
~[guacamole-common-1.1.0.jar:na]
at
org.glyptodon.guacamole.auth.json.connection.ConnectionService.connect(ConnectionService.java:231)
~[na:na]
at
org.glyptodon.guacamole.auth.json.user.UserDataConnection.connect(UserDataConnection.java:195)
~[na:na]
at
org.apache.guacamole.net.auth.Connectable.connect(Connectable.java:96)
~[classes/:na]
at
org.apache.guacamole.tunnel.TunnelRequestService.createConnectedTunnel(TunnelRequestService.java:216)
~[classes/:na]
at
org.apache.guacamole.tunnel.TunnelRequestService.createTunnel(TunnelRequestService.java:347)
~[classes/:na]
at
org.apache.guacamole.tunnel.websocket.RestrictedGuacamoleWebSocketTunnelEndpoint.createTunnel(RestrictedGuacamoleWebSocketTunnelEndpoint.java:113)
~[classes/:na]
at
org.apache.guacamole.websocket.GuacamoleWebSocketTunnelEndpoint.onOpen(GuacamoleWebSocketTunnelEndpoint.java:200)
~[guacamole-common-1.1.0.jar:na]
at
org.apache.tomcat.websocket.server.WsHttpUpgradeHandler.init(WsHttpUpgradeHandler.java:133)
~[tomcat-websocket.jar:9.0.36]
at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:914)
~[tomcat-coyote.jar:9.0.36]
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1590)
~[tomcat-coyote.jar:9.0.36]
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
~[tomcat-coyote.jar:9.0.36]
at
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
~[na:na]
at
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
~[na:na]
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
~[tomcat-util.jar:9.0.36]
at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na]
Caused by: java.net.ConnectException: Connection refused (Connection refused)
at java.base/java.net.PlainSocketImpl.socketConnect(Native Method)
~[na:na]
at
java.base/java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:399)
~[na:na]
at
java.base/java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:242)
~[na:na]
at
java.base/java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:224)
~[na:na]
at java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:403)
~[na:na]
at java.base/java.net.Socket.connect(Socket.java:609) ~[na:na]
at
org.apache.guacamole.net.InetGuacamoleSocket.<init>(InetGuacamoleSocket.java:100)
~[guacamole-common-1.1.0.jar:na]
... 15 common frames omitted
Please suggest.
Is guacd running and accessible?
-Nick
