Ok Michael. You are right, thanks a lot.
It works like a charm. -Gabriel -----Mensaje original----- De: Michael Jumper <[email protected]> Enviado el: miƩrcoles, 31 de mayo de 2023 01:06 p. m. Para: [email protected] Asunto: Re: Guacamole REST petition to remove user session. If using the ".../api/session" endpoint, then the token needs to be included as the "Guacamole-Token" header. Including the token within the path is a request for a resource that does not exist, and permission to access anything beneath ".../api/session" (whether or not it exists) will be denied if you don't include a valid "Guacamole-Token" header. The endpoint for invalidating a token that includes the token in the path instead of a header is ".../api/tokens/YOUR_TOKEN_GOES_HERE". - Mike On 5/31/23 10:45, Gabriel Huerta Araujo wrote: > Hi > > I am executing a perl script which executes a REST DELETE to remove a user > session and sends an error: > > '_content' => '{"message":"Permission > Denied.","translatableMessage":{"key":"APP.TEXT_UNTRANSLATED","variables":{"MESSAGE":"Permission > Denied."}},"statusCode":null,"expected":null,"type":"BAD_REQUEST"}' > > What seems to be the trouble? > > This is the client petition: > $VAR1 = bless( { > '_config' => { > 'host' => 'http://xx.xx.xx.xx:xxxx', > 'useragent' => bless( { > > 'requests_redirectable' => [ > > 'GET', > > 'HEAD' > > ], > 'protocols_allowed' > => undef, > 'max_redirect' => 7, > 'max_size' => undef, > 'def_headers' => > bless( { > > 'user-agent' => 'REST::Client/281' > > }, 'HTTP::Headers' ), > 'send_te' => 1, > 'use_eval' => 1, > > 'protocols_forbidden' => undef, > 'show_progress' => > undef, > 'handlers' => { > > 'response_header' => bless( [ > > { > > 'm_media_type' => 'html', > > 'owner' => 'LWP::UserAgent::parse_head', > > 'line' => '/usr/share/perl5/LWP/UserAgent.pm:768', > > 'callback' => sub { "DUMMY" } > > } > > ], 'HTTP::Config' ) > }, > 'local_address' => > undef, > 'ssl_opts' => { > > 'verify_hostname' => 1 > }, > 'timeout' => 300, > 'no_proxy' => [], > 'proxy' => {} > }, 'LWP::UserAgent' ) > }, > '_res' => bless( { > '_headers' => bless( { > 'client-date' => > 'Wed, 31 May 2023 16:46:04 GMT', > 'content-length' > => '186', > 'date' => 'Wed, > 31 May 2023 16:46:04 GMT', > 'client-peer' => > 'xx.xx.xx.xx:xxxx', > '::std_case' => { > > 'client-date' => 'Client-Date', > > 'client-response-num' => 'Client-Response-Num', > > 'client-peer' => 'Client-Peer' > }, > 'content-type' => > 'application/json', > 'connection' => > 'close', > > 'client-response-num' => 1 > }, 'HTTP::Headers' > ), > '_request' => bless( { > '_content' => '', > '_method' => > 'DELETE', > '_headers' => > bless( { > > 'user-agent' => 'REST::Client/281', > > > 'authorization' => 'Basic Y25zc2lzdGU6VDF0NG4zcyE= ', > > 'content-type' => 'application/json', > > 'connection' => 'close', > > 'content-length' => 0 > > }, 'HTTP::Headers' ), > '_uri' => bless( > do{\(my $o = > 'http://xx.xx.xx.xx:xxxx/guacamole/api/session/45479416E12A8470BCF0ACAA155D5CED9DD4F7860FE31CB84104B78BC896851A')}, > 'URI::http' ), > '_uri_canonical' > => $VAR1->{'_res'}{'_request'}{'_uri'} > }, 'HTTP::Request' > ), > '_content' => '{"message":"Permission > Denied.","translatableMessage":{"key":"APP.TEXT_UNTRANSLATED","variables":{"MESSAGE":"Permission > Denied."}},"statusCode":null,"expected":null,"type":"BAD_REQUEST"}', > '_protocol' => 'HTTP/1.1', > '_msg' => '', > '_rc' => '403' > }, 'HTTP::Response' ) > }, 'REST::Client' ); > > 'http://xx.xx.xx.xx:xxxx/guacamole/api/session/45479416E12A8470BCF0ACAA155D5CED9DD4F7860FE31CB84104B78BC896851A' > is the URL petition and > 45479416E12A8470BCF0ACAA155D5CED9DD4F7860FE31CB84104B78BC896851A is the token > related to session. This needs to be encrypted? If yes how this must be done? > > -Gabriel > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
