Just checking. Did you do a completely clean install? I upgraded a server yesterday and started to get RDP reconnect loops that I had never experienced before. After some troubleshooting I realised I hadn't restarted guacd - so did a full clear out and restart.
Rename the guacamole.war file to guacamole.war.1.6 in the tomcat webapps directory and wait for tomcat to undeploy it (the guacamole folder will disappear) stop guacd stop tomcat restart guacd restart tomcat rename the war file back to guacamole.war so tomcat re-deploys it again Hard reload the guacamole site in the browser (Ctrl-F5) ________________________________ From: [email protected] <[email protected]> Sent: Tuesday 24 June 2025 10:09 To: [email protected] <[email protected]> Subject: Re: Guacamole Crash 1.6.0 multi-connect and SSO Hi Here I add the debug log from SSO process from guacamole side: https://pastebin.com/LMVf9Ejx<https://urldefense.proofpoint.com/v2/url?u=https-3A__pastebin.com_LMVf9Ejx&d=DwMGaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=rV1TaS57Er-iXt3xuQ-z-tdNjnF1gnRuIFzegdtXxq0&m=S6lm9IIvn1XTw6wLqlk4FXyfV6a_jfJ0FWSX3g0fvSbU3unK9vvV-TXOWHr8w-yb&s=zlPXTCU5yZ-AGljM-PGuNpskdXBJWeI7ckrm6GGDp0o&e=> >From authentik side there are no errors: * Tobias Sent with Proton Mail<https://urldefense.proofpoint.com/v2/url?u=https-3A__pr.tn_ref_BTTM5JG4EZEG&d=DwMGaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=rV1TaS57Er-iXt3xuQ-z-tdNjnF1gnRuIFzegdtXxq0&m=S6lm9IIvn1XTw6wLqlk4FXyfV6a_jfJ0FWSX3g0fvSbU3unK9vvV-TXOWHr8w-yb&s=5OdldosGgEFWP_ZF9Ig3IFDdpcDYnf5nV4OCCdfPQ3M&e=> secure email. On Tuesday, June 24th, 2025 at 10:28, [email protected] <[email protected]> wrote: Hi Since upgrading to 1.6.0 multi-connection SSH seems to be broken, as soon as I add a second SSH connection, this appears (attatchment) Here the debug log: https://pastebin.com/iGcXZRmE<https://urldefense.proofpoint.com/v2/url?u=https-3A__pastebin.com_iGcXZRmE&d=DwMGaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=rV1TaS57Er-iXt3xuQ-z-tdNjnF1gnRuIFzegdtXxq0&m=S6lm9IIvn1XTw6wLqlk4FXyfV6a_jfJ0FWSX3g0fvSbU3unK9vvV-TXOWHr8w-yb&s=QmV06-AZTxbkW0mDfxAUON2plS-4gHqEqS-Y4jRThB4&e=> After then it just loops left/right conenction infinitely, my internet is definitely enough stable. Second Problem: OIDC Connection, previously OpenID worked fine, I updated the extension to 1.6.0 and didn't touch my variables, they are currently like this, now it does not work anymore. ``` openid-authorization-endpoint: https://auth.mydomain.dev/application/o/authorize/<https://urldefense.proofpoint.com/v2/url?u=https-3A__auth.mydomain.dev_application_o_authorize_&d=DwMGaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=rV1TaS57Er-iXt3xuQ-z-tdNjnF1gnRuIFzegdtXxq0&m=S6lm9IIvn1XTw6wLqlk4FXyfV6a_jfJ0FWSX3g0fvSbU3unK9vvV-TXOWHr8w-yb&s=veSSbyjDaydS01iUJ0Etyfl47NHLyL4vL2wXdfB4dlA&e=> openid-client-id: XXXXX openid-issuer: https://auth.mydomain.dev/application/o/guacamole/<https://urldefense.proofpoint.com/v2/url?u=https-3A__auth.mydomain.dev_application_o_guacamole_&d=DwMGaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=rV1TaS57Er-iXt3xuQ-z-tdNjnF1gnRuIFzegdtXxq0&m=S6lm9IIvn1XTw6wLqlk4FXyfV6a_jfJ0FWSX3g0fvSbU3unK9vvV-TXOWHr8w-yb&s=y2wj4C6LkB4WdhuRcw42AxyzefFBGC78JhDAktD_xN4&e=> openid-jwks-endpoint: https://auth.mydomain.dev/application/o/guacamole/jwks/<https://urldefense.proofpoint.com/v2/url?u=https-3A__auth.mydomain.dev_application_o_guacamole_jwks_&d=DwMGaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=rV1TaS57Er-iXt3xuQ-z-tdNjnF1gnRuIFzegdtXxq0&m=S6lm9IIvn1XTw6wLqlk4FXyfV6a_jfJ0FWSX3g0fvSbU3unK9vvV-TXOWHr8w-yb&s=PL3C-tXgs3UP8-PNIZNCqxKMHA954cviWE5bcfaJnCQ&e=> openid-redirect-uri: https://guac.mydomain.dev/guacamole<https://urldefense.proofpoint.com/v2/url?u=https-3A__guac.mydomain.dev_guacamole&d=DwMGaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=rV1TaS57Er-iXt3xuQ-z-tdNjnF1gnRuIFzegdtXxq0&m=S6lm9IIvn1XTw6wLqlk4FXyfV6a_jfJ0FWSX3g0fvSbU3unK9vvV-TXOWHr8w-yb&s=n7Rx5NBzTk6fW3vpYfPN5lcbYge5a6XqdCVVAw2uks0&e=> openid-scope: openid email profile openid-username-claim-type: preferred_username extension-priority: *, openid ``` I get a 502 on authentik side, normally I'd say this is an authentik issue, but since SSO worked before upgrade and I didn't touch authentik side nor guacamole side of sso otherwise than updating, I think this is rather on guacamole? (Second Attatchment) * Tobias Sent with Proton Mail<https://urldefense.proofpoint.com/v2/url?u=https-3A__pr.tn_ref_BTTM5JG4EZEG&d=DwMGaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=rV1TaS57Er-iXt3xuQ-z-tdNjnF1gnRuIFzegdtXxq0&m=S6lm9IIvn1XTw6wLqlk4FXyfV6a_jfJ0FWSX3g0fvSbU3unK9vvV-TXOWHr8w-yb&s=5OdldosGgEFWP_ZF9Ig3IFDdpcDYnf5nV4OCCdfPQ3M&e=> secure email. IT Solutions Email Disclaimer - This e-mail and any files transmitted with it contain information which may be confidential and which may also be privileged and is intended solely for the use of the individual or entity to whom it is addressed. Unless you are the intended recipient you may not copy or use it, or disclose it to anyone else. Any opinions expressed are that of the individual and not necessarily that of IT Solutions Ltd. If you have received this e-mail in error please notify the sender by return. For further information on IT Solutions visit https://www.itsolutions.ie IT Solutions Email Disclaimer - The information contained in this email message, including any files transmitted with it, is confidential and may be legally privileged. This e-mail is intended only for the personal attention of the stated addressee(s). Any access to this email, including any files transmitted with it, by any other person is unauthorised. If you are not an addressee, you must not disclose, copy, circulate or in any other way use or rely on the accuracy or completeness of the information contained in this email or any files transmitted with it. If you have received this email in error, please inform the sender immediately and delete it and all copies from your system. You may not forward this email without the permission of the authorised sender. The views expressed in this email are those of the author, and do not necessarily represent the views of IT Solutions or its affiliates. Internet communications are not secure and IT Solutions cannot therefore accept legal responsibility for the contents of this message nor for any damage caused by viruses. This email has been scanned at the originating end. For further information on IT Solutions visit https://www.itsolutions.ie
