Friends, We are trying to upgrade a server that uses Guacamole / Tomcat7 on Ubuntu 16.04 to Ubuntu 18.04 or 20.04 with Tomcat 8 or 9.
You can try out the server yourself, by going to http://agora.cs.calvin.edu:8080/. Each time we get close to having it work, we see this error show up in the console of the browser: POST http://agora.cs.calvin.edu:8080/agora/api/tokens 403 Drilling down on that in Chrome, I find: * Request URL: http://agora.cs.calvin.edu:8080/agora/api/tokens * Request Method: POST * Status Code: 403 * Remote Address: 18.104.22.168:8080 * Referrer Policy: no-referrer-when-downgrade 1. Response Headersview source * Content-Type: application/json * Date: Tue, 23 Jun 2020 16:42:56 GMT * Transfer-Encoding: chunked 2. Request Headersview source * Accept: application/json, text/plain, */* * Accept-Encoding: gzip, deflate * Accept-Language: en-US,en;q=0.9 * Cache-Control: no-cache * Connection: keep-alive * Content-Length: 0 * Content-Type: application/x-www-form-urlencoded * Cookie: JSESSIONID=F61EBB3764D21F4A6161304BB9D820EF; JSESSIONID=BA81E2D37D390F411711FAB57F5B8DBF * DNT: 1 * Host: agora.cs.calvin.edu:8080 * Origin: http://agora.cs.calvin.edu:8080 * Pragma: no-cache * Referer: http://agora.cs.calvin.edu:8080/agora/ * User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36 What is this request to POST to ../api/tokens? Is this some new security added in tomcat8 or 9 that we need to account for? Or is it a file permissions issue somehow? I'd really appreciate any insight anyone has. Thanks. Prof. Victor Norman Computer Science Calvin College University v...@calvin.edu<mailto:vnor...@calvin.edu> ----- "A designer knows he has achieved perfection not when there is nothing left to add, but when there is nothing left to take away." -- Antoine de Saint Exupéry