You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@guacamole.apache.org by Kaushik Srinivasan <ka...@umail.iu.edu> on 2017/07/12 01:52:40 UTC
Re: [DISCUSS] Scope of 0.9.13-incubating
Hello All,
I've been trying to test the CAS module for guacamole. Once I login to the
CAS page, I'm redirected to the Guacamole server but the page gets stuck in
an Infinite loop. I believe this is because the page repeatedly queries the
CAS server with which I have already Authenticated.
Also, I have not provided any Connection information ( For RDP connectionn)
anywhere.
I couldn't find any documentation so not sure what I'm missing.
Can anyone point out what I'm doing wrong?
Thanks
Regards
Kaushik Srinivasan
On Mon, May 29, 2017 at 2:31 AM, Mike Jumper <mi...@guac-dev.org>
wrote:
> Hello all,
>
> I'd like to begin the discussion of scope for the 0.9.13-incubating
> release. Issues currently tagged for 0.9.13 can be found here:
>
> https://issues.apache.org/jira/issues/?jql=project%20%
> 3D%20Guacamole%20AND%
> 20fixVersion%20%3D%200.9.13-incubating
>
> There are quite a few changes already complete, including the
> recently-merged support for CAS (can anyone confirm to what degree this has
> already been tested?).
>
> I still have to write some documentation for GUACAMOLE-292 (user profile
> support). Other than that, only the following two issues are open but
> tagged for 0.9.13:
>
> https://issues.apache.org/jira/browse/GUACAMOLE-168 (support for X.Org)
> https://issues.apache.org/jira/browse/GUACAMOLE-197 (support for RADIUS)
>
> This brings the questions:
>
> 1) Should we wait for the X.Org code to be documented and merged before
> 0.9.13?
> 2) Should we wait for the RADIUS support (which Nick has completed) to be
> reviewed and merged before 0.9.13?
> 3) Are there other changes not tagged for 0.9.13 which are important enough
> to warrant expanding scope?
>
> The main things holding back my progress on #1 and #2 above are finding the
> time to document the X.Org code and to re-review and test the RADIUS code.
> Regardless of how slowly/quickly those can be done, we need to weigh the
> benefit of having those changes against the additional testing surface and
> delay in releasing the other completed changes. I would lean more on the
> size of reducing scope, but both of these changes have already been delayed
> at least once.
>
> Thoughts?
>
> Thanks,
>
> - Mike
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Kaushik Srinivasan <ka...@umail.iu.edu>.
Thanks a lot Nick.
I'm just stating few points to make sure I'm not doing something silly.
There is only one connection configured in the mysql table which works
perfectly fine standalone.
When there are no connections available and I'm using CAS in conjunction
with the jdbc the the error I said occurs.
Essentially the error I previously stated occurs whenever I successfully
authenticate.
Also this should not matter but the cas login I use is my university login
which is integrated with DUO for MFA.
I do understand that removing JDBC leaves the CAS useless as no connection
parameters are present. I did it for testing if the issue was with jdbc.
Thanks again for taking a look at this. I'll keep trying and inform you of
any development.
Have a nice night.
Regards
Kaushik Srinivasan
On Sun, Jul 16, 2017 at 11:13 PM, Nicholas Couchman <
nick.couchman@yahoo.com.invalid> wrote:
> I will take a look at the CAS module tomorrow and see if I can reproduce
> the error you're getting in the log file.
>
> However, keep in mind the following things:
> - As Mike pointed out, the auto-redirect to a connection only happens if a
> user has 1 and only 1 connection available. If there is more than one
> available the user will be redirected to the home screen. If there are
> none available the user is also redirected to the home screen.
> - If you remove the JDBC module and only use CAS, then you probably do not
> have any connections available to the user, unless you configure one in the
> XML file that the default file authentication extension reads from.
>
> -Nick
>
> > On Jul 16, 2017, at 23:01, Kaushik Srinivasan <ka...@umail.iu.edu>
> wrote:
> >
> > Hi Mike,
> >
> > Regarding redirection after CAS authentication, just to test I removed
> the
> > jdbc extension and launched the application. After CAS authentication the
> > same error (as I've previously shown) is thrown which makes me think
> > there's something up with CAS module.
> >
> > Yes, I'm using 0.9.13 for everything. MySQL extension, schema, CAS, Guac
> > client, server, all are retrieved from github.
> >
> > Thanks.
> >
> > Regards
> > Kaushik
> >
> > On Sun, Jul 16, 2017 at 10:55 PM, Mike Jumper <mi...@guac-dev.org>
> > wrote:
> >
> >> On Sun, Jul 16, 2017 at 7:49 PM, Kaushik Srinivasan <
> kausrini@umail.iu.edu
> >>>
> >> wrote:
> >>
> >>> Hi All,
> >>>
> >>> I have tried using the guacamole-auth-cas with 0.9.13 as suggested. I
> >>> further used jdbc connection (mysql) for connection properties.
> >>>
> >>> The CAS authentication works now
> >>
> >>
> >> Excellent.
> >>
> >>
> >>> but does not redirect to my connection
> >>> after that.
> >>
> >>
> >> That is actually independent of the CAS authentication, and is driven
> >> purely by the number of connections available. If only one connection is
> >> present, you should be redirected to that connection upon login.
> >>
> >> If you're not seeing any connections whatsoever, then something else is
> >> amiss.
> >>
> >> I verified that the jdbc connection works independently ( by
> >>> removing auth-cas extension). Also the username returned from auth-cas
> is
> >>> the same as the username I have stored in the mysql table.
> >>>
> >>>
> >> You're using 0.9.13-incubating-RC1 across the board, now, correct?
> >> Including the MySQL extension and the schema script that you used to
> create
> >> the MySQL database?
> >>
> >> - Mike
> >>
>
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Nicholas Couchman <ni...@yahoo.com.INVALID>.
I will take a look at the CAS module tomorrow and see if I can reproduce the error you're getting in the log file.
However, keep in mind the following things:
- As Mike pointed out, the auto-redirect to a connection only happens if a user has 1 and only 1 connection available. If there is more than one available the user will be redirected to the home screen. If there are none available the user is also redirected to the home screen.
- If you remove the JDBC module and only use CAS, then you probably do not have any connections available to the user, unless you configure one in the XML file that the default file authentication extension reads from.
-Nick
> On Jul 16, 2017, at 23:01, Kaushik Srinivasan <ka...@umail.iu.edu> wrote:
>
> Hi Mike,
>
> Regarding redirection after CAS authentication, just to test I removed the
> jdbc extension and launched the application. After CAS authentication the
> same error (as I've previously shown) is thrown which makes me think
> there's something up with CAS module.
>
> Yes, I'm using 0.9.13 for everything. MySQL extension, schema, CAS, Guac
> client, server, all are retrieved from github.
>
> Thanks.
>
> Regards
> Kaushik
>
> On Sun, Jul 16, 2017 at 10:55 PM, Mike Jumper <mi...@guac-dev.org>
> wrote:
>
>> On Sun, Jul 16, 2017 at 7:49 PM, Kaushik Srinivasan <kausrini@umail.iu.edu
>>>
>> wrote:
>>
>>> Hi All,
>>>
>>> I have tried using the guacamole-auth-cas with 0.9.13 as suggested. I
>>> further used jdbc connection (mysql) for connection properties.
>>>
>>> The CAS authentication works now
>>
>>
>> Excellent.
>>
>>
>>> but does not redirect to my connection
>>> after that.
>>
>>
>> That is actually independent of the CAS authentication, and is driven
>> purely by the number of connections available. If only one connection is
>> present, you should be redirected to that connection upon login.
>>
>> If you're not seeing any connections whatsoever, then something else is
>> amiss.
>>
>> I verified that the jdbc connection works independently ( by
>>> removing auth-cas extension). Also the username returned from auth-cas is
>>> the same as the username I have stored in the mysql table.
>>>
>>>
>> You're using 0.9.13-incubating-RC1 across the board, now, correct?
>> Including the MySQL extension and the schema script that you used to create
>> the MySQL database?
>>
>> - Mike
>>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Kaushik Srinivasan <ka...@umail.iu.edu>.
Hi Mike,
Regarding redirection after CAS authentication, just to test I removed the
jdbc extension and launched the application. After CAS authentication the
same error (as I've previously shown) is thrown which makes me think
there's something up with CAS module.
Yes, I'm using 0.9.13 for everything. MySQL extension, schema, CAS, Guac
client, server, all are retrieved from github.
Thanks.
Regards
Kaushik
On Sun, Jul 16, 2017 at 10:55 PM, Mike Jumper <mi...@guac-dev.org>
wrote:
> On Sun, Jul 16, 2017 at 7:49 PM, Kaushik Srinivasan <kausrini@umail.iu.edu
> >
> wrote:
>
> > Hi All,
> >
> > I have tried using the guacamole-auth-cas with 0.9.13 as suggested. I
> > further used jdbc connection (mysql) for connection properties.
> >
> > The CAS authentication works now
>
>
> Excellent.
>
>
> > but does not redirect to my connection
> > after that.
>
>
> That is actually independent of the CAS authentication, and is driven
> purely by the number of connections available. If only one connection is
> present, you should be redirected to that connection upon login.
>
> If you're not seeing any connections whatsoever, then something else is
> amiss.
>
> I verified that the jdbc connection works independently ( by
> > removing auth-cas extension). Also the username returned from auth-cas is
> > the same as the username I have stored in the mysql table.
> >
> >
> You're using 0.9.13-incubating-RC1 across the board, now, correct?
> Including the MySQL extension and the schema script that you used to create
> the MySQL database?
>
> - Mike
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Mike Jumper <mi...@guac-dev.org>.
On Sun, Jul 16, 2017 at 7:49 PM, Kaushik Srinivasan <ka...@umail.iu.edu>
wrote:
> Hi All,
>
> I have tried using the guacamole-auth-cas with 0.9.13 as suggested. I
> further used jdbc connection (mysql) for connection properties.
>
> The CAS authentication works now
Excellent.
> but does not redirect to my connection
> after that.
That is actually independent of the CAS authentication, and is driven
purely by the number of connections available. If only one connection is
present, you should be redirected to that connection upon login.
If you're not seeing any connections whatsoever, then something else is
amiss.
I verified that the jdbc connection works independently ( by
> removing auth-cas extension). Also the username returned from auth-cas is
> the same as the username I have stored in the mysql table.
>
>
You're using 0.9.13-incubating-RC1 across the board, now, correct?
Including the MySQL extension and the schema script that you used to create
the MySQL database?
- Mike
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Nick Couchman <ni...@yahoo.com.INVALID>.
Ah, okay, makes sense.
On Tuesday, July 18, 2017, 10:48:49 AM EDT, Kaushik Srinivasan <ka...@umail.iu.edu> wrote:
I'm not copying guacamole-auth-cas into extensions folder initially because
I'm loading the jdbc driver and setting up user and stuff. After doing that
I load CAS into extensions folder manually and stop tomcat and restart for
it to take effect.
You are right and it won't work if u place the extension outside the
/guacamole/extension folder. That's why I put it there.
Thanks for checking the setup.
Regards
Kaushik Srinivasan
On 18 Jul 2017 8:42 a.m., "Nick Couchman" <ni...@yahoo.com.invalid>
wrote:
> On Monday, July 17, 2017, 11:08:06 PM EDT, Mike Jumper <
> mike.jumper@guac-dev.org> wrote:
>
>
> > On Mon, Jul 17, 2017 at 7:37 PM, Kaushik Srinivasan
> > <ka...@umail.iu.edu> wrote:
> >>
> >> ...
> >>
> >> Also there's a major information I might have left out. I have been
> setting
> >> all this up in Docker. Not using the docker file provided in the github
> as
> >> I'm building on an arm architecture. It needs slightly different
> settings.
> >>
>
> >Can you share the Dockerfile and/or the images themselves?
>
> > Is there anything else custom about your deployment? That the
> > extension itself was (at least previously) actually modified and not
> > the version included in the 0.9.13-incubating RC, and that the webapp
> > is actually running under a custom Docker image, are all pretty
> > important details.
>
> Yeah, I'd have to agree that these changes are fairly important in
> debugging the problems you're seeing. Based on the Dockerfile you
> provided, looks like you're running the raspbian Debian variant from
> January. I'll see what I can do to build up a matching environment and try
> to reproduce the issues you're seeing in there. Seems that something about
> this Docker environment is causing the problems you're experiencing.
>
> Also, I see one issue in the Dockerfile right off the bat:
>
> COPY guacamole-auth-cas-$GUACAMOLE_VERSION-incubating.jar /etc/guacamole/
>
> That should be:
>
> COPY guacamole-auth-cas-$GUACAMOLE_VERSION-incubating.jar
> /etc/guacamole/extensions/
>
> Please make that change and rerun and see what happens. It's a little
> strange that it's working at all, but I haven't looked much at how the
> extensions are loaded from the directory, so maybe they work anywhere
> inside the /etc/guacamole directory?? Mike, any ideas there?
> -Nick
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Kaushik Srinivasan <ka...@umail.iu.edu>.
Yeah, I thought so. Thanks for the suggestion.
Regards
Kaushik Srinivasan
On 27 Jul 2017 9:28 p.m., "Nick Couchman" <ni...@yahoo.com.invalid>
wrote:
> Yes, I am aware of the logout issue. It's actually not necessarily
> specific to Guacamole - many applications that add SSO authentication in
> have trouble with the other SSO - Single Sign Out. Kind of on my list of
> things to look at - see if there's some way to override the logout
> button/location from the CAS module such that the logout could be
> redirected to the CAS logout URL.
> In the meantime, you should be able to go to the CAS logout URL (
> https://server/cas/logout) and then when you go back to the Guacamole
> page it should detect that your ticket is no longer valid and push you back
> to the CAS page.
> -Nick
>
> On Thursday, July 27, 2017, 8:36:47 PM EDT, Kaushik Srinivasan <
> kausrini@umail.iu.edu> wrote:
>
> Hi Nick,
>
> I noticed another issue which I think is important that you know.
>
> After authenticating with CAS module, I'm redirected to my connection. The
> connection is RDP to an windoes XP machine. When I cancel the connection on
> the Windows login page, Guacamole prompts with Disconnected page.
>
> When you click on logout on this Disconnected prompt *you are not logged
> out.*
>
> When you click logout, you are redirected to guacamole authentication page,
> but the CAS cookie is still present and you are immediately logged back in
> and immediately connected to the only connection I have configured.
>
> When logout is clicked, is there a way to detect the Guacamole cookie and
> remove it from the browser?
>
> Regards
> Kaushik Srinivasan
>
> On Tue, Jul 25, 2017 at 10:22 PM, Nick Couchman <
> nick.couchman@yahoo.com.invalid> wrote:
>
> > Glad I was able to help.
> > I'm not sure there's currently anywhere to put your Dockerfile within the
> > Guacamole project, but I'd suggest creating a Github repo with your work
> > and checking it in there - that way others can use/fork/contribute to it.
> > I'm sure there are others who could benefit from something that would
> work
> > on the ARM architecture.
> > -Nick
> >
> > On Tuesday, July 25, 2017, 9:54:42 PM EDT, Kaushik Srinivasan <
> > kausrini@umail.iu.edu> wrote:
> >
> > Hi Nick
> >
> > You are a lifesaver.
> >
> > It worked once i changed the CAS login url like you suggested. Removal of
> > /login solves this problem.
> >
> > I would now be able to proceed with my university project. Thanks a lot
> > again for everyone.
> >
> > Is there any other information that is required of me?
> >
> > Also Should I somehow contribute my dockerfile as it works on raspberry
> pi
> > (arm architecture) while the docker file officially provided has issues
> in
> > that architecture.
> >
> > Regards
> > Kaushik Srinivasan
> >
> > On Mon, Jul 24, 2017 at 10:09 PM, Kaushik Srinivasan <
> > kausrini@umail.iu.edu>
> > wrote:
> >
> > > Ah, I see. I will test it in a day or two and get back to you.
> > >
> > > Sorry for the delay.
> > >
> > > Regards
> > > Kaushik Srinivasan
> > >
> > > On 24 Jul 2017 9:23 p.m., "Nick Couchman" <nick.couchman@yahoo.com.
> > invalid>
> > > wrote:
> > >
> > >> JIRA issue GUACAMOLE-355 has been created to track this:
> > >> https://issues.apache.org/jira/browse/GUACAMOLE-355
> > >> -Nick
> > >>
> > >> On Monday, July 24, 2017, 8:44:48 PM EDT, Nick Couchman <
> > >> nick.couchman@yahoo.com.INVALID> wrote:
> > >>
> > >>
> > >> I'm fairly certain this is the issue - I was able to set up Guacamole
> +
> > >> CAS with my system with the /login on the end and get the 500 error
> that
> > >> you're seeing. The CAS extension expects that parameter to be the
> base
> > of
> > >> the CAS install, not the login URL, since it not only uses the login
> > >> redirect but also does ticket validation against the CAS service.
> > >> I think this still warrants a JIRA issue opened - there are two
> > >> possibilities that I see that could help others avoid this:- Make sure
> > >> documentation is specific enough to tell users where to point it.- Try
> > to
> > >> do some error handling in the CAS module to throw meaningful errors
> > when it
> > >> cannot find the CAS service.
> > >> -Nick
> > >>
> > >> On Monday, July 24, 2017, 8:38:04 PM EDT, Nick Couchman <
> > >> nick.couchman@yahoo.com.INVALID> wrote:
> > >>
> > >>
> > >> Hey, Kaushik,
> > >> I'm still working on getting the RPi environment set up here and
> getting
> > >> Guacamole running in it. I do have one more suggestion for you to try
> > >> while I work on that - I see in your guacamole.properties file you
> have
> > >> your cas-authorization-endpoint set to
> > >> https://cas.iu.edu/cas/login
> > >> Can you take off the /login at the end, so that it is just:
> > >> https://cas.iu.edu/cas
> > >> and see if that works?
> > >> Thanks,Nick
> > >>
> > >> On Wednesday, July 19, 2017, 1:37:17 PM EDT, Kaushik Srinivasan <
> > >> kausrini@umail.iu.edu> wrote:
> > >>
> > >>
> > >> guacamole.properties file
> > >>
> > >> #Hostname and Port of guacamole proxy
> > >> guacd-hostname: localhost
> > >> guacd-port: 4822
> > >>
> > >> #NoAuth Properties
> > >> #noauth-config: /etc/guacamole/noauth-config.xml
> > >>
> > >> #user-mapping: /etc/guacamole/user-mapping.xml
> > >>
> > >> # Username and password
> > >> tutorial-user: tutorial
> > >> tutorial-password: password
> > >>
> > >> # Connection information
> > >> tutorial-protocol: rdp
> > >> tutorial-parameters: hostname=192.168.0.7, port=3389
> > >>
> > >>
> > >> cas-authorization-endpoint: https://cas.iu.edu/cas/login
> > >> cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
> > >>
> > >> #Authentication Provider Class
> > >> #auth-provider:
> > >> net.sourceforge.guacamole.net.basic.BasicFileAuthenticationPr$
> > >>
> > >> #Properties used by BasicFileAuthenticationProvider
> > >> #basic-user-mapping: /etc/guacamole/user-mapping.xml
> > >>
> > >>
> > >>
> > >> On Wed, Jul 19, 2017 at 12:56 PM, Mike Jumper <
> mike.jumper@guac-dev.org
> > >
> > >> wrote:
> > >>
> > >> > On Wed, Jul 19, 2017 at 9:38 AM, Kaushik Srinivasan
> > >> > <ka...@umail.iu.edu> wrote:
> > >> > > I have attached the guacamole.properties file.
> > >> > >
> > >> >
> > >> > Unfortunately, there is no attachment. Assuming it was indeed
> > >> > attached, the mailing list may have removed it prior to sending the
> > >> > message out to subscribers.
> > >> >
> > >> > Perhaps you can paste the contents into a message instead (or post
> the
> > >> > file elsewhere and link to that)?
> > >> >
> > >
> > >
> >
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Nick Couchman <ni...@yahoo.com.INVALID>.
Yes, I am aware of the logout issue. It's actually not necessarily specific to Guacamole - many applications that add SSO authentication in have trouble with the other SSO - Single Sign Out. Kind of on my list of things to look at - see if there's some way to override the logout button/location from the CAS module such that the logout could be redirected to the CAS logout URL.
In the meantime, you should be able to go to the CAS logout URL (https://server/cas/logout) and then when you go back to the Guacamole page it should detect that your ticket is no longer valid and push you back to the CAS page.
-Nick
On Thursday, July 27, 2017, 8:36:47 PM EDT, Kaushik Srinivasan <ka...@umail.iu.edu> wrote:
Hi Nick,
I noticed another issue which I think is important that you know.
After authenticating with CAS module, I'm redirected to my connection. The
connection is RDP to an windoes XP machine. When I cancel the connection on
the Windows login page, Guacamole prompts with Disconnected page.
When you click on logout on this Disconnected prompt *you are not logged
out.*
When you click logout, you are redirected to guacamole authentication page,
but the CAS cookie is still present and you are immediately logged back in
and immediately connected to the only connection I have configured.
When logout is clicked, is there a way to detect the Guacamole cookie and
remove it from the browser?
Regards
Kaushik Srinivasan
On Tue, Jul 25, 2017 at 10:22 PM, Nick Couchman <
nick.couchman@yahoo.com.invalid> wrote:
> Glad I was able to help.
> I'm not sure there's currently anywhere to put your Dockerfile within the
> Guacamole project, but I'd suggest creating a Github repo with your work
> and checking it in there - that way others can use/fork/contribute to it.
> I'm sure there are others who could benefit from something that would work
> on the ARM architecture.
> -Nick
>
> On Tuesday, July 25, 2017, 9:54:42 PM EDT, Kaushik Srinivasan <
> kausrini@umail.iu.edu> wrote:
>
> Hi Nick
>
> You are a lifesaver.
>
> It worked once i changed the CAS login url like you suggested. Removal of
> /login solves this problem.
>
> I would now be able to proceed with my university project. Thanks a lot
> again for everyone.
>
> Is there any other information that is required of me?
>
> Also Should I somehow contribute my dockerfile as it works on raspberry pi
> (arm architecture) while the docker file officially provided has issues in
> that architecture.
>
> Regards
> Kaushik Srinivasan
>
> On Mon, Jul 24, 2017 at 10:09 PM, Kaushik Srinivasan <
> kausrini@umail.iu.edu>
> wrote:
>
> > Ah, I see. I will test it in a day or two and get back to you.
> >
> > Sorry for the delay.
> >
> > Regards
> > Kaushik Srinivasan
> >
> > On 24 Jul 2017 9:23 p.m., "Nick Couchman" <nick.couchman@yahoo.com.
> invalid>
> > wrote:
> >
> >> JIRA issue GUACAMOLE-355 has been created to track this:
> >> https://issues.apache.org/jira/browse/GUACAMOLE-355
> >> -Nick
> >>
> >> On Monday, July 24, 2017, 8:44:48 PM EDT, Nick Couchman <
> >> nick.couchman@yahoo.com.INVALID> wrote:
> >>
> >>
> >> I'm fairly certain this is the issue - I was able to set up Guacamole +
> >> CAS with my system with the /login on the end and get the 500 error that
> >> you're seeing. The CAS extension expects that parameter to be the base
> of
> >> the CAS install, not the login URL, since it not only uses the login
> >> redirect but also does ticket validation against the CAS service.
> >> I think this still warrants a JIRA issue opened - there are two
> >> possibilities that I see that could help others avoid this:- Make sure
> >> documentation is specific enough to tell users where to point it.- Try
> to
> >> do some error handling in the CAS module to throw meaningful errors
> when it
> >> cannot find the CAS service.
> >> -Nick
> >>
> >> On Monday, July 24, 2017, 8:38:04 PM EDT, Nick Couchman <
> >> nick.couchman@yahoo.com.INVALID> wrote:
> >>
> >>
> >> Hey, Kaushik,
> >> I'm still working on getting the RPi environment set up here and getting
> >> Guacamole running in it. I do have one more suggestion for you to try
> >> while I work on that - I see in your guacamole.properties file you have
> >> your cas-authorization-endpoint set to
> >> https://cas.iu.edu/cas/login
> >> Can you take off the /login at the end, so that it is just:
> >> https://cas.iu.edu/cas
> >> and see if that works?
> >> Thanks,Nick
> >>
> >> On Wednesday, July 19, 2017, 1:37:17 PM EDT, Kaushik Srinivasan <
> >> kausrini@umail.iu.edu> wrote:
> >>
> >>
> >> guacamole.properties file
> >>
> >> #Hostname and Port of guacamole proxy
> >> guacd-hostname: localhost
> >> guacd-port: 4822
> >>
> >> #NoAuth Properties
> >> #noauth-config: /etc/guacamole/noauth-config.xml
> >>
> >> #user-mapping: /etc/guacamole/user-mapping.xml
> >>
> >> # Username and password
> >> tutorial-user: tutorial
> >> tutorial-password: password
> >>
> >> # Connection information
> >> tutorial-protocol: rdp
> >> tutorial-parameters: hostname=192.168.0.7, port=3389
> >>
> >>
> >> cas-authorization-endpoint: https://cas.iu.edu/cas/login
> >> cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
> >>
> >> #Authentication Provider Class
> >> #auth-provider:
> >> net.sourceforge.guacamole.net.basic.BasicFileAuthenticationPr$
> >>
> >> #Properties used by BasicFileAuthenticationProvider
> >> #basic-user-mapping: /etc/guacamole/user-mapping.xml
> >>
> >>
> >>
> >> On Wed, Jul 19, 2017 at 12:56 PM, Mike Jumper <mike.jumper@guac-dev.org
> >
> >> wrote:
> >>
> >> > On Wed, Jul 19, 2017 at 9:38 AM, Kaushik Srinivasan
> >> > <ka...@umail.iu.edu> wrote:
> >> > > I have attached the guacamole.properties file.
> >> > >
> >> >
> >> > Unfortunately, there is no attachment. Assuming it was indeed
> >> > attached, the mailing list may have removed it prior to sending the
> >> > message out to subscribers.
> >> >
> >> > Perhaps you can paste the contents into a message instead (or post the
> >> > file elsewhere and link to that)?
> >> >
> >
> >
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Kaushik Srinivasan <ka...@umail.iu.edu>.
Hi Nick,
I noticed another issue which I think is important that you know.
After authenticating with CAS module, I'm redirected to my connection. The
connection is RDP to an windoes XP machine. When I cancel the connection on
the Windows login page, Guacamole prompts with Disconnected page.
When you click on logout on this Disconnected prompt *you are not logged
out.*
When you click logout, you are redirected to guacamole authentication page,
but the CAS cookie is still present and you are immediately logged back in
and immediately connected to the only connection I have configured.
When logout is clicked, is there a way to detect the Guacamole cookie and
remove it from the browser?
Regards
Kaushik Srinivasan
On Tue, Jul 25, 2017 at 10:22 PM, Nick Couchman <
nick.couchman@yahoo.com.invalid> wrote:
> Glad I was able to help.
> I'm not sure there's currently anywhere to put your Dockerfile within the
> Guacamole project, but I'd suggest creating a Github repo with your work
> and checking it in there - that way others can use/fork/contribute to it.
> I'm sure there are others who could benefit from something that would work
> on the ARM architecture.
> -Nick
>
> On Tuesday, July 25, 2017, 9:54:42 PM EDT, Kaushik Srinivasan <
> kausrini@umail.iu.edu> wrote:
>
> Hi Nick
>
> You are a lifesaver.
>
> It worked once i changed the CAS login url like you suggested. Removal of
> /login solves this problem.
>
> I would now be able to proceed with my university project. Thanks a lot
> again for everyone.
>
> Is there any other information that is required of me?
>
> Also Should I somehow contribute my dockerfile as it works on raspberry pi
> (arm architecture) while the docker file officially provided has issues in
> that architecture.
>
> Regards
> Kaushik Srinivasan
>
> On Mon, Jul 24, 2017 at 10:09 PM, Kaushik Srinivasan <
> kausrini@umail.iu.edu>
> wrote:
>
> > Ah, I see. I will test it in a day or two and get back to you.
> >
> > Sorry for the delay.
> >
> > Regards
> > Kaushik Srinivasan
> >
> > On 24 Jul 2017 9:23 p.m., "Nick Couchman" <nick.couchman@yahoo.com.
> invalid>
> > wrote:
> >
> >> JIRA issue GUACAMOLE-355 has been created to track this:
> >> https://issues.apache.org/jira/browse/GUACAMOLE-355
> >> -Nick
> >>
> >> On Monday, July 24, 2017, 8:44:48 PM EDT, Nick Couchman <
> >> nick.couchman@yahoo.com.INVALID> wrote:
> >>
> >>
> >> I'm fairly certain this is the issue - I was able to set up Guacamole +
> >> CAS with my system with the /login on the end and get the 500 error that
> >> you're seeing. The CAS extension expects that parameter to be the base
> of
> >> the CAS install, not the login URL, since it not only uses the login
> >> redirect but also does ticket validation against the CAS service.
> >> I think this still warrants a JIRA issue opened - there are two
> >> possibilities that I see that could help others avoid this:- Make sure
> >> documentation is specific enough to tell users where to point it.- Try
> to
> >> do some error handling in the CAS module to throw meaningful errors
> when it
> >> cannot find the CAS service.
> >> -Nick
> >>
> >> On Monday, July 24, 2017, 8:38:04 PM EDT, Nick Couchman <
> >> nick.couchman@yahoo.com.INVALID> wrote:
> >>
> >>
> >> Hey, Kaushik,
> >> I'm still working on getting the RPi environment set up here and getting
> >> Guacamole running in it. I do have one more suggestion for you to try
> >> while I work on that - I see in your guacamole.properties file you have
> >> your cas-authorization-endpoint set to
> >> https://cas.iu.edu/cas/login
> >> Can you take off the /login at the end, so that it is just:
> >> https://cas.iu.edu/cas
> >> and see if that works?
> >> Thanks,Nick
> >>
> >> On Wednesday, July 19, 2017, 1:37:17 PM EDT, Kaushik Srinivasan <
> >> kausrini@umail.iu.edu> wrote:
> >>
> >>
> >> guacamole.properties file
> >>
> >> #Hostname and Port of guacamole proxy
> >> guacd-hostname: localhost
> >> guacd-port: 4822
> >>
> >> #NoAuth Properties
> >> #noauth-config: /etc/guacamole/noauth-config.xml
> >>
> >> #user-mapping: /etc/guacamole/user-mapping.xml
> >>
> >> # Username and password
> >> tutorial-user: tutorial
> >> tutorial-password: password
> >>
> >> # Connection information
> >> tutorial-protocol: rdp
> >> tutorial-parameters: hostname=192.168.0.7, port=3389
> >>
> >>
> >> cas-authorization-endpoint: https://cas.iu.edu/cas/login
> >> cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
> >>
> >> #Authentication Provider Class
> >> #auth-provider:
> >> net.sourceforge.guacamole.net.basic.BasicFileAuthenticationPr$
> >>
> >> #Properties used by BasicFileAuthenticationProvider
> >> #basic-user-mapping: /etc/guacamole/user-mapping.xml
> >>
> >>
> >>
> >> On Wed, Jul 19, 2017 at 12:56 PM, Mike Jumper <mike.jumper@guac-dev.org
> >
> >> wrote:
> >>
> >> > On Wed, Jul 19, 2017 at 9:38 AM, Kaushik Srinivasan
> >> > <ka...@umail.iu.edu> wrote:
> >> > > I have attached the guacamole.properties file.
> >> > >
> >> >
> >> > Unfortunately, there is no attachment. Assuming it was indeed
> >> > attached, the mailing list may have removed it prior to sending the
> >> > message out to subscribers.
> >> >
> >> > Perhaps you can paste the contents into a message instead (or post the
> >> > file elsewhere and link to that)?
> >> >
> >
> >
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Nick Couchman <ni...@yahoo.com.INVALID>.
Glad I was able to help.
I'm not sure there's currently anywhere to put your Dockerfile within the Guacamole project, but I'd suggest creating a Github repo with your work and checking it in there - that way others can use/fork/contribute to it. I'm sure there are others who could benefit from something that would work on the ARM architecture.
-Nick
On Tuesday, July 25, 2017, 9:54:42 PM EDT, Kaushik Srinivasan <ka...@umail.iu.edu> wrote:
Hi Nick
You are a lifesaver.
It worked once i changed the CAS login url like you suggested. Removal of
/login solves this problem.
I would now be able to proceed with my university project. Thanks a lot
again for everyone.
Is there any other information that is required of me?
Also Should I somehow contribute my dockerfile as it works on raspberry pi
(arm architecture) while the docker file officially provided has issues in
that architecture.
Regards
Kaushik Srinivasan
On Mon, Jul 24, 2017 at 10:09 PM, Kaushik Srinivasan <ka...@umail.iu.edu>
wrote:
> Ah, I see. I will test it in a day or two and get back to you.
>
> Sorry for the delay.
>
> Regards
> Kaushik Srinivasan
>
> On 24 Jul 2017 9:23 p.m., "Nick Couchman" <ni...@yahoo.com.invalid>
> wrote:
>
>> JIRA issue GUACAMOLE-355 has been created to track this:
>> https://issues.apache.org/jira/browse/GUACAMOLE-355
>> -Nick
>>
>> On Monday, July 24, 2017, 8:44:48 PM EDT, Nick Couchman <
>> nick.couchman@yahoo.com.INVALID> wrote:
>>
>>
>> I'm fairly certain this is the issue - I was able to set up Guacamole +
>> CAS with my system with the /login on the end and get the 500 error that
>> you're seeing. The CAS extension expects that parameter to be the base of
>> the CAS install, not the login URL, since it not only uses the login
>> redirect but also does ticket validation against the CAS service.
>> I think this still warrants a JIRA issue opened - there are two
>> possibilities that I see that could help others avoid this:- Make sure
>> documentation is specific enough to tell users where to point it.- Try to
>> do some error handling in the CAS module to throw meaningful errors when it
>> cannot find the CAS service.
>> -Nick
>>
>> On Monday, July 24, 2017, 8:38:04 PM EDT, Nick Couchman <
>> nick.couchman@yahoo.com.INVALID> wrote:
>>
>>
>> Hey, Kaushik,
>> I'm still working on getting the RPi environment set up here and getting
>> Guacamole running in it. I do have one more suggestion for you to try
>> while I work on that - I see in your guacamole.properties file you have
>> your cas-authorization-endpoint set to
>> https://cas.iu.edu/cas/login
>> Can you take off the /login at the end, so that it is just:
>> https://cas.iu.edu/cas
>> and see if that works?
>> Thanks,Nick
>>
>> On Wednesday, July 19, 2017, 1:37:17 PM EDT, Kaushik Srinivasan <
>> kausrini@umail.iu.edu> wrote:
>>
>>
>> guacamole.properties file
>>
>> #Hostname and Port of guacamole proxy
>> guacd-hostname: localhost
>> guacd-port: 4822
>>
>> #NoAuth Properties
>> #noauth-config: /etc/guacamole/noauth-config.xml
>>
>> #user-mapping: /etc/guacamole/user-mapping.xml
>>
>> # Username and password
>> tutorial-user: tutorial
>> tutorial-password: password
>>
>> # Connection information
>> tutorial-protocol: rdp
>> tutorial-parameters: hostname=192.168.0.7, port=3389
>>
>>
>> cas-authorization-endpoint: https://cas.iu.edu/cas/login
>> cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
>>
>> #Authentication Provider Class
>> #auth-provider:
>> net.sourceforge.guacamole.net.basic.BasicFileAuthenticationPr$
>>
>> #Properties used by BasicFileAuthenticationProvider
>> #basic-user-mapping: /etc/guacamole/user-mapping.xml
>>
>>
>>
>> On Wed, Jul 19, 2017 at 12:56 PM, Mike Jumper <mi...@guac-dev.org>
>> wrote:
>>
>> > On Wed, Jul 19, 2017 at 9:38 AM, Kaushik Srinivasan
>> > <ka...@umail.iu.edu> wrote:
>> > > I have attached the guacamole.properties file.
>> > >
>> >
>> > Unfortunately, there is no attachment. Assuming it was indeed
>> > attached, the mailing list may have removed it prior to sending the
>> > message out to subscribers.
>> >
>> > Perhaps you can paste the contents into a message instead (or post the
>> > file elsewhere and link to that)?
>> >
>
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Kaushik Srinivasan <ka...@umail.iu.edu>.
Hi Nick
You are a lifesaver.
It worked once i changed the CAS login url like you suggested. Removal of
/login solves this problem.
I would now be able to proceed with my university project. Thanks a lot
again for everyone.
Is there any other information that is required of me?
Also Should I somehow contribute my dockerfile as it works on raspberry pi
(arm architecture) while the docker file officially provided has issues in
that architecture.
Regards
Kaushik Srinivasan
On Mon, Jul 24, 2017 at 10:09 PM, Kaushik Srinivasan <ka...@umail.iu.edu>
wrote:
> Ah, I see. I will test it in a day or two and get back to you.
>
> Sorry for the delay.
>
> Regards
> Kaushik Srinivasan
>
> On 24 Jul 2017 9:23 p.m., "Nick Couchman" <ni...@yahoo.com.invalid>
> wrote:
>
>> JIRA issue GUACAMOLE-355 has been created to track this:
>> https://issues.apache.org/jira/browse/GUACAMOLE-355
>> -Nick
>>
>> On Monday, July 24, 2017, 8:44:48 PM EDT, Nick Couchman <
>> nick.couchman@yahoo.com.INVALID> wrote:
>>
>>
>> I'm fairly certain this is the issue - I was able to set up Guacamole +
>> CAS with my system with the /login on the end and get the 500 error that
>> you're seeing. The CAS extension expects that parameter to be the base of
>> the CAS install, not the login URL, since it not only uses the login
>> redirect but also does ticket validation against the CAS service.
>> I think this still warrants a JIRA issue opened - there are two
>> possibilities that I see that could help others avoid this:- Make sure
>> documentation is specific enough to tell users where to point it.- Try to
>> do some error handling in the CAS module to throw meaningful errors when it
>> cannot find the CAS service.
>> -Nick
>>
>> On Monday, July 24, 2017, 8:38:04 PM EDT, Nick Couchman <
>> nick.couchman@yahoo.com.INVALID> wrote:
>>
>>
>> Hey, Kaushik,
>> I'm still working on getting the RPi environment set up here and getting
>> Guacamole running in it. I do have one more suggestion for you to try
>> while I work on that - I see in your guacamole.properties file you have
>> your cas-authorization-endpoint set to
>> https://cas.iu.edu/cas/login
>> Can you take off the /login at the end, so that it is just:
>> https://cas.iu.edu/cas
>> and see if that works?
>> Thanks,Nick
>>
>> On Wednesday, July 19, 2017, 1:37:17 PM EDT, Kaushik Srinivasan <
>> kausrini@umail.iu.edu> wrote:
>>
>>
>> guacamole.properties file
>>
>> #Hostname and Port of guacamole proxy
>> guacd-hostname: localhost
>> guacd-port: 4822
>>
>> #NoAuth Properties
>> #noauth-config: /etc/guacamole/noauth-config.xml
>>
>> #user-mapping: /etc/guacamole/user-mapping.xml
>>
>> # Username and password
>> tutorial-user: tutorial
>> tutorial-password: password
>>
>> # Connection information
>> tutorial-protocol: rdp
>> tutorial-parameters: hostname=192.168.0.7, port=3389
>>
>>
>> cas-authorization-endpoint: https://cas.iu.edu/cas/login
>> cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
>>
>> #Authentication Provider Class
>> #auth-provider:
>> net.sourceforge.guacamole.net.basic.BasicFileAuthenticationPr$
>>
>> #Properties used by BasicFileAuthenticationProvider
>> #basic-user-mapping: /etc/guacamole/user-mapping.xml
>>
>>
>>
>> On Wed, Jul 19, 2017 at 12:56 PM, Mike Jumper <mi...@guac-dev.org>
>> wrote:
>>
>> > On Wed, Jul 19, 2017 at 9:38 AM, Kaushik Srinivasan
>> > <ka...@umail.iu.edu> wrote:
>> > > I have attached the guacamole.properties file.
>> > >
>> >
>> > Unfortunately, there is no attachment. Assuming it was indeed
>> > attached, the mailing list may have removed it prior to sending the
>> > message out to subscribers.
>> >
>> > Perhaps you can paste the contents into a message instead (or post the
>> > file elsewhere and link to that)?
>> >
>
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Kaushik Srinivasan <ka...@umail.iu.edu>.
Ah, I see. I will test it in a day or two and get back to you.
Sorry for the delay.
Regards
Kaushik Srinivasan
On 24 Jul 2017 9:23 p.m., "Nick Couchman" <ni...@yahoo.com.invalid>
wrote:
> JIRA issue GUACAMOLE-355 has been created to track this:
> https://issues.apache.org/jira/browse/GUACAMOLE-355
> -Nick
>
> On Monday, July 24, 2017, 8:44:48 PM EDT, Nick Couchman <
> nick.couchman@yahoo.com.INVALID> wrote:
>
>
> I'm fairly certain this is the issue - I was able to set up Guacamole +
> CAS with my system with the /login on the end and get the 500 error that
> you're seeing. The CAS extension expects that parameter to be the base of
> the CAS install, not the login URL, since it not only uses the login
> redirect but also does ticket validation against the CAS service.
> I think this still warrants a JIRA issue opened - there are two
> possibilities that I see that could help others avoid this:- Make sure
> documentation is specific enough to tell users where to point it.- Try to
> do some error handling in the CAS module to throw meaningful errors when it
> cannot find the CAS service.
> -Nick
>
> On Monday, July 24, 2017, 8:38:04 PM EDT, Nick Couchman <
> nick.couchman@yahoo.com.INVALID> wrote:
>
>
> Hey, Kaushik,
> I'm still working on getting the RPi environment set up here and getting
> Guacamole running in it. I do have one more suggestion for you to try
> while I work on that - I see in your guacamole.properties file you have
> your cas-authorization-endpoint set to
> https://cas.iu.edu/cas/login
> Can you take off the /login at the end, so that it is just:
> https://cas.iu.edu/cas
> and see if that works?
> Thanks,Nick
>
> On Wednesday, July 19, 2017, 1:37:17 PM EDT, Kaushik Srinivasan <
> kausrini@umail.iu.edu> wrote:
>
>
> guacamole.properties file
>
> #Hostname and Port of guacamole proxy
> guacd-hostname: localhost
> guacd-port: 4822
>
> #NoAuth Properties
> #noauth-config: /etc/guacamole/noauth-config.xml
>
> #user-mapping: /etc/guacamole/user-mapping.xml
>
> # Username and password
> tutorial-user: tutorial
> tutorial-password: password
>
> # Connection information
> tutorial-protocol: rdp
> tutorial-parameters: hostname=192.168.0.7, port=3389
>
>
> cas-authorization-endpoint: https://cas.iu.edu/cas/login
> cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
>
> #Authentication Provider Class
> #auth-provider:
> net.sourceforge.guacamole.net.basic.BasicFileAuthenticationPr$
>
> #Properties used by BasicFileAuthenticationProvider
> #basic-user-mapping: /etc/guacamole/user-mapping.xml
>
>
>
> On Wed, Jul 19, 2017 at 12:56 PM, Mike Jumper <mi...@guac-dev.org>
> wrote:
>
> > On Wed, Jul 19, 2017 at 9:38 AM, Kaushik Srinivasan
> > <ka...@umail.iu.edu> wrote:
> > > I have attached the guacamole.properties file.
> > >
> >
> > Unfortunately, there is no attachment. Assuming it was indeed
> > attached, the mailing list may have removed it prior to sending the
> > message out to subscribers.
> >
> > Perhaps you can paste the contents into a message instead (or post the
> > file elsewhere and link to that)?
> >
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Nick Couchman <ni...@yahoo.com.INVALID>.
JIRA issue GUACAMOLE-355 has been created to track this:
https://issues.apache.org/jira/browse/GUACAMOLE-355
-Nick
On Monday, July 24, 2017, 8:44:48 PM EDT, Nick Couchman <ni...@yahoo.com.INVALID> wrote:
I'm fairly certain this is the issue - I was able to set up Guacamole + CAS with my system with the /login on the end and get the 500 error that you're seeing. The CAS extension expects that parameter to be the base of the CAS install, not the login URL, since it not only uses the login redirect but also does ticket validation against the CAS service.
I think this still warrants a JIRA issue opened - there are two possibilities that I see that could help others avoid this:- Make sure documentation is specific enough to tell users where to point it.- Try to do some error handling in the CAS module to throw meaningful errors when it cannot find the CAS service.
-Nick
On Monday, July 24, 2017, 8:38:04 PM EDT, Nick Couchman <ni...@yahoo.com.INVALID> wrote:
Hey, Kaushik,
I'm still working on getting the RPi environment set up here and getting Guacamole running in it. I do have one more suggestion for you to try while I work on that - I see in your guacamole.properties file you have your cas-authorization-endpoint set to
https://cas.iu.edu/cas/login
Can you take off the /login at the end, so that it is just:
https://cas.iu.edu/cas
and see if that works?
Thanks,Nick
On Wednesday, July 19, 2017, 1:37:17 PM EDT, Kaushik Srinivasan <ka...@umail.iu.edu> wrote:
guacamole.properties file
#Hostname and Port of guacamole proxy
guacd-hostname: localhost
guacd-port: 4822
#NoAuth Properties
#noauth-config: /etc/guacamole/noauth-config.xml
#user-mapping: /etc/guacamole/user-mapping.xml
# Username and password
tutorial-user: tutorial
tutorial-password: password
# Connection information
tutorial-protocol: rdp
tutorial-parameters: hostname=192.168.0.7, port=3389
cas-authorization-endpoint: https://cas.iu.edu/cas/login
cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
#Authentication Provider Class
#auth-provider:
net.sourceforge.guacamole.net.basic.BasicFileAuthenticationPr$
#Properties used by BasicFileAuthenticationProvider
#basic-user-mapping: /etc/guacamole/user-mapping.xml
On Wed, Jul 19, 2017 at 12:56 PM, Mike Jumper <mi...@guac-dev.org>
wrote:
> On Wed, Jul 19, 2017 at 9:38 AM, Kaushik Srinivasan
> <ka...@umail.iu.edu> wrote:
> > I have attached the guacamole.properties file.
> >
>
> Unfortunately, there is no attachment. Assuming it was indeed
> attached, the mailing list may have removed it prior to sending the
> message out to subscribers.
>
> Perhaps you can paste the contents into a message instead (or post the
> file elsewhere and link to that)?
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Nick Couchman <ni...@yahoo.com.INVALID>.
I'm fairly certain this is the issue - I was able to set up Guacamole + CAS with my system with the /login on the end and get the 500 error that you're seeing. The CAS extension expects that parameter to be the base of the CAS install, not the login URL, since it not only uses the login redirect but also does ticket validation against the CAS service.
I think this still warrants a JIRA issue opened - there are two possibilities that I see that could help others avoid this:- Make sure documentation is specific enough to tell users where to point it.- Try to do some error handling in the CAS module to throw meaningful errors when it cannot find the CAS service.
-Nick
On Monday, July 24, 2017, 8:38:04 PM EDT, Nick Couchman <ni...@yahoo.com.INVALID> wrote:
Hey, Kaushik,
I'm still working on getting the RPi environment set up here and getting Guacamole running in it. I do have one more suggestion for you to try while I work on that - I see in your guacamole.properties file you have your cas-authorization-endpoint set to
https://cas.iu.edu/cas/login
Can you take off the /login at the end, so that it is just:
https://cas.iu.edu/cas
and see if that works?
Thanks,Nick
On Wednesday, July 19, 2017, 1:37:17 PM EDT, Kaushik Srinivasan <ka...@umail.iu.edu> wrote:
guacamole.properties file
#Hostname and Port of guacamole proxy
guacd-hostname: localhost
guacd-port: 4822
#NoAuth Properties
#noauth-config: /etc/guacamole/noauth-config.xml
#user-mapping: /etc/guacamole/user-mapping.xml
# Username and password
tutorial-user: tutorial
tutorial-password: password
# Connection information
tutorial-protocol: rdp
tutorial-parameters: hostname=192.168.0.7, port=3389
cas-authorization-endpoint: https://cas.iu.edu/cas/login
cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
#Authentication Provider Class
#auth-provider:
net.sourceforge.guacamole.net.basic.BasicFileAuthenticationPr$
#Properties used by BasicFileAuthenticationProvider
#basic-user-mapping: /etc/guacamole/user-mapping.xml
On Wed, Jul 19, 2017 at 12:56 PM, Mike Jumper <mi...@guac-dev.org>
wrote:
> On Wed, Jul 19, 2017 at 9:38 AM, Kaushik Srinivasan
> <ka...@umail.iu.edu> wrote:
> > I have attached the guacamole.properties file.
> >
>
> Unfortunately, there is no attachment. Assuming it was indeed
> attached, the mailing list may have removed it prior to sending the
> message out to subscribers.
>
> Perhaps you can paste the contents into a message instead (or post the
> file elsewhere and link to that)?
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Nick Couchman <ni...@yahoo.com.INVALID>.
Hey, Kaushik,
I'm still working on getting the RPi environment set up here and getting Guacamole running in it. I do have one more suggestion for you to try while I work on that - I see in your guacamole.properties file you have your cas-authorization-endpoint set to
https://cas.iu.edu/cas/login
Can you take off the /login at the end, so that it is just:
https://cas.iu.edu/cas
and see if that works?
Thanks,Nick
On Wednesday, July 19, 2017, 1:37:17 PM EDT, Kaushik Srinivasan <ka...@umail.iu.edu> wrote:
guacamole.properties file
#Hostname and Port of guacamole proxy
guacd-hostname: localhost
guacd-port: 4822
#NoAuth Properties
#noauth-config: /etc/guacamole/noauth-config.xml
#user-mapping: /etc/guacamole/user-mapping.xml
# Username and password
tutorial-user: tutorial
tutorial-password: password
# Connection information
tutorial-protocol: rdp
tutorial-parameters: hostname=192.168.0.7, port=3389
cas-authorization-endpoint: https://cas.iu.edu/cas/login
cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
#Authentication Provider Class
#auth-provider:
net.sourceforge.guacamole.net.basic.BasicFileAuthenticationPr$
#Properties used by BasicFileAuthenticationProvider
#basic-user-mapping: /etc/guacamole/user-mapping.xml
On Wed, Jul 19, 2017 at 12:56 PM, Mike Jumper <mi...@guac-dev.org>
wrote:
> On Wed, Jul 19, 2017 at 9:38 AM, Kaushik Srinivasan
> <ka...@umail.iu.edu> wrote:
> > I have attached the guacamole.properties file.
> >
>
> Unfortunately, there is no attachment. Assuming it was indeed
> attached, the mailing list may have removed it prior to sending the
> message out to subscribers.
>
> Perhaps you can paste the contents into a message instead (or post the
> file elsewhere and link to that)?
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Kaushik Srinivasan <ka...@umail.iu.edu>.
guacamole.properties file
#Hostname and Port of guacamole proxy
guacd-hostname: localhost
guacd-port: 4822
#NoAuth Properties
#noauth-config: /etc/guacamole/noauth-config.xml
#user-mapping: /etc/guacamole/user-mapping.xml
# Username and password
tutorial-user: tutorial
tutorial-password: password
# Connection information
tutorial-protocol: rdp
tutorial-parameters: hostname=192.168.0.7, port=3389
cas-authorization-endpoint: https://cas.iu.edu/cas/login
cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
#Authentication Provider Class
#auth-provider:
net.sourceforge.guacamole.net.basic.BasicFileAuthenticationPr$
#Properties used by BasicFileAuthenticationProvider
#basic-user-mapping: /etc/guacamole/user-mapping.xml
On Wed, Jul 19, 2017 at 12:56 PM, Mike Jumper <mi...@guac-dev.org>
wrote:
> On Wed, Jul 19, 2017 at 9:38 AM, Kaushik Srinivasan
> <ka...@umail.iu.edu> wrote:
> > I have attached the guacamole.properties file.
> >
>
> Unfortunately, there is no attachment. Assuming it was indeed
> attached, the mailing list may have removed it prior to sending the
> message out to subscribers.
>
> Perhaps you can paste the contents into a message instead (or post the
> file elsewhere and link to that)?
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Mike Jumper <mi...@guac-dev.org>.
On Wed, Jul 19, 2017 at 9:38 AM, Kaushik Srinivasan
<ka...@umail.iu.edu> wrote:
> I have attached the guacamole.properties file.
>
Unfortunately, there is no attachment. Assuming it was indeed
attached, the mailing list may have removed it prior to sending the
message out to subscribers.
Perhaps you can paste the contents into a message instead (or post the
file elsewhere and link to that)?
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Kaushik Srinivasan <ka...@umail.iu.edu>.
I have attached the guacamole.properties file.
It has a few unnecessary configs, ignore them. I have been doing a lot of
testing.
Sorry for the delayed response and thank you.
On Tue, Jul 18, 2017 at 11:40 PM, Mike Jumper <mi...@guac-dev.org>
wrote:
> Can you provide the contents of the guacamole.properties file?
>
> - Mike
>
>
> On Tue, Jul 18, 2017 at 7:48 AM, Kaushik Srinivasan
> <ka...@umail.iu.edu> wrote:
> > I'm not copying guacamole-auth-cas into extensions folder initially
> because
> > I'm loading the jdbc driver and setting up user and stuff. After doing
> that
> > I load CAS into extensions folder manually and stop tomcat and restart
> for
> > it to take effect.
> >
> > You are right and it won't work if u place the extension outside the
> > /guacamole/extension folder. That's why I put it there.
> >
> > Thanks for checking the setup.
> >
> > Regards
> > Kaushik Srinivasan
> >
> > On 18 Jul 2017 8:42 a.m., "Nick Couchman" <nick.couchman@yahoo.com.
> invalid>
> > wrote:
> >
> >> On Monday, July 17, 2017, 11:08:06 PM EDT, Mike Jumper <
> >> mike.jumper@guac-dev.org> wrote:
> >>
> >>
> >> > On Mon, Jul 17, 2017 at 7:37 PM, Kaushik Srinivasan
> >> > <ka...@umail.iu.edu> wrote:
> >> >>
> >> >> ...
> >> >>
> >> >> Also there's a major information I might have left out. I have been
> >> setting
> >> >> all this up in Docker. Not using the docker file provided in the
> github
> >> as
> >> >> I'm building on an arm architecture. It needs slightly different
> >> settings.
> >> >>
> >>
> >> >Can you share the Dockerfile and/or the images themselves?
> >>
> >> > Is there anything else custom about your deployment? That the
> >> > extension itself was (at least previously) actually modified and not
> >> > the version included in the 0.9.13-incubating RC, and that the webapp
> >> > is actually running under a custom Docker image, are all pretty
> >> > important details.
> >>
> >> Yeah, I'd have to agree that these changes are fairly important in
> >> debugging the problems you're seeing. Based on the Dockerfile you
> >> provided, looks like you're running the raspbian Debian variant from
> >> January. I'll see what I can do to build up a matching environment and
> try
> >> to reproduce the issues you're seeing in there. Seems that something
> about
> >> this Docker environment is causing the problems you're experiencing.
> >>
> >> Also, I see one issue in the Dockerfile right off the bat:
> >>
> >> COPY guacamole-auth-cas-$GUACAMOLE_VERSION-incubating.jar
> /etc/guacamole/
> >>
> >> That should be:
> >>
> >> COPY guacamole-auth-cas-$GUACAMOLE_VERSION-incubating.jar
> >> /etc/guacamole/extensions/
> >>
> >> Please make that change and rerun and see what happens. It's a little
> >> strange that it's working at all, but I haven't looked much at how the
> >> extensions are loaded from the directory, so maybe they work anywhere
> >> inside the /etc/guacamole directory?? Mike, any ideas there?
> >> -Nick
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Mike Jumper <mi...@guac-dev.org>.
Can you provide the contents of the guacamole.properties file?
- Mike
On Tue, Jul 18, 2017 at 7:48 AM, Kaushik Srinivasan
<ka...@umail.iu.edu> wrote:
> I'm not copying guacamole-auth-cas into extensions folder initially because
> I'm loading the jdbc driver and setting up user and stuff. After doing that
> I load CAS into extensions folder manually and stop tomcat and restart for
> it to take effect.
>
> You are right and it won't work if u place the extension outside the
> /guacamole/extension folder. That's why I put it there.
>
> Thanks for checking the setup.
>
> Regards
> Kaushik Srinivasan
>
> On 18 Jul 2017 8:42 a.m., "Nick Couchman" <ni...@yahoo.com.invalid>
> wrote:
>
>> On Monday, July 17, 2017, 11:08:06 PM EDT, Mike Jumper <
>> mike.jumper@guac-dev.org> wrote:
>>
>>
>> > On Mon, Jul 17, 2017 at 7:37 PM, Kaushik Srinivasan
>> > <ka...@umail.iu.edu> wrote:
>> >>
>> >> ...
>> >>
>> >> Also there's a major information I might have left out. I have been
>> setting
>> >> all this up in Docker. Not using the docker file provided in the github
>> as
>> >> I'm building on an arm architecture. It needs slightly different
>> settings.
>> >>
>>
>> >Can you share the Dockerfile and/or the images themselves?
>>
>> > Is there anything else custom about your deployment? That the
>> > extension itself was (at least previously) actually modified and not
>> > the version included in the 0.9.13-incubating RC, and that the webapp
>> > is actually running under a custom Docker image, are all pretty
>> > important details.
>>
>> Yeah, I'd have to agree that these changes are fairly important in
>> debugging the problems you're seeing. Based on the Dockerfile you
>> provided, looks like you're running the raspbian Debian variant from
>> January. I'll see what I can do to build up a matching environment and try
>> to reproduce the issues you're seeing in there. Seems that something about
>> this Docker environment is causing the problems you're experiencing.
>>
>> Also, I see one issue in the Dockerfile right off the bat:
>>
>> COPY guacamole-auth-cas-$GUACAMOLE_VERSION-incubating.jar /etc/guacamole/
>>
>> That should be:
>>
>> COPY guacamole-auth-cas-$GUACAMOLE_VERSION-incubating.jar
>> /etc/guacamole/extensions/
>>
>> Please make that change and rerun and see what happens. It's a little
>> strange that it's working at all, but I haven't looked much at how the
>> extensions are loaded from the directory, so maybe they work anywhere
>> inside the /etc/guacamole directory?? Mike, any ideas there?
>> -Nick
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Kaushik Srinivasan <ka...@umail.iu.edu>.
I'm not copying guacamole-auth-cas into extensions folder initially because
I'm loading the jdbc driver and setting up user and stuff. After doing that
I load CAS into extensions folder manually and stop tomcat and restart for
it to take effect.
You are right and it won't work if u place the extension outside the
/guacamole/extension folder. That's why I put it there.
Thanks for checking the setup.
Regards
Kaushik Srinivasan
On 18 Jul 2017 8:42 a.m., "Nick Couchman" <ni...@yahoo.com.invalid>
wrote:
> On Monday, July 17, 2017, 11:08:06 PM EDT, Mike Jumper <
> mike.jumper@guac-dev.org> wrote:
>
>
> > On Mon, Jul 17, 2017 at 7:37 PM, Kaushik Srinivasan
> > <ka...@umail.iu.edu> wrote:
> >>
> >> ...
> >>
> >> Also there's a major information I might have left out. I have been
> setting
> >> all this up in Docker. Not using the docker file provided in the github
> as
> >> I'm building on an arm architecture. It needs slightly different
> settings.
> >>
>
> >Can you share the Dockerfile and/or the images themselves?
>
> > Is there anything else custom about your deployment? That the
> > extension itself was (at least previously) actually modified and not
> > the version included in the 0.9.13-incubating RC, and that the webapp
> > is actually running under a custom Docker image, are all pretty
> > important details.
>
> Yeah, I'd have to agree that these changes are fairly important in
> debugging the problems you're seeing. Based on the Dockerfile you
> provided, looks like you're running the raspbian Debian variant from
> January. I'll see what I can do to build up a matching environment and try
> to reproduce the issues you're seeing in there. Seems that something about
> this Docker environment is causing the problems you're experiencing.
>
> Also, I see one issue in the Dockerfile right off the bat:
>
> COPY guacamole-auth-cas-$GUACAMOLE_VERSION-incubating.jar /etc/guacamole/
>
> That should be:
>
> COPY guacamole-auth-cas-$GUACAMOLE_VERSION-incubating.jar
> /etc/guacamole/extensions/
>
> Please make that change and rerun and see what happens. It's a little
> strange that it's working at all, but I haven't looked much at how the
> extensions are loaded from the directory, so maybe they work anywhere
> inside the /etc/guacamole directory?? Mike, any ideas there?
> -Nick
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Nick Couchman <ni...@yahoo.com.INVALID>.
On Monday, July 17, 2017, 11:08:06 PM EDT, Mike Jumper <mi...@guac-dev.org> wrote:
> On Mon, Jul 17, 2017 at 7:37 PM, Kaushik Srinivasan
> <ka...@umail.iu.edu> wrote:
>>
>> ...
>>
>> Also there's a major information I might have left out. I have been setting
>> all this up in Docker. Not using the docker file provided in the github as
>> I'm building on an arm architecture. It needs slightly different settings.
>>
>Can you share the Dockerfile and/or the images themselves?
> Is there anything else custom about your deployment? That the
> extension itself was (at least previously) actually modified and not
> the version included in the 0.9.13-incubating RC, and that the webapp
> is actually running under a custom Docker image, are all pretty
> important details.
Yeah, I'd have to agree that these changes are fairly important in debugging the problems you're seeing. Based on the Dockerfile you provided, looks like you're running the raspbian Debian variant from January. I'll see what I can do to build up a matching environment and try to reproduce the issues you're seeing in there. Seems that something about this Docker environment is causing the problems you're experiencing.
Also, I see one issue in the Dockerfile right off the bat:
COPY guacamole-auth-cas-$GUACAMOLE_VERSION-incubating.jar /etc/guacamole/
That should be:
COPY guacamole-auth-cas-$GUACAMOLE_VERSION-incubating.jar /etc/guacamole/extensions/
Please make that change and rerun and see what happens. It's a little strange that it's working at all, but I haven't looked much at how the extensions are loaded from the directory, so maybe they work anywhere inside the /etc/guacamole directory?? Mike, any ideas there?
-Nick
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Kaushik Srinivasan <ka...@umail.iu.edu>.
That is the only error in the log file.
On 18 Jul 2017 12:07 a.m., "Mike Jumper" <mi...@guac-dev.org> wrote:
> Regarding the "Mapped exception to response: 500 (Internal Server
> Error)" message - are there any other messages earlier in the logs?
>
>
> On Mon, Jul 17, 2017 at 8:16 PM, Kaushik Srinivasan
> <ka...@umail.iu.edu> wrote:
> > The extension is not modified. Its exactly built from
> > https://github.com/apache/incubator-guacamole-client/
> tree/master/extensions/guacamole-auth-cas
> >
> > I have attached the docker file. For now, the setting up of database for
> > jdbc and the steps from that are manually done once the container is
> > launched.
> >
> > Are there any other details I can provide.
> >
> > Regards
> > Kaushik Srinivasan
> >
> > On Mon, Jul 17, 2017 at 11:07 PM, Mike Jumper <mi...@guac-dev.org>
> > wrote:
> >>
> >> On Mon, Jul 17, 2017 at 7:37 PM, Kaushik Srinivasan
> >> <ka...@umail.iu.edu> wrote:
> >> >
> >> > ...
> >> >
> >> > Also there's a major information I might have left out. I have been
> >> > setting
> >> > all this up in Docker. Not using the docker file provided in the
> github
> >> > as
> >> > I'm building on an arm architecture. It needs slightly different
> >> > settings.
> >> >
> >>
> >> Can you share the Dockerfile and/or the images themselves?
> >>
> >> Is there anything else custom about your deployment? That the
> >> extension itself was (at least previously) actually modified and not
> >> the version included in the 0.9.13-incubating RC, and that the webapp
> >> is actually running under a custom Docker image, are all pretty
> >> important details.
> >>
> >> Thanks,
> >>
> >> - Mike
> >
> >
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Mike Jumper <mi...@guac-dev.org>.
Regarding the "Mapped exception to response: 500 (Internal Server
Error)" message - are there any other messages earlier in the logs?
On Mon, Jul 17, 2017 at 8:16 PM, Kaushik Srinivasan
<ka...@umail.iu.edu> wrote:
> The extension is not modified. Its exactly built from
> https://github.com/apache/incubator-guacamole-client/tree/master/extensions/guacamole-auth-cas
>
> I have attached the docker file. For now, the setting up of database for
> jdbc and the steps from that are manually done once the container is
> launched.
>
> Are there any other details I can provide.
>
> Regards
> Kaushik Srinivasan
>
> On Mon, Jul 17, 2017 at 11:07 PM, Mike Jumper <mi...@guac-dev.org>
> wrote:
>>
>> On Mon, Jul 17, 2017 at 7:37 PM, Kaushik Srinivasan
>> <ka...@umail.iu.edu> wrote:
>> >
>> > ...
>> >
>> > Also there's a major information I might have left out. I have been
>> > setting
>> > all this up in Docker. Not using the docker file provided in the github
>> > as
>> > I'm building on an arm architecture. It needs slightly different
>> > settings.
>> >
>>
>> Can you share the Dockerfile and/or the images themselves?
>>
>> Is there anything else custom about your deployment? That the
>> extension itself was (at least previously) actually modified and not
>> the version included in the 0.9.13-incubating RC, and that the webapp
>> is actually running under a custom Docker image, are all pretty
>> important details.
>>
>> Thanks,
>>
>> - Mike
>
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Kaushik Srinivasan <ka...@umail.iu.edu>.
The extension is not modified. Its exactly built from
https://github.com/apache/incubator-guacamole-client/tree/master/extensions/guacamole-auth-cas
I have attached the docker file. For now, the setting up of database for
jdbc and the steps from that are manually done once the container is
launched.
Are there any other details I can provide.
Regards
Kaushik Srinivasan
On Mon, Jul 17, 2017 at 11:07 PM, Mike Jumper <mi...@guac-dev.org>
wrote:
> On Mon, Jul 17, 2017 at 7:37 PM, Kaushik Srinivasan
> <ka...@umail.iu.edu> wrote:
> >
> > ...
> >
> > Also there's a major information I might have left out. I have been
> setting
> > all this up in Docker. Not using the docker file provided in the github
> as
> > I'm building on an arm architecture. It needs slightly different
> settings.
> >
>
> Can you share the Dockerfile and/or the images themselves?
>
> Is there anything else custom about your deployment? That the
> extension itself was (at least previously) actually modified and not
> the version included in the 0.9.13-incubating RC, and that the webapp
> is actually running under a custom Docker image, are all pretty
> important details.
>
> Thanks,
>
> - Mike
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Mike Jumper <mi...@guac-dev.org>.
On Mon, Jul 17, 2017 at 7:37 PM, Kaushik Srinivasan
<ka...@umail.iu.edu> wrote:
>
> ...
>
> Also there's a major information I might have left out. I have been setting
> all this up in Docker. Not using the docker file provided in the github as
> I'm building on an arm architecture. It needs slightly different settings.
>
Can you share the Dockerfile and/or the images themselves?
Is there anything else custom about your deployment? That the
extension itself was (at least previously) actually modified and not
the version included in the 0.9.13-incubating RC, and that the webapp
is actually running under a custom Docker image, are all pretty
important details.
Thanks,
- Mike
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Kaushik Srinivasan <ka...@umail.iu.edu>.
Trying the same thing using firefox instead of chrome
POST XHR http://poc1.dyndns-at-work.com:8080/guacamole/api/tokens [HTTP/1.1
500 1162ms]
Post params : ticketST-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Response : {"message":"Ticket validation
failed.","translatableMessage":{"key":"Ticket validation
failed.","variables":null},"statusCode":null,"expected":null,"type":"INTERNAL_ERROR"}
On Mon, Jul 17, 2017 at 10:37 PM, Kaushik Srinivasan <ka...@umail.iu.edu>
wrote:
> Hi Nick,
>
> I followed your instructions to the letter (except used mysql but doesnt
> matter) and the error persists.
>
> I checked the developer console like you suggested and found the api call
> which generates the error.
>
> *VM170:1 POST http://poc1.dyndns-at-work.com:8080/guacamole/api/tokens
> <http://poc1.dyndns-at-work.com:8080/guacamole/api/tokens> 500 ()*
> *(anonymous) @ VM170:1*
> *(anonymous) @ angular.js:9902*
> *m @ angular.js:9703*
> *f @ angular.js:9415*
> *(anonymous) @ angular.js:13292*
> *$eval @ angular.js:14547*
> *$digest @ angular.js:14363*
> *$apply @ angular.js:14652*
> *(anonymous) @ angular.js:1458*
> *e @ angular.js:4219*
> *d @ angular.js:1456*
> *xc @ angular.js:1476*
> *Od @ angular.js:1370*
> *(anonymous) @ angular.js:26419*
> *j @ jquery.js:3094*
> *fireWith @ jquery.js:3206*
> *ready @ jquery.js:3412*
> *I @ jquery.js:3428*
>
> The internal server error occurs in the /api/tokens.
>
> How do you think I should proceed from here?
>
> Also there's a major information I might have left out. I have been
> setting all this up in Docker. Not using the docker file provided in the
> github as I'm building on an arm architecture. It needs slightly different
> settings.
>
> Thanks in advance.
>
> Regards
> Kaushik Srinivasan
>
> On Mon, Jul 17, 2017 at 9:09 AM, Nick Couchman <nick.couchman@yahoo.com.
> invalid> wrote:
>
>> Understood. I just finished testing - here's exactly what I did:- Check
>> out guacamole-client staging/0.9.13-incubating and build (mvn clean
>> package)- Make sure extensions folder is clean, then copy JDBC extension to
>> the extensions folder (I'm using PostgreSQL)- Create a clean database for
>> Guacamole, then run both the 001-create-schema.sql and
>> 002-create-admin-user.sql scripts- Load Guacamole into Tomcat- Log in with
>> the guacadmin user and create a single connection.- Create a Guacamole user
>> with a username that matches my SSO username, and give it permissions to
>> the new connection.- Log out of Guacamole- Copy the CAS extension to the
>> extensions folder- Re-load Guacamole into Tomcat- Go to Guacamole URL,
>> which redirects to CAS- Log on with CAS credentials- Redirected back to
>> Guacamole page- Connection starts automatically. I set up a SSH test
>> connection with just the hostname and port configured, so I get prompted
>> for logon credentials.
>> I'm not seeing any errors in the tomcat catalina.out file from Guacamole,
>> and the connection auto-starts just fine.
>> Once you get a chance if you can try to determine what's triggering that
>> 500 error, maybe that'll help track it down. I'm unable to reproduce it,
>> unfortunately :-/.
>> -NickOn Monday, July 17, 2017, 8:56:59 AM EDT, Kaushik Srinivasan <
>> kausrini@umail.iu.edu> wrote:
>>
>> I'm currently working and would not be able to check it. I'd get back to
>> you by the end of the day.
>> Thanks.
>>
>> Regards
>> Kaushik Srinivasan
>>
>> On 17 Jul 2017 8:54 a.m., "Nick Couchman" <nick.couchman@yahoo.com.inval
>> id>
>> wrote:
>>
>> > So, I checked out the staging/0.9.13-incubating branch of the repo and
>> > built the client and extensions, loaded the JDBC and CAS modules, and
>> then
>> > loaded Guacamole. I am not seeing any sort of error message like this
>> when
>> > I log on with CAS. I have multiple connections available to me at the
>> > moment, so it's going to the home screen - I'll see if I can get it
>> down to
>> > a single connection and try it out that way, but so far no error.
>> > Not sure what browser you're using, but if you're using Chrome can you
>> > pull up the Developer console, go to the Network tab, and then go
>> through
>> > the login process and see which API call generates the Error 500?
>> > -Nick
>> >
>> >
>> > On Sunday, July 16, 2017, 10:50:01 PM EDT, Kaushik Srinivasan <
>> > kausrini@umail.iu.edu> wrote:
>> >
>> > Hi All,
>> >
>> > I have tried using the guacamole-auth-cas with 0.9.13 as suggested. I
>> > further used jdbc connection (mysql) for connection properties.
>> >
>> > The CAS authentication works now but does not redirect to my connection
>> > after that. I verified that the jdbc connection works independently ( by
>> > removing auth-cas extension). Also the username returned from auth-cas
>> is
>> > the same as the username I have stored in the mysql table.
>> >
>> > In the Tomcat-8 logs the following error is thrown.
>> >
>> > 17-Jul-2017 02:42:07.648 SEVERE [http-nio-8080-exec-4]
>> > com.sun.jersey.spi.container.ContainerResponse.logException Mapped
>> > exception to response: 500 (Internal Server Error)
>> > org.apache.guacamole.rest.APIException
>> > at
>> > org.apache.guacamole.rest.RESTExceptionWrapper.invoke(
>> > RESTExceptionWrapper.java:184)
>> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> > at
>> > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce
>> ssorImpl.java:
>> > 57)
>> > at
>> > sun.reflect.DelegatingMethodAccessorImpl.invoke(
>> > DelegatingMethodAccessorImpl.java:43)
>> > at java.lang.reflect.Method.invoke(Method.java:606)
>> > at
>> > com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(
>> > JavaMethodInvokerFactory.java:60)
>> > at
>> > com.sun.jersey.server.impl.model.method.dispatch.
>> > AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(
>> > AbstractResourceMethodDispatchProvider.java:185)
>> > at
>> > com.sun.jersey.server.impl.model.method.dispatch.
>> > ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.
>> > java:75)
>> > at
>> > com.sun.jersey.server.impl.uri.rules.HttpMethodRule.
>> > accept(HttpMethodRule.java:302)
>> > at
>> > com.sun.jersey.server.impl.uri.rules.ResourceClassRule.
>> > accept(ResourceClassRule.java:108)
>> > at
>> > com.sun.jersey.server.impl.uri.rules.RightHandPathRule.
>> > accept(RightHandPathRule.java:147)
>> > at
>> > com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(
>> > RootResourceClassesRule.java:84)
>> > at
>> > com.sun.jersey.server.impl.application.WebApplicationImpl._h
>> andleRequest(
>> > WebApplicationImpl.java:1511)
>> > at
>> > com.sun.jersey.server.impl.application.WebApplicationImpl._h
>> andleRequest(
>> > WebApplicationImpl.java:1442)
>> > at
>> > com.sun.jersey.server.impl.application.WebApplicationImpl.ha
>> ndleRequest(
>> > WebApplicationImpl.java:1391)
>> > at
>> > com.sun.jersey.server.impl.application.WebApplicationImpl.ha
>> ndleRequest(
>> > WebApplicationImpl.java:1381)
>> > at
>> > com.sun.jersey.spi.container.servlet.WebComponent.service(
>> > WebComponent.java:416)
>> > at
>> > com.sun.jersey.spi.container.servlet.ServletContainer.
>> > service(ServletContainer.java:538)
>> > at
>> > com.sun.jersey.spi.container.servlet.ServletContainer.
>> > service(ServletContainer.java:716)
>> > at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
>> > at
>> > com.google.inject.servlet.ServletDefinition.doService(
>> > ServletDefinition.java:263)
>> > at
>> > com.google.inject.servlet.ServletDefinition.service(
>> > ServletDefinition.java:178)
>> > at
>> > com.google.inject.servlet.ManagedServletPipeline.service(
>> > ManagedServletPipeline.java:91)
>> > at
>> > com.google.inject.servlet.FilterChainInvocation.doFilter(
>> > FilterChainInvocation.java:62)
>> > at
>> > com.google.inject.servlet.ManagedFilterPipeline.dispatch(
>> > ManagedFilterPipeline.java:118)
>> > at
>> > com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:113)
>> > at
>> > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(
>> > ApplicationFilterChain.java:193)
>> > at
>> > org.apache.catalina.core.ApplicationFilterChain.doFilter(
>> > ApplicationFilterChain.java:166)
>> > at
>> > org.apache.catalina.core.StandardWrapperValve.invoke(
>> > StandardWrapperValve.java:198)
>> > at
>> > org.apache.catalina.core.StandardContextValve.invoke(
>> > StandardContextValve.java:96)
>> > at
>> > org.apache.catalina.authenticator.AuthenticatorBase.invoke(
>> > AuthenticatorBase.java:478)
>> > at
>> > org.apache.catalina.core.StandardHostValve.invoke(
>> > StandardHostValve.java:140)
>> > at
>> > org.apache.catalina.valves.ErrorReportValve.invoke(
>> > ErrorReportValve.java:80)
>> > at
>> > org.apache.catalina.valves.AbstractAccessLogValve.invoke(
>> > AbstractAccessLogValve.java:624)
>> > at
>> > org.apache.catalina.core.StandardEngineValve.invoke(
>> > StandardEngineValve.java:87)
>> > at
>> > org.apache.catalina.connector.CoyoteAdapter.service(
>> > CoyoteAdapter.java:342)
>> > at
>> > org.apache.coyote.http11.Http11Processor.service(Http11Proce
>> ssor.java:799)
>> > at
>> > org.apache.coyote.AbstractProcessorLight.process(
>> > AbstractProcessorLight.java:66)
>> > at
>> > org.apache.coyote.AbstractProtocol$ConnectionHandler.process(
>> > AbstractProtocol.java:861)
>> > at
>> > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.
>> > doRun(NioEndpoint.java:1455)
>> > at
>> > org.apache.tomcat.util.net.SocketProcessorBase.run(
>> > SocketProcessorBase.java:49)
>> > at
>> > java.util.concurrent.ThreadPoolExecutor.runWorker(
>> > ThreadPoolExecutor.java:1145)
>> > at
>> > java.util.concurrent.ThreadPoolExecutor$Worker.run(
>> > ThreadPoolExecutor.java:615)
>> > at
>> > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(
>> > TaskThread.java:61)
>> > at java.lang.Thread.run(Thread.java:745)
>> >
>> >
>> > If anyone can help me resolve this, it'd be great. Thanks in advance.
>> >
>> > Regards
>> > Kaushik Srinivasan
>> >
>> > On Thu, Jul 13, 2017 at 10:08 AM, Kaushik Srinivasan <
>> > kausrini@umail.iu.edu>
>> > wrote:
>> >
>> > > Hi Nick,
>> > >
>> > > Thank you for the information. I will work on using Guacamole 0.9.13
>> and
>> > > see how I can add the connection through some module.
>> > >
>> > > Thank you for your time.
>> > >
>> > > Regards
>> > > Kaushik Srinivasan
>> > >
>> > > On Thu, Jul 13, 2017 at 10:04 AM, Nick Couchman <
>> nick.couchman@yahoo.com
>> > .
>> > > invalid> wrote:
>> > >
>> > >> On Thursday, July 13, 2017, 9:54:47 AM EDT, Kaushik Srinivasan <
>> > >> kausrini@umail.iu.edu> wrote:
>> > >>
>> > >>
>> > >> > Hi Nick
>> > >>
>> > >> > Thanks a lot for helping me out.
>> > >>
>> > >> > I'm currently using Guacamole-0.9.12 and CAS version is 3.4.1. The
>> CAS
>> > >> > module was obtained from the github (incubator-guacamole-client
>> > >> > <https://github.com/apache/incubator-guacamole-client/tree/
>> > >> master/extensions/guacamole-auth-cas>)
>> > >> > and version modified to support 0.9.12 instead of 0.9.13.
>> > >>
>> > >> I suspect this is the issue. There were some changes made outside of
>> > the
>> > >> CAS module between 0.9.12 and the 0.9.13 branch to improve the CAS
>> > redirect
>> > >> support, so I suspect you're hitting a case where the 0.9.12 code
>> > doesn't
>> > >> match up with the 0.9.13 module. Is there any way you can try it
>> with
>> > >> consistent versions across the board?
>> > >>
>> > >> > Apache-Tomcat 8.5.15 is my java application server and currently
>> for
>> > >> > testing purposes I'm not using any front end proxy server.
>> > >>
>> > >> > My guacamole.properties file contains the following Data
>> > >>
>> > >> > cas-authorization-endpoint: https://cas.iu.edu/cas/login
>> > >> > cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
>> > >> Looks good.
>> > >>
>> > >> > CAS auth module is the only authentication module I'm loading.
>> > >> The thing to keep in mind about the CAS authentication module is
>> that it
>> > >> does not supply any actual connections. So, using it by itself is
>> > going to
>> > >> be less-than-useful - you'll need to configure connections some other
>> > way,
>> > >> either using the file module, or by loading another module (JDBC is
>> > >> probably the most useful in this scenario) and configuring the
>> > connections
>> > >> in that module.
>> > >> -Nick
>> > >
>> > >
>> > >
>> >
>>
>
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Kaushik Srinivasan <ka...@umail.iu.edu>.
Hi Nick,
I followed your instructions to the letter (except used mysql but doesnt
matter) and the error persists.
I checked the developer console like you suggested and found the api call
which generates the error.
*VM170:1 POST http://poc1.dyndns-at-work.com:8080/guacamole/api/tokens
<http://poc1.dyndns-at-work.com:8080/guacamole/api/tokens> 500 ()*
*(anonymous) @ VM170:1*
*(anonymous) @ angular.js:9902*
*m @ angular.js:9703*
*f @ angular.js:9415*
*(anonymous) @ angular.js:13292*
*$eval @ angular.js:14547*
*$digest @ angular.js:14363*
*$apply @ angular.js:14652*
*(anonymous) @ angular.js:1458*
*e @ angular.js:4219*
*d @ angular.js:1456*
*xc @ angular.js:1476*
*Od @ angular.js:1370*
*(anonymous) @ angular.js:26419*
*j @ jquery.js:3094*
*fireWith @ jquery.js:3206*
*ready @ jquery.js:3412*
*I @ jquery.js:3428*
The internal server error occurs in the /api/tokens.
How do you think I should proceed from here?
Also there's a major information I might have left out. I have been setting
all this up in Docker. Not using the docker file provided in the github as
I'm building on an arm architecture. It needs slightly different settings.
Thanks in advance.
Regards
Kaushik Srinivasan
On Mon, Jul 17, 2017 at 9:09 AM, Nick Couchman <
nick.couchman@yahoo.com.invalid> wrote:
> Understood. I just finished testing - here's exactly what I did:- Check
> out guacamole-client staging/0.9.13-incubating and build (mvn clean
> package)- Make sure extensions folder is clean, then copy JDBC extension to
> the extensions folder (I'm using PostgreSQL)- Create a clean database for
> Guacamole, then run both the 001-create-schema.sql and
> 002-create-admin-user.sql scripts- Load Guacamole into Tomcat- Log in with
> the guacadmin user and create a single connection.- Create a Guacamole user
> with a username that matches my SSO username, and give it permissions to
> the new connection.- Log out of Guacamole- Copy the CAS extension to the
> extensions folder- Re-load Guacamole into Tomcat- Go to Guacamole URL,
> which redirects to CAS- Log on with CAS credentials- Redirected back to
> Guacamole page- Connection starts automatically. I set up a SSH test
> connection with just the hostname and port configured, so I get prompted
> for logon credentials.
> I'm not seeing any errors in the tomcat catalina.out file from Guacamole,
> and the connection auto-starts just fine.
> Once you get a chance if you can try to determine what's triggering that
> 500 error, maybe that'll help track it down. I'm unable to reproduce it,
> unfortunately :-/.
> -NickOn Monday, July 17, 2017, 8:56:59 AM EDT, Kaushik Srinivasan <
> kausrini@umail.iu.edu> wrote:
>
> I'm currently working and would not be able to check it. I'd get back to
> you by the end of the day.
> Thanks.
>
> Regards
> Kaushik Srinivasan
>
> On 17 Jul 2017 8:54 a.m., "Nick Couchman" <nick.couchman@yahoo.com.
> invalid>
> wrote:
>
> > So, I checked out the staging/0.9.13-incubating branch of the repo and
> > built the client and extensions, loaded the JDBC and CAS modules, and
> then
> > loaded Guacamole. I am not seeing any sort of error message like this
> when
> > I log on with CAS. I have multiple connections available to me at the
> > moment, so it's going to the home screen - I'll see if I can get it down
> to
> > a single connection and try it out that way, but so far no error.
> > Not sure what browser you're using, but if you're using Chrome can you
> > pull up the Developer console, go to the Network tab, and then go through
> > the login process and see which API call generates the Error 500?
> > -Nick
> >
> >
> > On Sunday, July 16, 2017, 10:50:01 PM EDT, Kaushik Srinivasan <
> > kausrini@umail.iu.edu> wrote:
> >
> > Hi All,
> >
> > I have tried using the guacamole-auth-cas with 0.9.13 as suggested. I
> > further used jdbc connection (mysql) for connection properties.
> >
> > The CAS authentication works now but does not redirect to my connection
> > after that. I verified that the jdbc connection works independently ( by
> > removing auth-cas extension). Also the username returned from auth-cas is
> > the same as the username I have stored in the mysql table.
> >
> > In the Tomcat-8 logs the following error is thrown.
> >
> > 17-Jul-2017 02:42:07.648 SEVERE [http-nio-8080-exec-4]
> > com.sun.jersey.spi.container.ContainerResponse.logException Mapped
> > exception to response: 500 (Internal Server Error)
> > org.apache.guacamole.rest.APIException
> > at
> > org.apache.guacamole.rest.RESTExceptionWrapper.invoke(
> > RESTExceptionWrapper.java:184)
> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> > at
> > sun.reflect.NativeMethodAccessorImpl.invoke(
> NativeMethodAccessorImpl.java:
> > 57)
> > at
> > sun.reflect.DelegatingMethodAccessorImpl.invoke(
> > DelegatingMethodAccessorImpl.java:43)
> > at java.lang.reflect.Method.invoke(Method.java:606)
> > at
> > com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(
> > JavaMethodInvokerFactory.java:60)
> > at
> > com.sun.jersey.server.impl.model.method.dispatch.
> > AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(
> > AbstractResourceMethodDispatchProvider.java:185)
> > at
> > com.sun.jersey.server.impl.model.method.dispatch.
> > ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.
> > java:75)
> > at
> > com.sun.jersey.server.impl.uri.rules.HttpMethodRule.
> > accept(HttpMethodRule.java:302)
> > at
> > com.sun.jersey.server.impl.uri.rules.ResourceClassRule.
> > accept(ResourceClassRule.java:108)
> > at
> > com.sun.jersey.server.impl.uri.rules.RightHandPathRule.
> > accept(RightHandPathRule.java:147)
> > at
> > com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(
> > RootResourceClassesRule.java:84)
> > at
> > com.sun.jersey.server.impl.application.WebApplicationImpl._
> handleRequest(
> > WebApplicationImpl.java:1511)
> > at
> > com.sun.jersey.server.impl.application.WebApplicationImpl._
> handleRequest(
> > WebApplicationImpl.java:1442)
> > at
> > com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(
> > WebApplicationImpl.java:1391)
> > at
> > com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(
> > WebApplicationImpl.java:1381)
> > at
> > com.sun.jersey.spi.container.servlet.WebComponent.service(
> > WebComponent.java:416)
> > at
> > com.sun.jersey.spi.container.servlet.ServletContainer.
> > service(ServletContainer.java:538)
> > at
> > com.sun.jersey.spi.container.servlet.ServletContainer.
> > service(ServletContainer.java:716)
> > at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
> > at
> > com.google.inject.servlet.ServletDefinition.doService(
> > ServletDefinition.java:263)
> > at
> > com.google.inject.servlet.ServletDefinition.service(
> > ServletDefinition.java:178)
> > at
> > com.google.inject.servlet.ManagedServletPipeline.service(
> > ManagedServletPipeline.java:91)
> > at
> > com.google.inject.servlet.FilterChainInvocation.doFilter(
> > FilterChainInvocation.java:62)
> > at
> > com.google.inject.servlet.ManagedFilterPipeline.dispatch(
> > ManagedFilterPipeline.java:118)
> > at
> > com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:113)
> > at
> > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(
> > ApplicationFilterChain.java:193)
> > at
> > org.apache.catalina.core.ApplicationFilterChain.doFilter(
> > ApplicationFilterChain.java:166)
> > at
> > org.apache.catalina.core.StandardWrapperValve.invoke(
> > StandardWrapperValve.java:198)
> > at
> > org.apache.catalina.core.StandardContextValve.invoke(
> > StandardContextValve.java:96)
> > at
> > org.apache.catalina.authenticator.AuthenticatorBase.invoke(
> > AuthenticatorBase.java:478)
> > at
> > org.apache.catalina.core.StandardHostValve.invoke(
> > StandardHostValve.java:140)
> > at
> > org.apache.catalina.valves.ErrorReportValve.invoke(
> > ErrorReportValve.java:80)
> > at
> > org.apache.catalina.valves.AbstractAccessLogValve.invoke(
> > AbstractAccessLogValve.java:624)
> > at
> > org.apache.catalina.core.StandardEngineValve.invoke(
> > StandardEngineValve.java:87)
> > at
> > org.apache.catalina.connector.CoyoteAdapter.service(
> > CoyoteAdapter.java:342)
> > at
> > org.apache.coyote.http11.Http11Processor.service(
> Http11Processor.java:799)
> > at
> > org.apache.coyote.AbstractProcessorLight.process(
> > AbstractProcessorLight.java:66)
> > at
> > org.apache.coyote.AbstractProtocol$ConnectionHandler.process(
> > AbstractProtocol.java:861)
> > at
> > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.
> > doRun(NioEndpoint.java:1455)
> > at
> > org.apache.tomcat.util.net.SocketProcessorBase.run(
> > SocketProcessorBase.java:49)
> > at
> > java.util.concurrent.ThreadPoolExecutor.runWorker(
> > ThreadPoolExecutor.java:1145)
> > at
> > java.util.concurrent.ThreadPoolExecutor$Worker.run(
> > ThreadPoolExecutor.java:615)
> > at
> > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(
> > TaskThread.java:61)
> > at java.lang.Thread.run(Thread.java:745)
> >
> >
> > If anyone can help me resolve this, it'd be great. Thanks in advance.
> >
> > Regards
> > Kaushik Srinivasan
> >
> > On Thu, Jul 13, 2017 at 10:08 AM, Kaushik Srinivasan <
> > kausrini@umail.iu.edu>
> > wrote:
> >
> > > Hi Nick,
> > >
> > > Thank you for the information. I will work on using Guacamole 0.9.13
> and
> > > see how I can add the connection through some module.
> > >
> > > Thank you for your time.
> > >
> > > Regards
> > > Kaushik Srinivasan
> > >
> > > On Thu, Jul 13, 2017 at 10:04 AM, Nick Couchman <
> nick.couchman@yahoo.com
> > .
> > > invalid> wrote:
> > >
> > >> On Thursday, July 13, 2017, 9:54:47 AM EDT, Kaushik Srinivasan <
> > >> kausrini@umail.iu.edu> wrote:
> > >>
> > >>
> > >> > Hi Nick
> > >>
> > >> > Thanks a lot for helping me out.
> > >>
> > >> > I'm currently using Guacamole-0.9.12 and CAS version is 3.4.1. The
> CAS
> > >> > module was obtained from the github (incubator-guacamole-client
> > >> > <https://github.com/apache/incubator-guacamole-client/tree/
> > >> master/extensions/guacamole-auth-cas>)
> > >> > and version modified to support 0.9.12 instead of 0.9.13.
> > >>
> > >> I suspect this is the issue. There were some changes made outside of
> > the
> > >> CAS module between 0.9.12 and the 0.9.13 branch to improve the CAS
> > redirect
> > >> support, so I suspect you're hitting a case where the 0.9.12 code
> > doesn't
> > >> match up with the 0.9.13 module. Is there any way you can try it with
> > >> consistent versions across the board?
> > >>
> > >> > Apache-Tomcat 8.5.15 is my java application server and currently for
> > >> > testing purposes I'm not using any front end proxy server.
> > >>
> > >> > My guacamole.properties file contains the following Data
> > >>
> > >> > cas-authorization-endpoint: https://cas.iu.edu/cas/login
> > >> > cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
> > >> Looks good.
> > >>
> > >> > CAS auth module is the only authentication module I'm loading.
> > >> The thing to keep in mind about the CAS authentication module is that
> it
> > >> does not supply any actual connections. So, using it by itself is
> > going to
> > >> be less-than-useful - you'll need to configure connections some other
> > way,
> > >> either using the file module, or by loading another module (JDBC is
> > >> probably the most useful in this scenario) and configuring the
> > connections
> > >> in that module.
> > >> -Nick
> > >
> > >
> > >
> >
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Kaushik Srinivasan <ka...@umail.iu.edu>.
Thanks a lot for the explicit instructions. I'm going to follow it to the
letter and get back you soon. Thank you!!
Regards
Kaushik Srinivasan
On 17 Jul 2017 9:10 a.m., "Nick Couchman" <ni...@yahoo.com.invalid>
wrote:
> Understood. I just finished testing - here's exactly what I did:- Check
> out guacamole-client staging/0.9.13-incubating and build (mvn clean
> package)- Make sure extensions folder is clean, then copy JDBC extension to
> the extensions folder (I'm using PostgreSQL)- Create a clean database for
> Guacamole, then run both the 001-create-schema.sql and
> 002-create-admin-user.sql scripts- Load Guacamole into Tomcat- Log in with
> the guacadmin user and create a single connection.- Create a Guacamole user
> with a username that matches my SSO username, and give it permissions to
> the new connection.- Log out of Guacamole- Copy the CAS extension to the
> extensions folder- Re-load Guacamole into Tomcat- Go to Guacamole URL,
> which redirects to CAS- Log on with CAS credentials- Redirected back to
> Guacamole page- Connection starts automatically. I set up a SSH test
> connection with just the hostname and port configured, so I get prompted
> for logon credentials.
> I'm not seeing any errors in the tomcat catalina.out file from Guacamole,
> and the connection auto-starts just fine.
> Once you get a chance if you can try to determine what's triggering that
> 500 error, maybe that'll help track it down. I'm unable to reproduce it,
> unfortunately :-/.
> -NickOn Monday, July 17, 2017, 8:56:59 AM EDT, Kaushik Srinivasan <
> kausrini@umail.iu.edu> wrote:
>
> I'm currently working and would not be able to check it. I'd get back to
> you by the end of the day.
> Thanks.
>
> Regards
> Kaushik Srinivasan
>
> On 17 Jul 2017 8:54 a.m., "Nick Couchman" <nick.couchman@yahoo.com.
> invalid>
> wrote:
>
> > So, I checked out the staging/0.9.13-incubating branch of the repo and
> > built the client and extensions, loaded the JDBC and CAS modules, and
> then
> > loaded Guacamole. I am not seeing any sort of error message like this
> when
> > I log on with CAS. I have multiple connections available to me at the
> > moment, so it's going to the home screen - I'll see if I can get it down
> to
> > a single connection and try it out that way, but so far no error.
> > Not sure what browser you're using, but if you're using Chrome can you
> > pull up the Developer console, go to the Network tab, and then go through
> > the login process and see which API call generates the Error 500?
> > -Nick
> >
> >
> > On Sunday, July 16, 2017, 10:50:01 PM EDT, Kaushik Srinivasan <
> > kausrini@umail.iu.edu> wrote:
> >
> > Hi All,
> >
> > I have tried using the guacamole-auth-cas with 0.9.13 as suggested. I
> > further used jdbc connection (mysql) for connection properties.
> >
> > The CAS authentication works now but does not redirect to my connection
> > after that. I verified that the jdbc connection works independently ( by
> > removing auth-cas extension). Also the username returned from auth-cas is
> > the same as the username I have stored in the mysql table.
> >
> > In the Tomcat-8 logs the following error is thrown.
> >
> > 17-Jul-2017 02:42:07.648 SEVERE [http-nio-8080-exec-4]
> > com.sun.jersey.spi.container.ContainerResponse.logException Mapped
> > exception to response: 500 (Internal Server Error)
> > org.apache.guacamole.rest.APIException
> > at
> > org.apache.guacamole.rest.RESTExceptionWrapper.invoke(
> > RESTExceptionWrapper.java:184)
> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> > at
> > sun.reflect.NativeMethodAccessorImpl.invoke(
> NativeMethodAccessorImpl.java:
> > 57)
> > at
> > sun.reflect.DelegatingMethodAccessorImpl.invoke(
> > DelegatingMethodAccessorImpl.java:43)
> > at java.lang.reflect.Method.invoke(Method.java:606)
> > at
> > com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(
> > JavaMethodInvokerFactory.java:60)
> > at
> > com.sun.jersey.server.impl.model.method.dispatch.
> > AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(
> > AbstractResourceMethodDispatchProvider.java:185)
> > at
> > com.sun.jersey.server.impl.model.method.dispatch.
> > ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.
> > java:75)
> > at
> > com.sun.jersey.server.impl.uri.rules.HttpMethodRule.
> > accept(HttpMethodRule.java:302)
> > at
> > com.sun.jersey.server.impl.uri.rules.ResourceClassRule.
> > accept(ResourceClassRule.java:108)
> > at
> > com.sun.jersey.server.impl.uri.rules.RightHandPathRule.
> > accept(RightHandPathRule.java:147)
> > at
> > com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(
> > RootResourceClassesRule.java:84)
> > at
> > com.sun.jersey.server.impl.application.WebApplicationImpl._
> handleRequest(
> > WebApplicationImpl.java:1511)
> > at
> > com.sun.jersey.server.impl.application.WebApplicationImpl._
> handleRequest(
> > WebApplicationImpl.java:1442)
> > at
> > com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(
> > WebApplicationImpl.java:1391)
> > at
> > com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(
> > WebApplicationImpl.java:1381)
> > at
> > com.sun.jersey.spi.container.servlet.WebComponent.service(
> > WebComponent.java:416)
> > at
> > com.sun.jersey.spi.container.servlet.ServletContainer.
> > service(ServletContainer.java:538)
> > at
> > com.sun.jersey.spi.container.servlet.ServletContainer.
> > service(ServletContainer.java:716)
> > at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
> > at
> > com.google.inject.servlet.ServletDefinition.doService(
> > ServletDefinition.java:263)
> > at
> > com.google.inject.servlet.ServletDefinition.service(
> > ServletDefinition.java:178)
> > at
> > com.google.inject.servlet.ManagedServletPipeline.service(
> > ManagedServletPipeline.java:91)
> > at
> > com.google.inject.servlet.FilterChainInvocation.doFilter(
> > FilterChainInvocation.java:62)
> > at
> > com.google.inject.servlet.ManagedFilterPipeline.dispatch(
> > ManagedFilterPipeline.java:118)
> > at
> > com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:113)
> > at
> > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(
> > ApplicationFilterChain.java:193)
> > at
> > org.apache.catalina.core.ApplicationFilterChain.doFilter(
> > ApplicationFilterChain.java:166)
> > at
> > org.apache.catalina.core.StandardWrapperValve.invoke(
> > StandardWrapperValve.java:198)
> > at
> > org.apache.catalina.core.StandardContextValve.invoke(
> > StandardContextValve.java:96)
> > at
> > org.apache.catalina.authenticator.AuthenticatorBase.invoke(
> > AuthenticatorBase.java:478)
> > at
> > org.apache.catalina.core.StandardHostValve.invoke(
> > StandardHostValve.java:140)
> > at
> > org.apache.catalina.valves.ErrorReportValve.invoke(
> > ErrorReportValve.java:80)
> > at
> > org.apache.catalina.valves.AbstractAccessLogValve.invoke(
> > AbstractAccessLogValve.java:624)
> > at
> > org.apache.catalina.core.StandardEngineValve.invoke(
> > StandardEngineValve.java:87)
> > at
> > org.apache.catalina.connector.CoyoteAdapter.service(
> > CoyoteAdapter.java:342)
> > at
> > org.apache.coyote.http11.Http11Processor.service(
> Http11Processor.java:799)
> > at
> > org.apache.coyote.AbstractProcessorLight.process(
> > AbstractProcessorLight.java:66)
> > at
> > org.apache.coyote.AbstractProtocol$ConnectionHandler.process(
> > AbstractProtocol.java:861)
> > at
> > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.
> > doRun(NioEndpoint.java:1455)
> > at
> > org.apache.tomcat.util.net.SocketProcessorBase.run(
> > SocketProcessorBase.java:49)
> > at
> > java.util.concurrent.ThreadPoolExecutor.runWorker(
> > ThreadPoolExecutor.java:1145)
> > at
> > java.util.concurrent.ThreadPoolExecutor$Worker.run(
> > ThreadPoolExecutor.java:615)
> > at
> > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(
> > TaskThread.java:61)
> > at java.lang.Thread.run(Thread.java:745)
> >
> >
> > If anyone can help me resolve this, it'd be great. Thanks in advance.
> >
> > Regards
> > Kaushik Srinivasan
> >
> > On Thu, Jul 13, 2017 at 10:08 AM, Kaushik Srinivasan <
> > kausrini@umail.iu.edu>
> > wrote:
> >
> > > Hi Nick,
> > >
> > > Thank you for the information. I will work on using Guacamole 0.9.13
> and
> > > see how I can add the connection through some module.
> > >
> > > Thank you for your time.
> > >
> > > Regards
> > > Kaushik Srinivasan
> > >
> > > On Thu, Jul 13, 2017 at 10:04 AM, Nick Couchman <
> nick.couchman@yahoo.com
> > .
> > > invalid> wrote:
> > >
> > >> On Thursday, July 13, 2017, 9:54:47 AM EDT, Kaushik Srinivasan <
> > >> kausrini@umail.iu.edu> wrote:
> > >>
> > >>
> > >> > Hi Nick
> > >>
> > >> > Thanks a lot for helping me out.
> > >>
> > >> > I'm currently using Guacamole-0.9.12 and CAS version is 3.4.1. The
> CAS
> > >> > module was obtained from the github (incubator-guacamole-client
> > >> > <https://github.com/apache/incubator-guacamole-client/tree/
> > >> master/extensions/guacamole-auth-cas>)
> > >> > and version modified to support 0.9.12 instead of 0.9.13.
> > >>
> > >> I suspect this is the issue. There were some changes made outside of
> > the
> > >> CAS module between 0.9.12 and the 0.9.13 branch to improve the CAS
> > redirect
> > >> support, so I suspect you're hitting a case where the 0.9.12 code
> > doesn't
> > >> match up with the 0.9.13 module. Is there any way you can try it with
> > >> consistent versions across the board?
> > >>
> > >> > Apache-Tomcat 8.5.15 is my java application server and currently for
> > >> > testing purposes I'm not using any front end proxy server.
> > >>
> > >> > My guacamole.properties file contains the following Data
> > >>
> > >> > cas-authorization-endpoint: https://cas.iu.edu/cas/login
> > >> > cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
> > >> Looks good.
> > >>
> > >> > CAS auth module is the only authentication module I'm loading.
> > >> The thing to keep in mind about the CAS authentication module is that
> it
> > >> does not supply any actual connections. So, using it by itself is
> > going to
> > >> be less-than-useful - you'll need to configure connections some other
> > way,
> > >> either using the file module, or by loading another module (JDBC is
> > >> probably the most useful in this scenario) and configuring the
> > connections
> > >> in that module.
> > >> -Nick
> > >
> > >
> > >
> >
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Nick Couchman <ni...@yahoo.com.INVALID>.
Understood. I just finished testing - here's exactly what I did:- Check out guacamole-client staging/0.9.13-incubating and build (mvn clean package)- Make sure extensions folder is clean, then copy JDBC extension to the extensions folder (I'm using PostgreSQL)- Create a clean database for Guacamole, then run both the 001-create-schema.sql and 002-create-admin-user.sql scripts- Load Guacamole into Tomcat- Log in with the guacadmin user and create a single connection.- Create a Guacamole user with a username that matches my SSO username, and give it permissions to the new connection.- Log out of Guacamole- Copy the CAS extension to the extensions folder- Re-load Guacamole into Tomcat- Go to Guacamole URL, which redirects to CAS- Log on with CAS credentials- Redirected back to Guacamole page- Connection starts automatically. I set up a SSH test connection with just the hostname and port configured, so I get prompted for logon credentials.
I'm not seeing any errors in the tomcat catalina.out file from Guacamole, and the connection auto-starts just fine.
Once you get a chance if you can try to determine what's triggering that 500 error, maybe that'll help track it down. I'm unable to reproduce it, unfortunately :-/.
-NickOn Monday, July 17, 2017, 8:56:59 AM EDT, Kaushik Srinivasan <ka...@umail.iu.edu> wrote:
I'm currently working and would not be able to check it. I'd get back to
you by the end of the day.
Thanks.
Regards
Kaushik Srinivasan
On 17 Jul 2017 8:54 a.m., "Nick Couchman" <ni...@yahoo.com.invalid>
wrote:
> So, I checked out the staging/0.9.13-incubating branch of the repo and
> built the client and extensions, loaded the JDBC and CAS modules, and then
> loaded Guacamole. I am not seeing any sort of error message like this when
> I log on with CAS. I have multiple connections available to me at the
> moment, so it's going to the home screen - I'll see if I can get it down to
> a single connection and try it out that way, but so far no error.
> Not sure what browser you're using, but if you're using Chrome can you
> pull up the Developer console, go to the Network tab, and then go through
> the login process and see which API call generates the Error 500?
> -Nick
>
>
> On Sunday, July 16, 2017, 10:50:01 PM EDT, Kaushik Srinivasan <
> kausrini@umail.iu.edu> wrote:
>
> Hi All,
>
> I have tried using the guacamole-auth-cas with 0.9.13 as suggested. I
> further used jdbc connection (mysql) for connection properties.
>
> The CAS authentication works now but does not redirect to my connection
> after that. I verified that the jdbc connection works independently ( by
> removing auth-cas extension). Also the username returned from auth-cas is
> the same as the username I have stored in the mysql table.
>
> In the Tomcat-8 logs the following error is thrown.
>
> 17-Jul-2017 02:42:07.648 SEVERE [http-nio-8080-exec-4]
> com.sun.jersey.spi.container.ContainerResponse.logException Mapped
> exception to response: 500 (Internal Server Error)
> org.apache.guacamole.rest.APIException
> at
> org.apache.guacamole.rest.RESTExceptionWrapper.invoke(
> RESTExceptionWrapper.java:184)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:
> 57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(
> DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
> com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(
> JavaMethodInvokerFactory.java:60)
> at
> com.sun.jersey.server.impl.model.method.dispatch.
> AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(
> AbstractResourceMethodDispatchProvider.java:185)
> at
> com.sun.jersey.server.impl.model.method.dispatch.
> ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.
> java:75)
> at
> com.sun.jersey.server.impl.uri.rules.HttpMethodRule.
> accept(HttpMethodRule.java:302)
> at
> com.sun.jersey.server.impl.uri.rules.ResourceClassRule.
> accept(ResourceClassRule.java:108)
> at
> com.sun.jersey.server.impl.uri.rules.RightHandPathRule.
> accept(RightHandPathRule.java:147)
> at
> com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(
> RootResourceClassesRule.java:84)
> at
> com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(
> WebApplicationImpl.java:1511)
> at
> com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(
> WebApplicationImpl.java:1442)
> at
> com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(
> WebApplicationImpl.java:1391)
> at
> com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(
> WebApplicationImpl.java:1381)
> at
> com.sun.jersey.spi.container.servlet.WebComponent.service(
> WebComponent.java:416)
> at
> com.sun.jersey.spi.container.servlet.ServletContainer.
> service(ServletContainer.java:538)
> at
> com.sun.jersey.spi.container.servlet.ServletContainer.
> service(ServletContainer.java:716)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
> at
> com.google.inject.servlet.ServletDefinition.doService(
> ServletDefinition.java:263)
> at
> com.google.inject.servlet.ServletDefinition.service(
> ServletDefinition.java:178)
> at
> com.google.inject.servlet.ManagedServletPipeline.service(
> ManagedServletPipeline.java:91)
> at
> com.google.inject.servlet.FilterChainInvocation.doFilter(
> FilterChainInvocation.java:62)
> at
> com.google.inject.servlet.ManagedFilterPipeline.dispatch(
> ManagedFilterPipeline.java:118)
> at
> com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:113)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(
> ApplicationFilterChain.java:193)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(
> ApplicationFilterChain.java:166)
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(
> StandardWrapperValve.java:198)
> at
> org.apache.catalina.core.StandardContextValve.invoke(
> StandardContextValve.java:96)
> at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(
> AuthenticatorBase.java:478)
> at
> org.apache.catalina.core.StandardHostValve.invoke(
> StandardHostValve.java:140)
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(
> ErrorReportValve.java:80)
> at
> org.apache.catalina.valves.AbstractAccessLogValve.invoke(
> AbstractAccessLogValve.java:624)
> at
> org.apache.catalina.core.StandardEngineValve.invoke(
> StandardEngineValve.java:87)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(
> CoyoteAdapter.java:342)
> at
> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:799)
> at
> org.apache.coyote.AbstractProcessorLight.process(
> AbstractProcessorLight.java:66)
> at
> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(
> AbstractProtocol.java:861)
> at
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.
> doRun(NioEndpoint.java:1455)
> at
> org.apache.tomcat.util.net.SocketProcessorBase.run(
> SocketProcessorBase.java:49)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(
> ThreadPoolExecutor.java:1145)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(
> ThreadPoolExecutor.java:615)
> at
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(
> TaskThread.java:61)
> at java.lang.Thread.run(Thread.java:745)
>
>
> If anyone can help me resolve this, it'd be great. Thanks in advance.
>
> Regards
> Kaushik Srinivasan
>
> On Thu, Jul 13, 2017 at 10:08 AM, Kaushik Srinivasan <
> kausrini@umail.iu.edu>
> wrote:
>
> > Hi Nick,
> >
> > Thank you for the information. I will work on using Guacamole 0.9.13 and
> > see how I can add the connection through some module.
> >
> > Thank you for your time.
> >
> > Regards
> > Kaushik Srinivasan
> >
> > On Thu, Jul 13, 2017 at 10:04 AM, Nick Couchman <nick.couchman@yahoo.com
> .
> > invalid> wrote:
> >
> >> On Thursday, July 13, 2017, 9:54:47 AM EDT, Kaushik Srinivasan <
> >> kausrini@umail.iu.edu> wrote:
> >>
> >>
> >> > Hi Nick
> >>
> >> > Thanks a lot for helping me out.
> >>
> >> > I'm currently using Guacamole-0.9.12 and CAS version is 3.4.1. The CAS
> >> > module was obtained from the github (incubator-guacamole-client
> >> > <https://github.com/apache/incubator-guacamole-client/tree/
> >> master/extensions/guacamole-auth-cas>)
> >> > and version modified to support 0.9.12 instead of 0.9.13.
> >>
> >> I suspect this is the issue. There were some changes made outside of
> the
> >> CAS module between 0.9.12 and the 0.9.13 branch to improve the CAS
> redirect
> >> support, so I suspect you're hitting a case where the 0.9.12 code
> doesn't
> >> match up with the 0.9.13 module. Is there any way you can try it with
> >> consistent versions across the board?
> >>
> >> > Apache-Tomcat 8.5.15 is my java application server and currently for
> >> > testing purposes I'm not using any front end proxy server.
> >>
> >> > My guacamole.properties file contains the following Data
> >>
> >> > cas-authorization-endpoint: https://cas.iu.edu/cas/login
> >> > cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
> >> Looks good.
> >>
> >> > CAS auth module is the only authentication module I'm loading.
> >> The thing to keep in mind about the CAS authentication module is that it
> >> does not supply any actual connections. So, using it by itself is
> going to
> >> be less-than-useful - you'll need to configure connections some other
> way,
> >> either using the file module, or by loading another module (JDBC is
> >> probably the most useful in this scenario) and configuring the
> connections
> >> in that module.
> >> -Nick
> >
> >
> >
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Kaushik Srinivasan <ka...@umail.iu.edu>.
I'm currently working and would not be able to check it. I'd get back to
you by the end of the day.
Thanks.
Regards
Kaushik Srinivasan
On 17 Jul 2017 8:54 a.m., "Nick Couchman" <ni...@yahoo.com.invalid>
wrote:
> So, I checked out the staging/0.9.13-incubating branch of the repo and
> built the client and extensions, loaded the JDBC and CAS modules, and then
> loaded Guacamole. I am not seeing any sort of error message like this when
> I log on with CAS. I have multiple connections available to me at the
> moment, so it's going to the home screen - I'll see if I can get it down to
> a single connection and try it out that way, but so far no error.
> Not sure what browser you're using, but if you're using Chrome can you
> pull up the Developer console, go to the Network tab, and then go through
> the login process and see which API call generates the Error 500?
> -Nick
>
>
> On Sunday, July 16, 2017, 10:50:01 PM EDT, Kaushik Srinivasan <
> kausrini@umail.iu.edu> wrote:
>
> Hi All,
>
> I have tried using the guacamole-auth-cas with 0.9.13 as suggested. I
> further used jdbc connection (mysql) for connection properties.
>
> The CAS authentication works now but does not redirect to my connection
> after that. I verified that the jdbc connection works independently ( by
> removing auth-cas extension). Also the username returned from auth-cas is
> the same as the username I have stored in the mysql table.
>
> In the Tomcat-8 logs the following error is thrown.
>
> 17-Jul-2017 02:42:07.648 SEVERE [http-nio-8080-exec-4]
> com.sun.jersey.spi.container.ContainerResponse.logException Mapped
> exception to response: 500 (Internal Server Error)
> org.apache.guacamole.rest.APIException
> at
> org.apache.guacamole.rest.RESTExceptionWrapper.invoke(
> RESTExceptionWrapper.java:184)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:
> 57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(
> DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
> com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(
> JavaMethodInvokerFactory.java:60)
> at
> com.sun.jersey.server.impl.model.method.dispatch.
> AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(
> AbstractResourceMethodDispatchProvider.java:185)
> at
> com.sun.jersey.server.impl.model.method.dispatch.
> ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.
> java:75)
> at
> com.sun.jersey.server.impl.uri.rules.HttpMethodRule.
> accept(HttpMethodRule.java:302)
> at
> com.sun.jersey.server.impl.uri.rules.ResourceClassRule.
> accept(ResourceClassRule.java:108)
> at
> com.sun.jersey.server.impl.uri.rules.RightHandPathRule.
> accept(RightHandPathRule.java:147)
> at
> com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(
> RootResourceClassesRule.java:84)
> at
> com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(
> WebApplicationImpl.java:1511)
> at
> com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(
> WebApplicationImpl.java:1442)
> at
> com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(
> WebApplicationImpl.java:1391)
> at
> com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(
> WebApplicationImpl.java:1381)
> at
> com.sun.jersey.spi.container.servlet.WebComponent.service(
> WebComponent.java:416)
> at
> com.sun.jersey.spi.container.servlet.ServletContainer.
> service(ServletContainer.java:538)
> at
> com.sun.jersey.spi.container.servlet.ServletContainer.
> service(ServletContainer.java:716)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
> at
> com.google.inject.servlet.ServletDefinition.doService(
> ServletDefinition.java:263)
> at
> com.google.inject.servlet.ServletDefinition.service(
> ServletDefinition.java:178)
> at
> com.google.inject.servlet.ManagedServletPipeline.service(
> ManagedServletPipeline.java:91)
> at
> com.google.inject.servlet.FilterChainInvocation.doFilter(
> FilterChainInvocation.java:62)
> at
> com.google.inject.servlet.ManagedFilterPipeline.dispatch(
> ManagedFilterPipeline.java:118)
> at
> com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:113)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(
> ApplicationFilterChain.java:193)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(
> ApplicationFilterChain.java:166)
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(
> StandardWrapperValve.java:198)
> at
> org.apache.catalina.core.StandardContextValve.invoke(
> StandardContextValve.java:96)
> at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(
> AuthenticatorBase.java:478)
> at
> org.apache.catalina.core.StandardHostValve.invoke(
> StandardHostValve.java:140)
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(
> ErrorReportValve.java:80)
> at
> org.apache.catalina.valves.AbstractAccessLogValve.invoke(
> AbstractAccessLogValve.java:624)
> at
> org.apache.catalina.core.StandardEngineValve.invoke(
> StandardEngineValve.java:87)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(
> CoyoteAdapter.java:342)
> at
> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:799)
> at
> org.apache.coyote.AbstractProcessorLight.process(
> AbstractProcessorLight.java:66)
> at
> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(
> AbstractProtocol.java:861)
> at
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.
> doRun(NioEndpoint.java:1455)
> at
> org.apache.tomcat.util.net.SocketProcessorBase.run(
> SocketProcessorBase.java:49)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(
> ThreadPoolExecutor.java:1145)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(
> ThreadPoolExecutor.java:615)
> at
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(
> TaskThread.java:61)
> at java.lang.Thread.run(Thread.java:745)
>
>
> If anyone can help me resolve this, it'd be great. Thanks in advance.
>
> Regards
> Kaushik Srinivasan
>
> On Thu, Jul 13, 2017 at 10:08 AM, Kaushik Srinivasan <
> kausrini@umail.iu.edu>
> wrote:
>
> > Hi Nick,
> >
> > Thank you for the information. I will work on using Guacamole 0.9.13 and
> > see how I can add the connection through some module.
> >
> > Thank you for your time.
> >
> > Regards
> > Kaushik Srinivasan
> >
> > On Thu, Jul 13, 2017 at 10:04 AM, Nick Couchman <nick.couchman@yahoo.com
> .
> > invalid> wrote:
> >
> >> On Thursday, July 13, 2017, 9:54:47 AM EDT, Kaushik Srinivasan <
> >> kausrini@umail.iu.edu> wrote:
> >>
> >>
> >> > Hi Nick
> >>
> >> > Thanks a lot for helping me out.
> >>
> >> > I'm currently using Guacamole-0.9.12 and CAS version is 3.4.1. The CAS
> >> > module was obtained from the github (incubator-guacamole-client
> >> > <https://github.com/apache/incubator-guacamole-client/tree/
> >> master/extensions/guacamole-auth-cas>)
> >> > and version modified to support 0.9.12 instead of 0.9.13.
> >>
> >> I suspect this is the issue. There were some changes made outside of
> the
> >> CAS module between 0.9.12 and the 0.9.13 branch to improve the CAS
> redirect
> >> support, so I suspect you're hitting a case where the 0.9.12 code
> doesn't
> >> match up with the 0.9.13 module. Is there any way you can try it with
> >> consistent versions across the board?
> >>
> >> > Apache-Tomcat 8.5.15 is my java application server and currently for
> >> > testing purposes I'm not using any front end proxy server.
> >>
> >> > My guacamole.properties file contains the following Data
> >>
> >> > cas-authorization-endpoint: https://cas.iu.edu/cas/login
> >> > cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
> >> Looks good.
> >>
> >> > CAS auth module is the only authentication module I'm loading.
> >> The thing to keep in mind about the CAS authentication module is that it
> >> does not supply any actual connections. So, using it by itself is
> going to
> >> be less-than-useful - you'll need to configure connections some other
> way,
> >> either using the file module, or by loading another module (JDBC is
> >> probably the most useful in this scenario) and configuring the
> connections
> >> in that module.
> >> -Nick
> >
> >
> >
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Nick Couchman <ni...@yahoo.com.INVALID>.
So, I checked out the staging/0.9.13-incubating branch of the repo and built the client and extensions, loaded the JDBC and CAS modules, and then loaded Guacamole. I am not seeing any sort of error message like this when I log on with CAS. I have multiple connections available to me at the moment, so it's going to the home screen - I'll see if I can get it down to a single connection and try it out that way, but so far no error.
Not sure what browser you're using, but if you're using Chrome can you pull up the Developer console, go to the Network tab, and then go through the login process and see which API call generates the Error 500?
-Nick
On Sunday, July 16, 2017, 10:50:01 PM EDT, Kaushik Srinivasan <ka...@umail.iu.edu> wrote:
Hi All,
I have tried using the guacamole-auth-cas with 0.9.13 as suggested. I
further used jdbc connection (mysql) for connection properties.
The CAS authentication works now but does not redirect to my connection
after that. I verified that the jdbc connection works independently ( by
removing auth-cas extension). Also the username returned from auth-cas is
the same as the username I have stored in the mysql table.
In the Tomcat-8 logs the following error is thrown.
17-Jul-2017 02:42:07.648 SEVERE [http-nio-8080-exec-4]
com.sun.jersey.spi.container.ContainerResponse.logException Mapped
exception to response: 500 (Internal Server Error)
org.apache.guacamole.rest.APIException
at
org.apache.guacamole.rest.RESTExceptionWrapper.invoke(RESTExceptionWrapper.java:184)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at
com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)
at
com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)
at
com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)
at
com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:302)
at
com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:108)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:84)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1511)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1442)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1391)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1381)
at
com.sun.jersey.spi.container.servlet.WebComponent.service(WebComponent.java:416)
at
com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:538)
at
com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:716)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
at
com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:263)
at
com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:178)
at
com.google.inject.servlet.ManagedServletPipeline.service(ManagedServletPipeline.java:91)
at
com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:62)
at
com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:118)
at
com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:113)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:80)
at
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:624)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
at
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:799)
at
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:861)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1455)
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
If anyone can help me resolve this, it'd be great. Thanks in advance.
Regards
Kaushik Srinivasan
On Thu, Jul 13, 2017 at 10:08 AM, Kaushik Srinivasan <ka...@umail.iu.edu>
wrote:
> Hi Nick,
>
> Thank you for the information. I will work on using Guacamole 0.9.13 and
> see how I can add the connection through some module.
>
> Thank you for your time.
>
> Regards
> Kaushik Srinivasan
>
> On Thu, Jul 13, 2017 at 10:04 AM, Nick Couchman <nick.couchman@yahoo.com.
> invalid> wrote:
>
>> On Thursday, July 13, 2017, 9:54:47 AM EDT, Kaushik Srinivasan <
>> kausrini@umail.iu.edu> wrote:
>>
>>
>> > Hi Nick
>>
>> > Thanks a lot for helping me out.
>>
>> > I'm currently using Guacamole-0.9.12 and CAS version is 3.4.1. The CAS
>> > module was obtained from the github (incubator-guacamole-client
>> > <https://github.com/apache/incubator-guacamole-client/tree/
>> master/extensions/guacamole-auth-cas>)
>> > and version modified to support 0.9.12 instead of 0.9.13.
>>
>> I suspect this is the issue. There were some changes made outside of the
>> CAS module between 0.9.12 and the 0.9.13 branch to improve the CAS redirect
>> support, so I suspect you're hitting a case where the 0.9.12 code doesn't
>> match up with the 0.9.13 module. Is there any way you can try it with
>> consistent versions across the board?
>>
>> > Apache-Tomcat 8.5.15 is my java application server and currently for
>> > testing purposes I'm not using any front end proxy server.
>>
>> > My guacamole.properties file contains the following Data
>>
>> > cas-authorization-endpoint: https://cas.iu.edu/cas/login
>> > cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
>> Looks good.
>>
>> > CAS auth module is the only authentication module I'm loading.
>> The thing to keep in mind about the CAS authentication module is that it
>> does not supply any actual connections. So, using it by itself is going to
>> be less-than-useful - you'll need to configure connections some other way,
>> either using the file module, or by loading another module (JDBC is
>> probably the most useful in this scenario) and configuring the connections
>> in that module.
>> -Nick
>
>
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Kaushik Srinivasan <ka...@umail.iu.edu>.
Hi All,
I have tried using the guacamole-auth-cas with 0.9.13 as suggested. I
further used jdbc connection (mysql) for connection properties.
The CAS authentication works now but does not redirect to my connection
after that. I verified that the jdbc connection works independently ( by
removing auth-cas extension). Also the username returned from auth-cas is
the same as the username I have stored in the mysql table.
In the Tomcat-8 logs the following error is thrown.
17-Jul-2017 02:42:07.648 SEVERE [http-nio-8080-exec-4]
com.sun.jersey.spi.container.ContainerResponse.logException Mapped
exception to response: 500 (Internal Server Error)
org.apache.guacamole.rest.APIException
at
org.apache.guacamole.rest.RESTExceptionWrapper.invoke(RESTExceptionWrapper.java:184)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at
com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)
at
com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)
at
com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)
at
com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:302)
at
com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:108)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:84)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1511)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1442)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1391)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1381)
at
com.sun.jersey.spi.container.servlet.WebComponent.service(WebComponent.java:416)
at
com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:538)
at
com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:716)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
at
com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:263)
at
com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:178)
at
com.google.inject.servlet.ManagedServletPipeline.service(ManagedServletPipeline.java:91)
at
com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:62)
at
com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:118)
at
com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:113)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:80)
at
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:624)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
at
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:799)
at
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:861)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1455)
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
If anyone can help me resolve this, it'd be great. Thanks in advance.
Regards
Kaushik Srinivasan
On Thu, Jul 13, 2017 at 10:08 AM, Kaushik Srinivasan <ka...@umail.iu.edu>
wrote:
> Hi Nick,
>
> Thank you for the information. I will work on using Guacamole 0.9.13 and
> see how I can add the connection through some module.
>
> Thank you for your time.
>
> Regards
> Kaushik Srinivasan
>
> On Thu, Jul 13, 2017 at 10:04 AM, Nick Couchman <nick.couchman@yahoo.com.
> invalid> wrote:
>
>> On Thursday, July 13, 2017, 9:54:47 AM EDT, Kaushik Srinivasan <
>> kausrini@umail.iu.edu> wrote:
>>
>>
>> > Hi Nick
>>
>> > Thanks a lot for helping me out.
>>
>> > I'm currently using Guacamole-0.9.12 and CAS version is 3.4.1. The CAS
>> > module was obtained from the github (incubator-guacamole-client
>> > <https://github.com/apache/incubator-guacamole-client/tree/
>> master/extensions/guacamole-auth-cas>)
>> > and version modified to support 0.9.12 instead of 0.9.13.
>>
>> I suspect this is the issue. There were some changes made outside of the
>> CAS module between 0.9.12 and the 0.9.13 branch to improve the CAS redirect
>> support, so I suspect you're hitting a case where the 0.9.12 code doesn't
>> match up with the 0.9.13 module. Is there any way you can try it with
>> consistent versions across the board?
>>
>> > Apache-Tomcat 8.5.15 is my java application server and currently for
>> > testing purposes I'm not using any front end proxy server.
>>
>> > My guacamole.properties file contains the following Data
>>
>> > cas-authorization-endpoint: https://cas.iu.edu/cas/login
>> > cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
>> Looks good.
>>
>> > CAS auth module is the only authentication module I'm loading.
>> The thing to keep in mind about the CAS authentication module is that it
>> does not supply any actual connections. So, using it by itself is going to
>> be less-than-useful - you'll need to configure connections some other way,
>> either using the file module, or by loading another module (JDBC is
>> probably the most useful in this scenario) and configuring the connections
>> in that module.
>> -Nick
>
>
>
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Kaushik Srinivasan <ka...@umail.iu.edu>.
Hi Nick,
Thank you for the information. I will work on using Guacamole 0.9.13 and
see how I can add the connection through some module.
Thank you for your time.
Regards
Kaushik Srinivasan
On Thu, Jul 13, 2017 at 10:04 AM, Nick Couchman <
nick.couchman@yahoo.com.invalid> wrote:
> On Thursday, July 13, 2017, 9:54:47 AM EDT, Kaushik Srinivasan <
> kausrini@umail.iu.edu> wrote:
>
>
> > Hi Nick
>
> > Thanks a lot for helping me out.
>
> > I'm currently using Guacamole-0.9.12 and CAS version is 3.4.1. The CAS
> > module was obtained from the github (incubator-guacamole-client
> > <https://github.com/apache/incubator-guacamole-client/
> tree/master/extensions/guacamole-auth-cas>)
> > and version modified to support 0.9.12 instead of 0.9.13.
>
> I suspect this is the issue. There were some changes made outside of the
> CAS module between 0.9.12 and the 0.9.13 branch to improve the CAS redirect
> support, so I suspect you're hitting a case where the 0.9.12 code doesn't
> match up with the 0.9.13 module. Is there any way you can try it with
> consistent versions across the board?
>
> > Apache-Tomcat 8.5.15 is my java application server and currently for
> > testing purposes I'm not using any front end proxy server.
>
> > My guacamole.properties file contains the following Data
>
> > cas-authorization-endpoint: https://cas.iu.edu/cas/login
> > cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
> Looks good.
>
> > CAS auth module is the only authentication module I'm loading.
> The thing to keep in mind about the CAS authentication module is that it
> does not supply any actual connections. So, using it by itself is going to
> be less-than-useful - you'll need to configure connections some other way,
> either using the file module, or by loading another module (JDBC is
> probably the most useful in this scenario) and configuring the connections
> in that module.
> -Nick
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Nick Couchman <ni...@yahoo.com.INVALID>.
On Thursday, July 13, 2017, 9:54:47 AM EDT, Kaushik Srinivasan <ka...@umail.iu.edu> wrote:
> Hi Nick
> Thanks a lot for helping me out.
> I'm currently using Guacamole-0.9.12 and CAS version is 3.4.1. The CAS
> module was obtained from the github (incubator-guacamole-client
> <https://github.com/apache/incubator-guacamole-client/tree/master/extensions/guacamole-auth-cas>)
> and version modified to support 0.9.12 instead of 0.9.13.
I suspect this is the issue. There were some changes made outside of the CAS module between 0.9.12 and the 0.9.13 branch to improve the CAS redirect support, so I suspect you're hitting a case where the 0.9.12 code doesn't match up with the 0.9.13 module. Is there any way you can try it with consistent versions across the board?
> Apache-Tomcat 8.5.15 is my java application server and currently for
> testing purposes I'm not using any front end proxy server.
> My guacamole.properties file contains the following Data
> cas-authorization-endpoint: https://cas.iu.edu/cas/login
> cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
Looks good.
> CAS auth module is the only authentication module I'm loading.
The thing to keep in mind about the CAS authentication module is that it does not supply any actual connections. So, using it by itself is going to be less-than-useful - you'll need to configure connections some other way, either using the file module, or by loading another module (JDBC is probably the most useful in this scenario) and configuring the connections in that module.
-Nick
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Kaushik Srinivasan <ka...@umail.iu.edu>.
Hi Nick
Thanks a lot for helping me out.
I'm currently using Guacamole-0.9.12 and CAS version is 3.4.1. The CAS
module was obtained from the github (incubator-guacamole-client
<https://github.com/apache/incubator-guacamole-client/tree/master/extensions/guacamole-auth-cas>)
and version modified to support 0.9.12 instead of 0.9.13.
Apache-Tomcat 8.5.15 is my java application server and currently for
testing purposes I'm not using any front end proxy server.
My guacamole.properties file contains the following Data
cas-authorization-endpoint: https://cas.iu.edu/cas/login
cas-redirect-uri: http://poc1.dyndns-at-work.com:8080/guacamole
CAS auth module is the only authentication module I'm loading.
There are no errors in the server logs but the following warning is present.
*13-Jul-2017 13:42:02.671 WARNING [localhost-startStop-1]
com.google.inject.internal.ProxyFactory.<init> Method [public void
org.apache.guacamole.rest.user.UserResource.UpdateObject(java.lang.Object)
throws org.apache.guacamole.GuacamoleException] is synthetic and is being
intercepted by [org.apache.guacamole.rest.RESTExceptionWrapper@1cd466f].
This could indicate a bug. The method may be intercepted twice, or may not
be intercepted at all.*
I do not think this is related to the issue I'm facing with the auth module.
Apart from these I have a related question.
If I do not specify my connection details anywhere, how does the Gucamole
Server know where to connect to after being authenticated by the CAS Module?
Thanks.
Regards
Kaushik Srinivasan
On Thu, Jul 13, 2017 at 9:07 AM, Nick Couchman <
nick.couchman@yahoo.com.invalid> wrote:
> On Thursday, July 13, 2017, 9:00:05 AM EDT, Nick Couchman <
> nick.couchman@yahoo.com.INVALID> wrote:
>
> > On Tuesday, July 11, 2017, 9:58:59 PM EDT, Kaushik Srinivasan <
> kausrini@umail.iu.edu> wrote:
> >> Hello All,
> >> I've been trying to test the CAS module for guacamole. Once I login to
> the
> >> CAS page, I'm redirected to the Guacamole server but the page gets
> stuck in
> >> an Infinite loop. I believe this is because the page repeatedly queries
> the
> >> CAS server with which I have already Authenticated.
>
> >> Also, I have not provided any Connection information ( For RDP
> connectionn)
> >> anywhere.
>
> >> I couldn't find any documentation so not sure what I'm missing.
>
> >> Can anyone point out what I'm doing wrong?
>
> >> Thanks
>
> >> Regards
> > > Kaushik Srinivasan
> > Kaushik,I'm happy to try to help track down the problem you're running
> into - here's a list of things that would be helpful in debugging this:-
> Exact version of Guacamole you're using and where you obtained it (git
> master, 0.9.13-staging, etc.)- Exact version of CAS you're using-
> Make/version of Java application server (Tomcat 8.x, JBoss, etc.)- Any
> front-end proxy to the application server - e.g Nginx, Apache httpd, etc.?-
> Have you specified both of the following directives in your
> guacamole.properties file: cas-authorization-endpoint, cas-redirect-uri?
> If not, please do - if so, please report what you have them set to.
>
> > Beyond that, I'd make sure your application server is in debug or trace
> logging mode and see if any errors are being logged.
> > -Nick
> One other thing I forgot - what other Guacamole authentication modules are
> you loading?
> -Nick
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Nick Couchman <ni...@yahoo.com.INVALID>.
On Thursday, July 13, 2017, 9:00:05 AM EDT, Nick Couchman <ni...@yahoo.com.INVALID> wrote:
> On Tuesday, July 11, 2017, 9:58:59 PM EDT, Kaushik Srinivasan <ka...@umail.iu.edu> wrote:
>> Hello All,
>> I've been trying to test the CAS module for guacamole. Once I login to the
>> CAS page, I'm redirected to the Guacamole server but the page gets stuck in
>> an Infinite loop. I believe this is because the page repeatedly queries the
>> CAS server with which I have already Authenticated.
>> Also, I have not provided any Connection information ( For RDP connectionn)
>> anywhere.
>> I couldn't find any documentation so not sure what I'm missing.
>> Can anyone point out what I'm doing wrong?
>> Thanks
>> Regards
> > Kaushik Srinivasan
> Kaushik,I'm happy to try to help track down the problem you're running into - here's a list of things that would be helpful in debugging this:- Exact version of Guacamole you're using and where you obtained it (git master, 0.9.13-staging, etc.)- Exact version of CAS you're using- Make/version of Java application server (Tomcat 8.x, JBoss, etc.)- Any front-end proxy to the application server - e.g Nginx, Apache httpd, etc.?- Have you specified both of the following directives in your guacamole.properties file: cas-authorization-endpoint, cas-redirect-uri? If not, please do - if so, please report what you have them set to.
> Beyond that, I'd make sure your application server is in debug or trace logging mode and see if any errors are being logged.
> -Nick
One other thing I forgot - what other Guacamole authentication modules are you loading?
-Nick
Re: [DISCUSS] Scope of 0.9.13-incubating
Posted by Nick Couchman <ni...@yahoo.com.INVALID>.
On Tuesday, July 11, 2017, 9:58:59 PM EDT, Kaushik Srinivasan <ka...@umail.iu.edu> wrote:
> Hello All,
> > I've been trying to test the CAS module for guacamole. Once I login to the
> CAS page, I'm redirected to the Guacamole server but the page gets stuck in
> an Infinite loop. I believe this is because the page repeatedly queries the
> CAS server with which I have already Authenticated.
> Also, I have not provided any Connection information ( For RDP connectionn)
> anywhere.
> I couldn't find any documentation so not sure what I'm missing.
> Can anyone point out what I'm doing wrong?
> Thanks
> Regards
> Kaushik Srinivasan
Kaushik,I'm happy to try to help track down the problem you're running into - here's a list of things that would be helpful in debugging this:- Exact version of Guacamole you're using and where you obtained it (git master, 0.9.13-staging, etc.)- Exact version of CAS you're using- Make/version of Java application server (Tomcat 8.x, JBoss, etc.)- Any front-end proxy to the application server - e.g Nginx, Apache httpd, etc.?- Have you specified both of the following directives in your guacamole.properties file: cas-authorization-endpoint, cas-redirect-uri? If not, please do - if so, please report what you have them set to.
Beyond that, I'd make sure your application server is in debug or trace logging mode and see if any errors are being logged.
-Nick