You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by Passerini Marco <ma...@cscs.ch> on 2021/03/25 15:14:26 UTC
Problems with Postgres DB authentication
Hi,
I just installed Guacamole on Centos7 using the EPEL guacd:
guacd-1.3.0-1.el7.x86_64
Tomcat:
tomcat-7.0.76-16.el7_9.noarch
The client from the official site:
guacamole-1.3.0.war
The JDBC connector from the official site:
guacamole-auth-jdbc-1.3.0.tar.gz
And the connector from the postgres site:
postgresql-42.2.19.jar
I created the properties file:
[root@mfa-guacamole guacamole]# cat /etc/guacamole/guacamole.properties
# Hostname and port of guacamole proxy
guacd-hostname: 127.0.0.1
guacd-port: 4822
# PostgreSQL properties
postgresql-hostname: 127.0.0.1
postgresql-port: 5432
postgresql-database: guacamole_db
postgresql-username: guacamole_user
postgresql-password: ****
And loaded the schema in the DB using the connector .sql scripts.
I can startup tomcat and I can see the login web interface. However, when I try try to authenticate, I get the following error.
Do you know what could the problem be?
####
Mar 25 16:08:40 mfa-guacamole server: INFO: Deployment of web application directory /var/lib/tomcat/webapps/docs has finished in 881 ms
Mar 25 16:08:40 mfa-guacamole server: Mar 25, 2021 4:08:40 PM org.apache.coyote.AbstractProtocol start
Mar 25 16:08:40 mfa-guacamole server: INFO: Starting ProtocolHandler ["http-bio-8080"]
Mar 25 16:08:40 mfa-guacamole server: Mar 25, 2021 4:08:40 PM org.apache.coyote.AbstractProtocol start
Mar 25 16:08:40 mfa-guacamole server: INFO: Starting ProtocolHandler ["ajp-bio-8009"]
Mar 25 16:08:40 mfa-guacamole server: Mar 25, 2021 4:08:40 PM org.apache.catalina.startup.Catalina start
Mar 25 16:08:40 mfa-guacamole server: INFO: Server startup in 14732 ms
Mar 25 16:08:51 mfa-guacamole server: 16:08:51.077 [http-bio-8080-exec-5] DEBUG o.a.g.a.f.FileAuthenticationProvider - User mapping file "/usr/share/tomcat/.guacamole/user-mapping.xml" does not exist and will not be read.
Mar 25 16:08:51 mfa-guacamole server: 16:08:51.078 [http-bio-8080-exec-5] DEBUG o.a.g.r.auth.AuthenticationService - Anonymous authentication attempt from 148.187.134.57 failed.
Mar 25 16:08:51 mfa-guacamole server: 16:08:51.078 [http-bio-8080-exec-5] DEBUG o.a.g.rest.RESTExceptionMapper - Client request rejected: Invalid login
Mar 25 16:09:03 mfa-guacamole server: 16:09:03.006 [http-bio-8080-exec-6] WARN o.a.g.e.AuthenticationProviderFacade - The "postgresql" authentication provider has encountered an internal error which will halt the authentication process. If this is unexpected or you are the developer of this authentication provider, you may wish to enable debug-level logging. If this is expected and you wish to ignore such failures in the future, please set "skip-if-unavailable: postgresql" within your guacamole.properties.
Mar 25 16:09:03 mfa-guacamole server: 16:09:03.007 [http-bio-8080-exec-6] ERROR o.a.g.rest.RESTExceptionMapper - Unexpected internal error: org.apache.guacamole.auth.jdbc.user.UserModel cannot be cast to org.apache.guacamole.auth.jdbc.user.UserModel
Mar 25 16:09:03 mfa-guacamole server: 16:09:03.008 [http-bio-8080-exec-6] DEBUG o.a.g.rest.RESTExceptionMapper - Unexpected error in REST endpoint.
Mar 25 16:09:03 mfa-guacamole server: java.lang.ClassCastException: org.apache.guacamole.auth.jdbc.user.UserModel cannot be cast to org.apache.guacamole.auth.jdbc.user.UserModel
Mar 25 16:09:03 mfa-guacamole server: at com.sun.proxy.$Proxy35.selectOne(Unknown Source)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.guacamole.auth.jdbc.user.UserService.retrieveAuthenticatedUser(UserService.java:367)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.guacamole.auth.jdbc.JDBCAuthenticationProviderService.authenticateUser(JDBCAuthenticationProviderService.java:76)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.guacamole.auth.jdbc.InjectedAuthenticationProvider.authenticateUser(InjectedAuthenticationProvider.java:76)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.guacamole.extension.AuthenticationProviderFacade.authenticateUser(AuthenticationProviderFacade.java:190)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.guacamole.rest.auth.AuthenticationService.authenticateUser(AuthenticationService.java:174)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.guacamole.rest.auth.AuthenticationService.getAuthenticatedUser(AuthenticationService.java:300)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.guacamole.rest.auth.AuthenticationService.authenticate(AuthenticationService.java:453)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.guacamole.rest.auth.TokenRESTService.createToken(TokenRESTService.java:174)
Mar 25 16:09:03 mfa-guacamole server: at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
Mar 25 16:09:03 mfa-guacamole server: at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
Mar 25 16:09:03 mfa-guacamole server: at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
Mar 25 16:09:03 mfa-guacamole server: at java.lang.reflect.Method.invoke(Method.java:498)
Mar 25 16:09:03 mfa-guacamole server: at com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)
Mar 25 16:09:03 mfa-guacamole server: at com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)
Mar 25 16:09:03 mfa-guacamole server: at com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)
Mar 25 16:09:03 mfa-guacamole server: at com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:302)
Mar 25 16:09:03 mfa-guacamole server: at com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:108)
Mar 25 16:09:03 mfa-guacamole server: at com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
Mar 25 16:09:03 mfa-guacamole server: at com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:84)
Mar 25 16:09:03 mfa-guacamole server: at com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1511)
Mar 25 16:09:03 mfa-guacamole server: at com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1442)
Mar 25 16:09:03 mfa-guacamole server: at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1391)
Mar 25 16:09:03 mfa-guacamole server: at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1381)
Mar 25 16:09:03 mfa-guacamole server: at com.sun.jersey.spi.container.servlet.WebComponent.service(WebComponent.java:416)
Mar 25 16:09:03 mfa-guacamole server: at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:538)
Mar 25 16:09:03 mfa-guacamole server: at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:716)
Mar 25 16:09:03 mfa-guacamole server: at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
Mar 25 16:09:03 mfa-guacamole server: at com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:263)
Mar 25 16:09:03 mfa-guacamole server: at com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:178)
Mar 25 16:09:03 mfa-guacamole server: at com.google.inject.servlet.ManagedServletPipeline.service(ManagedServletPipeline.java:91)
Mar 25 16:09:03 mfa-guacamole server: at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:62)
Mar 25 16:09:03 mfa-guacamole server: at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:118)
Mar 25 16:09:03 mfa-guacamole server: at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:113)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:498)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)
Mar 25 16:09:03 mfa-guacamole server: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
Mar 25 16:09:03 mfa-guacamole server: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
Mar 25 16:09:03 mfa-guacamole server: at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
Mar 25 16:09:03 mfa-guacamole server: at java.lang.Thread.run(Thread.java:748)
###
Regards,
Marco Passerini
Re: Problems with Postgres DB authentication
Posted by Passerini Marco <ma...@cscs.ch>.
Hi,
Ok thanks, I did the cleanup you mentioned.. and I also disabled SELinux. After several attempts I got it to work, not sure what was wrong, possible a combination of things. Thanks!
Marco Passerini
________________________________
From: Nick Couchman <vn...@apache.org>
Sent: Saturday, March 27, 2021 2:07:24 AM
To: user@guacamole.apache.org
Subject: Re: Problems with Postgres DB authentication
On Fri, Mar 26, 2021 at 3:56 AM Passerini Marco <ma...@cscs.ch>> wrote:
Hi,
Ok I did a bit of a cleanup and those errors are now gone. But I still cannot authenticate.. this is what I get:
[root@mfa-guacamole guacamole]# find /etc/guacamole/
/etc/guacamole/
/etc/guacamole/guacamole-1.3.0.war
/etc/guacamole/lib
/etc/guacamole/extensions
/etc/guacamole/guacd.conf
/etc/guacamole/logback.xml
/etc/guacamole/guacamole.properties
Looks okay.
[root@mfa-guacamole guacamole]# ls -lah /usr/share/tomcat/.guacamole
lrwxrwxrwx. 1 root root 14 Mar 25 10:13 /usr/share/tomcat/.guacamole -> /etc/guacamole
This should not be necessary in recent versions of Guacamole. /etc/guacamole is already considered the default location for Guacamole configuration.
[root@mfa-guacamole guacamole]# ls -lah /var/lib/tomcat/webapps/guacamole-1.3.0.war
lrwxrwxrwx. 1 root root 34 Mar 25 14:56 /var/lib/tomcat/webapps/guacamole-1.3.0.war -> /etc/guacamole/guacamole-1.3.0.war
Okay, this should be fine. Not really necessary - the WAR file is expendable, and I don't know that there's any reason not to just place the file directly into the webapps directory?
# this might not be the conventional location for these.. but it seem to work?
[root@mfa-guacamole guacamole]# ls -lah /var/lib/tomcat/webapps/guacamole-1.3.0/WEB-INF/lib/guacamole-auth-jdbc-postgresql-1.3.0.jar
-rw-r--r--. 1 tomcat tomcat 5.5M Mar 26 08:14 /var/lib/tomcat/webapps/guacamole-1.3.0/WEB-INF/lib/guacamole-auth-jdbc-postgresql-1.3.0.jar
[root@mfa-guacamole guacamole]# ls -lah /var/lib/tomcat/webapps/guacamole-1.3.0/WEB-INF/lib/postgresql-42.2.19.jar
-rw-r--r--. 1 tomcat tomcat 982K Mar 25 15:23 /var/lib/tomcat/webapps/guacamole-1.3.0/WEB-INF/lib/postgresql-42.2.19.jar
I would not do this, and, no, I do not think it's working. First, if Tomcat ever decides to re-deploy the Guacamole WAR file, you *WILL* lose all of this. Second, I don't think Guacamole will pick up the authentication extensions, here (see below).
Mar 26 08:47:36 mfa-guacamole server: 08:47:36.962 [http-bio-8080-exec-7] DEBUG o.a.g.a.f.FileAuthenticationProvider - User mapping file "/usr/share/tomcat/.guacamole/user-mapping.xml" does not exist and will not be read.
Mar 26 08:47:36 mfa-guacamole server: 08:47:36.964 [http-bio-8080-exec-7] DEBUG o.a.g.r.auth.AuthenticationService - Anonymous authentication attempt from 148.187.134.75 failed.
Mar 26 08:47:36 mfa-guacamole server: 08:47:36.964 [http-bio-8080-exec-7] DEBUG o.a.g.rest.RESTExceptionMapper - Client request rejected: Permission Denied.
Mar 26 08:47:41 mfa-guacamole server: 08:47:41.456 [http-bio-8080-exec-1] DEBUG o.a.g.a.f.FileAuthenticationProvider - User mapping file "/usr/share/tomcat/.guacamole/user-mapping.xml" does not exist and will not be read.
Mar 26 08:47:41 mfa-guacamole server: 08:47:41.472 [http-bio-8080-exec-1] WARN o.a.g.r.auth.AuthenticationService - Authentication attempt from 148.187.134.75 for user "guacadmin" failed.
Mar 26 08:47:41 mfa-guacamole server: 08:47:41.472 [http-bio-8080-exec-1] DEBUG o.a.g.rest.RESTExceptionMapper - Client request rejected: Permission Denied.
There is no indication in the log file, here, that the JDBC module is actually getting loaded or processed - I don't see any references, here, to the module. You should place the JDBC extension JAR in /etc/guacamole/extensions, and the PostgreSQL JDBC driver JAR in /etc/guacamole/lib.
You're doing a lot of extra stuff, here - I highly suggest you follow the instructions in the manual a little more closely and avoid some of the extras, here, at least until you get a working configuration.
http://guacamole.apache.org/doc/gug/jdbc-auth.html
-Nick
Re: Problems with Postgres DB authentication
Posted by Nick Couchman <vn...@apache.org>.
On Fri, Mar 26, 2021 at 3:56 AM Passerini Marco <ma...@cscs.ch>
wrote:
> Hi,
>
> Ok I did a bit of a cleanup and those errors are now gone. But I still
> cannot authenticate.. this is what I get:
>
> [root@mfa-guacamole guacamole]# find /etc/guacamole/
> /etc/guacamole/
> /etc/guacamole/guacamole-1.3.0.war
> /etc/guacamole/lib
> /etc/guacamole/extensions
> /etc/guacamole/guacd.conf
> /etc/guacamole/logback.xml
> /etc/guacamole/guacamole.properties
>
>
Looks okay.
>
> [root@mfa-guacamole guacamole]# ls -lah /usr/share/tomcat/.guacamole
> lrwxrwxrwx. 1 root root 14 Mar 25 10:13 /usr/share/tomcat/.guacamole ->
> /etc/guacamole
>
>
This should not be necessary in recent versions of Guacamole.
/etc/guacamole is already considered the default location for Guacamole
configuration.
> [root@mfa-guacamole guacamole]# ls -lah
> /var/lib/tomcat/webapps/guacamole-1.3.0.war
> lrwxrwxrwx. 1 root root 34 Mar 25 14:56
> /var/lib/tomcat/webapps/guacamole-1.3.0.war ->
> /etc/guacamole/guacamole-1.3.0.war
>
>
Okay, this should be fine. Not really necessary - the WAR file is
expendable, and I don't know that there's any reason not to just place the
file directly into the webapps directory?
> # this might not be the conventional location for these.. but it seem to
> work?
>
> [root@mfa-guacamole guacamole]# ls -lah
> /var/lib/tomcat/webapps/guacamole-1.3.0/WEB-INF/lib/guacamole-auth-jdbc-postgresql-1.3.0.jar
>
> -rw-r--r--. 1 tomcat tomcat 5.5M Mar 26 08:14
> /var/lib/tomcat/webapps/guacamole-1.3.0/WEB-INF/lib/guacamole-auth-jdbc-postgresql-1.3.0.jar
> [root@mfa-guacamole guacamole]# ls -lah
> /var/lib/tomcat/webapps/guacamole-1.3.0/WEB-INF/lib/postgresql-42.2.19.jar
> -rw-r--r--. 1 tomcat tomcat 982K Mar 25 15:23
> /var/lib/tomcat/webapps/guacamole-1.3.0/WEB-INF/lib/postgresql-42.2.19.jar
>
>
I would not do this, and, no, I do not think it's working. First, if Tomcat
ever decides to re-deploy the Guacamole WAR file, you *WILL* lose all of
this. Second, I don't think Guacamole will pick up the authentication
extensions, here (see below).
>
> Mar 26 08:47:36 mfa-guacamole server: 08:47:36.962 [http-bio-8080-exec-7]
> DEBUG o.a.g.a.f.FileAuthenticationProvider - User mapping file
> "/usr/share/tomcat/.guacamole/user-mapping.xml" does not exist and will not
> be read.
> Mar 26 08:47:36 mfa-guacamole server: 08:47:36.964 [http-bio-8080-exec-7]
> DEBUG o.a.g.r.auth.AuthenticationService - Anonymous authentication attempt
> from 148.187.134.75 failed.
> Mar 26 08:47:36 mfa-guacamole server: 08:47:36.964 [http-bio-8080-exec-7]
> DEBUG o.a.g.rest.RESTExceptionMapper - Client request rejected: Permission
> Denied.
> Mar 26 08:47:41 mfa-guacamole server: 08:47:41.456 [http-bio-8080-exec-1]
> DEBUG o.a.g.a.f.FileAuthenticationProvider - User mapping file
> "/usr/share/tomcat/.guacamole/user-mapping.xml" does not exist and will not
> be read.
> Mar 26 08:47:41 mfa-guacamole server: 08:47:41.472 [http-bio-8080-exec-1]
> WARN o.a.g.r.auth.AuthenticationService - Authentication attempt from
> 148.187.134.75 for user "guacadmin" failed.
> Mar 26 08:47:41 mfa-guacamole server: 08:47:41.472 [http-bio-8080-exec-1]
> DEBUG o.a.g.rest.RESTExceptionMapper - Client request rejected: Permission
> Denied.
>
>
> There is no indication in the log file, here, that the JDBC module is
actually getting loaded or processed - I don't see any references, here, to
the module. You should place the JDBC extension JAR in
/etc/guacamole/extensions, and the PostgreSQL JDBC driver JAR in
/etc/guacamole/lib.
You're doing a lot of extra stuff, here - I highly suggest you follow the
instructions in the manual a little more closely and avoid some of the
extras, here, at least until you get a working configuration.
http://guacamole.apache.org/doc/gug/jdbc-auth.html
-Nick
>
Re: Problems with Postgres DB authentication
Posted by Passerini Marco <ma...@cscs.ch>.
Hi,
Ok I did a bit of a cleanup and those errors are now gone. But I still cannot authenticate.. this is what I get:
[root@mfa-guacamole guacamole]# find /etc/guacamole/
/etc/guacamole/
/etc/guacamole/guacamole-1.3.0.war
/etc/guacamole/lib
/etc/guacamole/extensions
/etc/guacamole/guacd.conf
/etc/guacamole/logback.xml
/etc/guacamole/guacamole.properties
[root@mfa-guacamole guacamole]# ls -lah /usr/share/tomcat/.guacamole
lrwxrwxrwx. 1 root root 14 Mar 25 10:13 /usr/share/tomcat/.guacamole -> /etc/guacamole
[root@mfa-guacamole guacamole]# ls -lah /var/lib/tomcat/webapps/guacamole-1.3.0.war
lrwxrwxrwx. 1 root root 34 Mar 25 14:56 /var/lib/tomcat/webapps/guacamole-1.3.0.war -> /etc/guacamole/guacamole-1.3.0.war
# this might not be the conventional location for these.. but it seem to work?
[root@mfa-guacamole guacamole]# ls -lah /var/lib/tomcat/webapps/guacamole-1.3.0/WEB-INF/lib/guacamole-auth-jdbc-postgresql-1.3.0.jar
-rw-r--r--. 1 tomcat tomcat 5.5M Mar 26 08:14 /var/lib/tomcat/webapps/guacamole-1.3.0/WEB-INF/lib/guacamole-auth-jdbc-postgresql-1.3.0.jar
[root@mfa-guacamole guacamole]# ls -lah /var/lib/tomcat/webapps/guacamole-1.3.0/WEB-INF/lib/postgresql-42.2.19.jar
-rw-r--r--. 1 tomcat tomcat 982K Mar 25 15:23 /var/lib/tomcat/webapps/guacamole-1.3.0/WEB-INF/lib/postgresql-42.2.19.jar
-bash-4.2$ createdb guacamole_db
-bash-4.2$ psql -d guacamole_db
psql (9.2.24)
Type "help" for help.
guacamole_db=# CREATE USER guacamole_user WITH PASSWORD '****';
CREATE ROLE
guacamole_db=# GRANT SELECT,INSERT,UPDATE,DELETE ON ALL TABLES IN SCHEMA public TO guacamole_user;
GRANT
guacamole_db=# GRANT SELECT,USAGE ON ALL SEQUENCES IN SCHEMA public TO guacamole_user;
GRANT
guacamole_db=# \q
cat /tmp/guacamole-auth-jdbc-1.3.0/postgresql/schema/*.sql | psql -d guacamole_db -f -
[root@mfa-guacamole guacamole]# cat /etc/guacamole/guacamole.properties
# Hostname and port of guacamole proxy
guacd-hostname: 127.0.0.1
guacd-port: 4822
# PostgreSQL properties
postgresql-hostname: 127.0.0.1
postgresql-port: 5432
postgresql-database: guacamole_db
postgresql-username: guacamole_user
postgresql-password: ****
guacamole_db=# select * from guacamole_entity;
-[ RECORD 1 ]--------
entity_id | 1
name | guacadmin
type | USER
guacamole_db=# select * from guacamole_user;
-[ RECORD 1 ]-------+-------------------------------------------------------------------
user_id | 1
entity_id | 1
password_hash | \x**********
password_salt | \x**********
password_date | 2021-03-25 15:37:14.792576+01
disabled | f
expired | f
access_window_start |
access_window_end |
valid_from |
valid_until |
timezone |
full_name |
email_address |
organization |
organizational_role |
Mar 26 08:47:36 mfa-guacamole server: 08:47:36.962 [http-bio-8080-exec-7] DEBUG o.a.g.a.f.FileAuthenticationProvider - User mapping file "/usr/share/tomcat/.guacamole/user-mapping.xml" does not exist and will not be read.
Mar 26 08:47:36 mfa-guacamole server: 08:47:36.964 [http-bio-8080-exec-7] DEBUG o.a.g.r.auth.AuthenticationService - Anonymous authentication attempt from 148.187.134.75 failed.
Mar 26 08:47:36 mfa-guacamole server: 08:47:36.964 [http-bio-8080-exec-7] DEBUG o.a.g.rest.RESTExceptionMapper - Client request rejected: Permission Denied.
Mar 26 08:47:41 mfa-guacamole server: 08:47:41.456 [http-bio-8080-exec-1] DEBUG o.a.g.a.f.FileAuthenticationProvider - User mapping file "/usr/share/tomcat/.guacamole/user-mapping.xml" does not exist and will not be read.
Mar 26 08:47:41 mfa-guacamole server: 08:47:41.472 [http-bio-8080-exec-1] WARN o.a.g.r.auth.AuthenticationService - Authentication attempt from 148.187.134.75 for user "guacadmin" failed.
Mar 26 08:47:41 mfa-guacamole server: 08:47:41.472 [http-bio-8080-exec-1] DEBUG o.a.g.rest.RESTExceptionMapper - Client request rejected: Permission Denied.
Regards
Marco Passerini
________________________________
From: Mike Jumper <mi...@glyptodon.com>
Sent: Thursday, March 25, 2021 6:30:28 PM
To: user@guacamole.apache.org
Subject: Re: Problems with Postgres DB authentication
On Thu, Mar 25, 2021 at 8:14 AM Passerini Marco <ma...@cscs.ch>> wrote:
Hi,
...
Mar 25 16:09:03 mfa-guacamole server: 16:09:03.007 [http-bio-8080-exec-6] ERROR o.a.g.rest.RESTExceptionMapper - Unexpected internal error: org.apache.guacamole.auth.jdbc.user.UserModel cannot be cast to org.apache.guacamole.auth.jdbc.user.UserModel
There is only one implementation of UserModel, and Java should definitely not have any issue with a class being cast to itself. The only way I can imagine the above error occurring is if multiple copies of the database extension are present in the classpath.
Where have each of the .jar files for any extensions, the PostgreSQL JDBC driver, etc. been placed?
Michael Jumper
CEO, Lead Developer
Glyptodon Inc<https://enterprise.glyptodon.com/>.
Re: Problems with Postgres DB authentication
Posted by Mike Jumper <mi...@glyptodon.com>.
On Thu, Mar 25, 2021 at 8:14 AM Passerini Marco <ma...@cscs.ch>
wrote:
> Hi,
>
> ...
> Mar 25 16:09:03 mfa-guacamole server: 16:09:03.007 [http-bio-8080-exec-6]
> ERROR o.a.g.rest.RESTExceptionMapper - Unexpected internal error:
> org.apache.guacamole.auth.jdbc.user.UserModel cannot be cast to
> org.apache.guacamole.auth.jdbc.user.UserModel
>
There is only one implementation of UserModel, and Java should definitely
not have any issue with a class being cast to itself. The only way I can
imagine the above error occurring is if multiple copies of the database
extension are present in the classpath.
Where have each of the .jar files for any extensions, the PostgreSQL JDBC
driver, etc. been placed?
Michael Jumper
CEO, Lead Developer
Glyptodon Inc <https://enterprise.glyptodon.com/>.