Hi Nick, thanks for your help and your suggestions. I created /etc/guacamole and put guacamole.properties into this directory. The file has the following content:
guacd-hostname: localhost guacd-port: 4822 user-mapping: /etc/guacamole/user-mapping.xml I also put my user-mapping.xml file into this directory (same content as before). I added the line "guacamole.home=/etc/guacamole" to /etc/tomcat/catalina.properties and restarted tomcat. The permissions of the /etc/guacamole directory and its files were set such that tomcat can access all files (tomcat.root, 400). Looking at /var/log/messages after the restart reveals the following lines which might be related to the issue: Oct 18 12:00:46 server: 12:00:46.936 [localhost-startStop-1] INFO o.a.g.environment.LocalEnvironment - No guacamole.properties file found within GUACAMOLE_HOME or the classpath. Using defaults. Oct 18 12:00:47 server: 12:00:47.030 [localhost-startStop-1] INFO o.a.g.rest.auth.HashTokenSessionMap - Sessions will expire after 60 minutes of inactivity. Oct 18 12:00:47 server: 12:00:47.153 [localhost-startStop-1] INFO o.a.g.environment.LocalEnvironment - No guacamole.properties file found within GUACAMOLE_HOME or the classpath. Using defaults. Oct 18 12:00:47 server: 12:00:47.273 [localhost-startStop-1] INFO o.a.g.t.w.WebSocketTunnelModule - Loading JSR-356 WebSocket support... Oct 18 12:00:47 server: Oct 18, 2017 12:00:47 PM com.google.inject.internal.ProxyFactory <init> Oct 18 12:00:47 server: WARNING: Method [public void org.apache.guacamole.rest.user.UserResource.updateObject(java.lang.Object) throws org.apache.guacamole.GuacamoleException] is synthetic and is being intercepted by [org.apache.guacamole.rest.RESTExceptionWrapper@64eba1f3]. This could indicate a bug. The method may be intercepted twice, or may not be intercepted at all. So first it doesn't seem to find the guacamole.properties file for some reason and then an exception occurs in "UserResource" which may indicate that there's something wrong with the user settings. I now also added the environment variable GUACAMOLE_HOME to /etc/sysconfig/tomcat such that it is in the environment of tomcat as follows: [root@test-guacamole ~]# cat /proc/2469/environ | tr '\0' '\n' TOMCATS_BASE=/var/lib/tomcats/ GUACAMOLE_HOME=/etc/guacamole SHELL=/sbin/nologin CATALINA_HOME=/usr/share/tomcat OLDPWD=/ NAME= USER=tomcat TOMCAT_CFG_LOADED=1 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin PWD=/usr/share/tomcat JAVA_HOME=/usr/lib/jvm/jre LANG=en_US.UTF-8 SHLVL=0 HOME=/usr/share/tomcat SECURITY_MANAGER=false LOGNAME=tomcat CATALINA_TMPDIR=/var/cache/tomcat/temp After a restart of tomcat, again the same messages occur, i.e., Guacamole claims that guacamole.properties can't be found. BTW: I looked through the logs and this set of messages occurred also when I put the files into CATALINA_HOME (my original try). I'm puzzled why it can't find the files. Any idea how to solve this (or just get more output to find out what guacamole tries to do) are greatly appreciated. 2017-10-17 4:26 GMT+02:00 Nick Couchman <vn...@apache.org>: > On Mon, Oct 16, 2017 at 2:21 PM, Felix Wolfheimer < > f.wolfhei...@googlemail.com> wrote: > >> >> Hi, >> >> I'm trying to get a VNC connection working using Guacamole. I built and >> installed the guacd and the client without issues, started guacd and >> tomcat, and can see the login page of Guacamole when connecting with the >> browser, but whatever I try with the user-mapping.xml file, I can't log in. >> I installed the "user-mapping.xml" file to /usr/share/tomcat/.guacamole >> (the HOME of the tomcat user is /usr/share/tomcat) and the user-mapping.xml >> file is the one and only file in this directory. It has the following >> content: >> >> <user-mapping> >> <authorize username="testuser" password="testing"> >> <connection name="Cloud Workstation"> >> <protocol>vnc</protocol> >> <param name="hostname">localhost</param> >> <param name="port">5901</param> >> </connection> >> </authorize> >> </user-mapping> >> >> The only message I can find on the server about the failed login is the >> following line in /var/log/messages: >> >> WARN o.a.g.r.auth.AuthenticationService - Authentication attempt from >> x.x.x.x for user "testuser" failed. >> >> I've entered the password multiple times to make sure that I just made a >> typo. >> >> Is there anything I'm missing and are there other places where I can find >> debugging information about the login process which could help >> understanding what goes wrong? >> >> Thanks! >> >> Everything you've done looks fine to me, but I'd suggest doing the > following: > - Edit your catalina.properties file (stored in the same place as the rest > of the Tomcat configs, like server.xml) and add the following line: > guacamole.home=/etc/guacamole > - Create the /etc/guacamole directory and set up permissions such that the > user running Tomcat can access it. > - Put your user-mapping.xml file in /etc/guacamole and restart Tomcat. > Verify permissions on that file, too, to make sure the Tomcat user has read > access. > > See if that works - like I said, what you've done seems like it should > work, so not sure what's going on, but maybe this will help. > > -Nick >