Looks like the logs got dropped...Anyways, I did more testing (Alpine 3.6, Guacamole 0.9.13) and narrowed it down to the "user-mapping" property contained within the guacamole.properties file not being read.

guacamole.properties properties:

guac:/etc/guacamole# cat guacamole.properties
guacd-port: 7777
user-mapping: /etc/guacamole/map/user-mapping.xml

Using the default pathing for user-mapping.xml, I'm able to succesfully authenticate

13:37:49.227 [http-nio-8080-exec-6] DEBUG o.a.g.a.f.FileAuthenticationProvider - Reading user mapping file: "/etc/guacamole/user-mapping.xml"
13:37:49.245 [http-nio-8080-exec-6] DEBUG o.a.g.r.auth.AuthenticationService - Anonymous authentication attempt from failed.
13:38:00.100 [http-nio-8080-exec-8] INFO  o.a.g.r.auth.AuthenticationService - User "username" successfully authenticated from
13:38:00.105 [http-nio-8080-exec-8] DEBUG o.a.g.r.auth.AuthenticationService - Login was successful for user "username".
13:38:00.432 [http-nio-8080-exec-7] DEBUG o.a.g.net.InetGuacamoleSocket - Connecting to guacd at localhost:7777.

But moving the default user-mapping.xml to another location results in the following log entry and updating guacamole.properties accordingly yields::

13:47:53.141 [http-nio-8080-exec-4] DEBUG o.a.g.a.f.FileAuthenticationProvider - User mapping file "/etc/guacamole/user-mapping.xml" does not exist and will not be read.

Is there something I'm overlooking that's really simple? I can confirm that the guacamole.properties file is being read since I can change both the server listening port (guacd via guacd.conf) and client communications port (via guacamole.properties) to one other than 4822.


On Fri, Sep 8, 2017 at 6:08 AM, Nick Couchman <nick.couchman@yahoo.com> wrote:
First, as far as I can tell, none of the log entries are actually pasted in, here.  You might want to send another e-mail with the log entries actually present.

Second, have you tried creating /etc/guacamole as a directory rather than a symlink to another directory to see if it works that way?

Finally, make sure that the GUACMAOLE_HOME environment variable is pointed at the location you want it, and is defined in the Tomcat startup script.

Can you confirm these things, and also post the log file entries.


On Thursday, September 7, 2017, 9:48:31 PM EDT, vfalx <perktvacc@gmail.com> wrote:

I'm facing an odd issue I can't seem to pinpoint regarding the
guacamole.properties file.

I have the following setup:

Alpine Linux 3.6 container (mini root fs) running Tomcat 8.5.20 in
/opt/tomcat as the 'tomcat' user. The 'tomcat' user has a home directory of
/opt/tomcat (defined in /etc/passwd).

Within /opt/tomcat, the .guacamole folder is symlinked to /etc/guacamole

All of the /opt/tomcat and /etc/guacamole are owned by the tomcat user with
+x set for the /opt/tomcat/bin folder

I'm able to successfully compile and run guacd (version 0.9.13). My
logback.xml configuration file is properly applied. guacd can read the
guacd.conf file (located in /etc/guacamole) and bind to port another port
(confirmed by netstat).

What I can't get is the guacamole client (precompiled 0.9.13 war) to read
the guacamole.properties file to customize the path of user-mapping.xml.

I can confirm via the catalina logs that the guacamole.properties is being

when I delete guacamole.properties from /etc/guacamole, the following is the
debug output:

and when I add in the guacamole.properties file and restart tomcat, I get
the following log (implying that the guacamole.properties file has been

My guacamole.properties file has the following:

Here's the user-mapping.xml:

Checking the catalina logs after attempting to authenticate, I see the
following line:

Why is the guacamole client not looking at
/etc/guacamole/map/user-mapping.xml for the user-mapping.xml? It's been
defined in guacamole.properties and the GUACAMOLE_HOME defined via
"The directory .guacamole, located within the home directory of the user
running the servlet container."