guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Jumper <>
Subject Re: Unable to get Duo 2FA to work with Guacamole
Date Wed, 14 Feb 2018 21:07:55 GMT
On Wed, Feb 14, 2018 at 5:53 AM, amlamarra <> wrote:
> When I was getting this setup, for some reason, 0.9.14 didn't work. I think
> the page wouldn't load, but I can't remember exactly. Anyway, I tried 0.9.13
> and it worked fine. Maybe some incompatibility with Jetty8?

It's unlikely that anything in 0.9.14 broke compatibility with Jetty
8. It would be good to see the logs for that failure, though. Without
those logs, everything is speculation.

> > What about guacamole-auth-duo-0.9.13-incubating.jar?
> Good question. Not sure why I don't have that file in there... Anyway, I
> just put it there, restarted Jetty, and no change :(

Prior to 0.9.14, /etc/guacamole was not a default location for
GUACAMOLE_HOME, and would not be used unless explicitly overridden
somehow. Are you sure that both extensions are indeed in the correct
location, and that you haven't somehow ended up with two
GUACAMOLE_HOME directories - one from your previous install which
contains only the MySQL extension, and another at /etc/guacamole which
is being ignored?

> > I'm not sure what file Jetty would log things to, but there should be a
> > file containing substantial logging messages from Guacamole during
> > startup, including each extension as they are loaded. Assuming you can
> > find the file containing these messages, can you provide those logs?
> The logs are mostly in this file: /var/log/jetty8/stderrout.log
> The default was /var/log/jetty8/yyyy_mm_dd.stderrout.log, but I managed to
> strip off the date stamp to make it easier to use with fail2ban.
> These are the logs that are generated when I do a "systemctl restart
> jetty8":
> 08:44:21.637 [main] INFO  o.a.g.extension.ExtensionModule - Extension "MySQL Authentication"
> 08:44:24.382 [main] INFO  o.a.g.t.w.j.WebSocketTunnelModule - Loading Jetty 8 WebSocket
> ...

For all .jar files within the GUACAMOLE_HOME/extensions/ directory,
Guacamole will log something, either that the extension was
successfully loaded (as you see here for the MySQL extension) or that
the extension could not be loaded. If you're not seeing anything
whatsoever for the Duo extension, then it must not be in the location
being searched by Guacamole.

- Mike

View raw message