英文:
Guacamole websocket error java.lang.IllegalStateException
问题
Our Guacamole 服务器 (v1.4.0) 崩溃了,所以我们恢复了尽可能多的文件,并设置了一个新的服务器:
Ubuntu 22.04
Guacamole 1.5.0
Tomcat 9.0.73
通过 Nginx 进行代理
openjdk 11.0.18 2023-01-17
我们正在使用 LDAP 和 TOTP 认证。
在设置新服务器后,我们的用户可以像以前一样登录和连接,但是我们每分钟都会看到 WebSocket 错误,用户会收到红色横幅消息:
"远程桌面服务器遇到错误并已关闭连接。请再试一次或联系您的系统管理员。"
在检查 Tomcat 日志时,我每次都看到 catalina.out 中的以下信息:
线程"Thread-4"中的异常: java.lang.IllegalStateException: 无法发送消息,因为 WebSocket 会话已关闭
at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.writeMessagePart(WsRemoteEndpointImplBase.java:442)
at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendMessageBlock(WsRemoteEndpointImplBase.java:314)
at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendMessageBlock(WsRemoteEndpointImplBase.java:254)
at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendString(WsRemoteEndpointImplBase.java:195)
at org.apache.tomcat.websocket.WsRemoteEndpointBasic.sendText(WsRemoteEndpointBasic.java:37)
at org.apache.guacamole.websocket.GuacamoleWebSocketTunnelEndpoint.sendInstruction(GuacamoleWebSocketTunnelEndpoint.java:152)
at org.apache.guacamole.websocket.GuacamoleWebSocketTunnelEndpoint.access$200(GuacamoleWebSocketTunnelEndpoint.java:53)
at org.apache.guacamole.websocket.GuacamoleWebSocketTunnelEndpoint$2.run(GuacamoleWebSocketTunnelEndpoint.java:253)
我们没有对我们的 RDP 或 VNC 服务器或网络防火墙进行任何更改,所以我怀疑是新 Guacamole 安装的配置问题。我确保服务器构建时带有所有所需的模块(包括 libwebsockets),并尝试了一些不同的 Tomcat 服务器版本,以查看是否有一些 bug。
到目前为止,我已经没有更多的想法,也没有在搜索引擎中找到更多尝试的方法,非常感谢您提供的其他检查方法。
编辑: 自发布后,我还尝试过:
- 禁用 IPv6
- 升级到 openjdk 19
- Tomcat 版本 9.0.71 和 9.0.21(我们之前使用的版本)
- Guacamole 1.4.0(无法安装,已弃用的代码)
- 添加了绑定到 127.0.0.1 的 guacd.conf(之前我们不需要这个)
错误仍然存在。
英文:
Our Guacamole server (v1.4.0) died so we recovered what files we could and setup a new server:
Ubuntu 22.04
Guacamole 1.5.0
Tomcat 9.0.73
Proxied via Nginx
openjdk 11.0.18 2023-01-17
We're using LDAP and TOTP authentication.
After getting new server setup our users can login and connect as before however we're seeing websocket errors every minute where user is given red banner with message:
The remote desktop server encountered an error and has closed the connection. Please try again or contact your system administrator.
Checking Tomcat logs I see in catalina.out the following each time:
Exception in thread "Thread-4" java.lang.IllegalStateException: Message will not be sent because the WebSocket session has been closed
at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.writeMessagePart(WsRemoteEndpointImplBase.java:442)
at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendMessageBlock(WsRemoteEndpointImplBase.java:314)
at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendMessageBlock(WsRemoteEndpointImplBase.java:254)
at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendString(WsRemoteEndpointImplBase.java:195)
at org.apache.tomcat.websocket.WsRemoteEndpointBasic.sendText(WsRemoteEndpointBasic.java:37)
at org.apache.guacamole.websocket.GuacamoleWebSocketTunnelEndpoint.sendInstruction(GuacamoleWebSocketTunnelEndpoint.java:152)
at org.apache.guacamole.websocket.GuacamoleWebSocketTunnelEndpoint.access$200(GuacamoleWebSocketTunnelEndpoint.java:53)
at org.apache.guacamole.websocket.GuacamoleWebSocketTunnelEndpoint$2.run(GuacamoleWebSocketTunnelEndpoint.java:253)
We've not made any changes to our RDP or VNC servers or network firewalls so I suspect is some issue with configuration on new Guacamole install. I've ensured the server built with all modules required (including libwebsockets) and have tried a few different Tomcat server versions to see if some bug there.
At this point I'm out of ideas and not seeing much else to try from search engines and would much appreciate any guidance on what else to check.
Edit: Since posting I've also tried:
- Disabling ipv6
- Upgrading to openjdk 19
- Tomcat version 9.0.71 and 9.0.21 (version we were on prior)
- Guacamole 1.4.0 (failed to install, deprecated code)
- Added guacd.conf with host bound to 127.0.0.1 (prior we did not need this)
Error persists
答案1
得分: 0
问题最终是与防火墙相关的。
简单地允许Guacamole通过防火墙并未能维持WebSocket连接,但使用NAT来转换数据包确实起作用。
英文:
Issue ended up being firewall related
Simply allowing Guacamole to pass through firewall was not maintaining the websocket connection however using NAT to translate the packet did work
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论