apache · necouchman · Dec 13, 2025 · Dec 9, 2025 · Dec 9, 2025 · Dec 9, 2025
diff --git a/...-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ModeledConnection.java b/...-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ModeledConnection.java
@@ -343,15 +343,13 @@ public void setAttributes(Map<String, String> attributes) {
         // Translate connection limit attribute
         try { getModel().setMaxConnections(NumericField.parse(attributes.get(MAX_CONNECTIONS_NAME))); }
         catch (NumberFormatException e) {
-            logger.warn("Not setting maximum connections: {}", e.getMessage());
-            logger.debug("Unable to parse numeric attribute.", e);
+            logger.warn("Not setting maximum connections: {}", e.getMessage(), e);
         }
 
         // Translate per-user connection limit attribute
         try { getModel().setMaxConnectionsPerUser(NumericField.parse(attributes.get(MAX_CONNECTIONS_PER_USER_NAME))); }
         catch (NumberFormatException e) {
-            logger.warn("Not setting maximum connections per user: {}", e.getMessage());
-            logger.debug("Unable to parse numeric attribute.", e);
+            logger.warn("Not setting maximum connections per user: {}", e.getMessage(), e);
         }
 
         // Translate guacd hostname
@@ -360,8 +358,7 @@ public void setAttributes(Map<String, String> attributes) {
         // Translate guacd port
         try { getModel().setProxyPort(NumericField.parse(attributes.get(GUACD_PORT_NAME))); }
         catch (NumberFormatException e) {
-            logger.warn("Not setting guacd port: {}", e.getMessage());
-            logger.debug("Unable to parse numeric attribute.", e);
+            logger.warn("Not setting guacd port: {}", e.getMessage(), e);
         }
 
         // Translate guacd encryption method
@@ -382,8 +379,7 @@ else if (GUACD_ENCRYPTION_VALUE_SSL.equals(encryptionMethod))
         // Translate connection weight attribute
         try { getModel().setConnectionWeight(NumericField.parse(attributes.get(CONNECTION_WEIGHT))); }
         catch (NumberFormatException e) {
-            logger.warn("Not setting the connection weight: {}", e.getMessage());
-            logger.debug("Unable to parse numeric attribute.", e);
+            logger.warn("Not setting the connection weight: {}", e.getMessage(), e);
         }
 
         // Translate failover-only attribute

diff --git a/.../src/main/java/org/apache/guacamole/auth/jdbc/connectiongroup/ModeledConnectionGroup.java b/.../src/main/java/org/apache/guacamole/auth/jdbc/connectiongroup/ModeledConnectionGroup.java
@@ -200,15 +200,13 @@ public void setAttributes(Map<String, String> attributes) {
         // Translate connection limit attribute
         try { getModel().setMaxConnections(NumericField.parse(attributes.get(MAX_CONNECTIONS_NAME))); }
         catch (NumberFormatException e) {
-            logger.warn("Not setting maximum connections: {}", e.getMessage());
-            logger.debug("Unable to parse numeric attribute.", e);
+            logger.warn("Not setting maximum connections: {}", e.getMessage(), e);
         }
 
         // Translate per-user connection limit attribute
         try { getModel().setMaxConnectionsPerUser(NumericField.parse(attributes.get(MAX_CONNECTIONS_PER_USER_NAME))); }
         catch (NumberFormatException e) {
-            logger.warn("Not setting maximum connections per user: {}", e.getMessage());
-            logger.debug("Unable to parse numeric attribute.", e);
+            logger.warn("Not setting maximum connections per user: {}", e.getMessage(), e);
         }
 
         // Translate session affinity attribute

diff --git a/...e/src/main/java/org/apache/guacamole/auth/jdbc/tunnel/AbstractGuacamoleTunnelService.java b/...e/src/main/java/org/apache/guacamole/auth/jdbc/tunnel/AbstractGuacamoleTunnelService.java
@@ -778,8 +778,9 @@ public GuacamoleTunnel getGuacamoleTunnel(ModeledAuthenticatedUser user,
             // If connection failed due to an upstream error, retry other
             // connections
             catch (GuacamoleUpstreamException e) {
-                logger.info("Upstream error intercepted for connection \"{}\". Failing over to next connection in group...", connection.getIdentifier());
-                logger.debug("Upstream remote desktop reported an error during connection.", e);
+                logger.info("Upstream error intercepted for connection \"{}\". "
+                        + "Failing over to next connection in group...",
+                        connection.getIdentifier(), e);
                 connections.remove(connection);
                 upstreamHasFailed = true;
             }

diff --git a/...acamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/ModeledUser.java b/...acamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/ModeledUser.java
@@ -442,35 +442,31 @@ private void setRestrictedAttributes(Map<String, String> attributes) {
         if (attributes.containsKey(ACCESS_WINDOW_START_ATTRIBUTE_NAME)) {
             try { getModel().setAccessWindowStart(parseTime(attributes.get(ACCESS_WINDOW_START_ATTRIBUTE_NAME))); }
             catch (ParseException e) {
-                logger.warn("Not setting start time of user access window: {}", e.getMessage());
-                logger.debug("Unable to parse time attribute.", e);
+                logger.warn("Not setting start time of user access window: {}", e.getMessage(), e);
             }
         }
 
         // Translate access window end time
         if (attributes.containsKey(ACCESS_WINDOW_END_ATTRIBUTE_NAME)) {
             try { getModel().setAccessWindowEnd(parseTime(attributes.get(ACCESS_WINDOW_END_ATTRIBUTE_NAME))); }
             catch (ParseException e) {
-                logger.warn("Not setting end time of user access window: {}", e.getMessage());
-                logger.debug("Unable to parse time attribute.", e);
+                logger.warn("Not setting end time of user access window: {}", e.getMessage(), e);
             }
         }
 
         // Translate account validity start date
         if (attributes.containsKey(VALID_FROM_ATTRIBUTE_NAME)) {
             try { getModel().setValidFrom(parseDate(attributes.get(VALID_FROM_ATTRIBUTE_NAME))); }
             catch (ParseException e) {
-                logger.warn("Not setting user validity start date: {}", e.getMessage());
-                logger.debug("Unable to parse date attribute.", e);
+                logger.warn("Not setting user validity start date: {}", e.getMessage(), e);
             }
         }
 
         // Translate account validity end date
         if (attributes.containsKey(VALID_UNTIL_ATTRIBUTE_NAME)) {
             try { getModel().setValidUntil(parseDate(attributes.get(VALID_UNTIL_ATTRIBUTE_NAME))); }
             catch (ParseException e) {
-                logger.warn("Not setting user validity end date: {}", e.getMessage());
-                logger.debug("Unable to parse date attribute.", e);
+                logger.warn("Not setting user validity end date: {}", e.getMessage(), e);
             }
         }
 

diff --git a/...-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/ModeledUserContext.java b/...-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/ModeledUserContext.java
@@ -325,13 +325,9 @@ public boolean isValid() {
         }
 
         catch (GuacamoleException e) {
-
-            logger.warn(
-                    "Unable to determine if access window enforcement is"
-                    + " enabled for active sessions; enforcing by default: {}"
-                    , e.getMessage());
-            logger.debug("Unable to determine access window enforcement policy.", e);
-
+            logger.warn("Unable to determine if access window enforcement is"
+                    + " enabled for active sessions; enforcing by default: {}",
+                    e.getMessage(), e);
         }
 
         // A user context is valid if the associated user's account is valid

diff --git a/...mole-auth-json/src/main/java/org/apache/guacamole/auth/json/RequestValidationService.java b/...mole-auth-json/src/main/java/org/apache/guacamole/auth/json/RequestValidationService.java
@@ -78,14 +78,15 @@ public boolean isAuthenticationAllowed(Credentials credentials) {
 
         // Deny all requests if restrictions cannot be parsed
         catch (GuacamoleException e) {
-            logger.warn("Authentication request from \"{}\" is DENIED due to parse error: {}", credentials.getRemoteAddress(), e.getMessage());
-            logger.debug("Error parsing authentication request restrictions from guacamole.properties.", e);
+            logger.warn("Authentication request from \"{}\" is DENIED due to "
+                    + "parse error: {}", credentials.getRemoteAddress(), e.getMessage(), e);
             return false;
         }
 
         // All requests are allowed if no restrictions are defined
         if (trustedNetworks.isEmpty()) {
-            logger.debug("Authentication request from \"{}\" is ALLOWED (no restrictions).", credentials.getRemoteAddress());
+            logger.debug("Authentication request from \"{}\" is ALLOWED (no "
+                    + "restrictions).", credentials.getRemoteAddress());
             return true;
         }
 
@@ -94,14 +95,16 @@ public boolean isAuthenticationAllowed(Credentials credentials) {
 
             // Request is allowed if any subnet matches
             if (new IPAddressString(network).contains(new IPAddressString(credentials.getRemoteAddress()))) {
-                logger.debug("Authentication request from \"{}\" is ALLOWED (matched subnet).", credentials.getRemoteAddress());
+                logger.debug("Authentication request from \"{}\" is ALLOWED "
+                        + "(matched subnet).", credentials.getRemoteAddress());
                 return true;
             }
 
         }
 
         // Otherwise request is denied - no subnets matched
-        logger.debug("Authentication request from \"{}\" is DENIED (did not match subnet).", credentials.getRemoteAddress());
+        logger.debug("Authentication request from \"{}\" is DENIED (did not "
+                + "match subnet).", credentials.getRemoteAddress());
         return false;
 
     }

diff --git a/...uacamole-auth-json/src/main/java/org/apache/guacamole/auth/json/user/UserDataService.java b/...uacamole-auth-json/src/main/java/org/apache/guacamole/auth/json/user/UserDataService.java
@@ -168,22 +168,19 @@ public UserData fromCredentials(Credentials credentials) {
 
         // Fail if base64 data is not valid
         catch (IllegalArgumentException e) {
-            logger.warn("Submitted data is not proper base64.");
-            logger.debug("Invalid base64 data.", e);
+            logger.warn("Submitted data is not proper base64: {}", e.getMessage(), e);
             return null;
         }
 
         // Handle lack of standard UTF-8 support (should never happen)
         catch (UnsupportedEncodingException e) {
-            logger.error("Unexpected lack of support for UTF-8: {}", e.getMessage());
-            logger.debug("Unable to decode base64 data as UTF-8.", e);
+            logger.error("Unexpected lack of support for UTF-8: {}", e.getMessage(), e);
             return null;
         }
 
         // Fail if decryption or key retrieval fails for any reason
         catch (GuacamoleException e) {
-            logger.error("Decryption of received data failed: {}", e.getMessage());
-            logger.debug("Unable to decrypt received data.", e);
+            logger.error("Decryption of received data failed: {}", e.getMessage(), e);
             return null;
         }
 
@@ -205,8 +202,7 @@ public UserData fromCredentials(Credentials credentials) {
 
         // Fail UserData creation if JSON is invalid/unreadable
         catch (IOException e) {
-            logger.error("Received JSON is invalid: {}", e.getMessage());
-            logger.debug("Error parsing UserData JSON.", e);
+            logger.error("Received JSON is invalid: {}", e.getMessage(), e);
             return null;
         }
 

diff --git a/...acamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPConnectionService.java b/...acamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPConnectionService.java
@@ -322,8 +322,7 @@ private LdapNetworkConnection bindAs(LdapNetworkConnection ldapConnection,
             ldapConnection.close();
             logger.error("Binding with the LDAP server at \"{}\" as user "
                     + "\"{}\" failed: {}", config.getLdapHost(), bindUser,
-                    e.getMessage());
-            logger.debug("Unable to bind to LDAP server.", e);
+                    e.getMessage(), e);
             return null;
         }
 
@@ -369,8 +368,8 @@ private LdapNetworkConnection bindAs(LdapNetworkConnection ldapConnection,
         }
         catch (LdapInvalidDnException e) {
             logger.error("Credentials of existing connection cannot be used. "
-                    + "The username used (\"{}\") is not a valid DN.", username);
-            logger.debug("Cannot bind using invalid DN.", e);
+                    + "The username used (\"{}\") is not a valid DN.",
+                    username, e);
             ldapConnection.close();
             return null;
         }

diff --git a/.../guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ObjectQueryService.java b/.../guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ObjectQueryService.java
@@ -265,8 +265,7 @@ else if (results.isReferral()) {
                                             + "URL \"{}\".", url);
                             }
                             catch (GuacamoleException e) {
-                                logger.warn("Referral to \"{}\" could not be followed: {}", url, e.getMessage());
-                                logger.debug("Failed to follow LDAP referral.", e);
+                                logger.warn("Referral to \"{}\" could not be followed: {}", url, e.getMessage(), e);
                             }
 
                         }

diff --git a/...ole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/ConfigurationService.java b/...ole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/ConfigurationService.java
@@ -122,7 +122,7 @@ public Collection<? extends LDAPConfiguration> getLDAPConfigurations() throws Gu
 
                 }
                 catch (IOException e) {
-                    logger.error("\"{}\" could not be read/parsed: {}", ldapServers, e.getMessage());
+                    logger.error("\"{}\" could not be read/parsed: {}", ldapServers, e.getMessage(), e);
                 }
             }
             else

diff --git a/...-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/connection/ConnectionService.java b/...-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/connection/ConnectionService.java
@@ -202,8 +202,7 @@ public Map<String, Connection> getConnections(LDAPAuthenticatedUser user)
                 }
                 catch (LdapInvalidAttributeValueException e) {
                     logger.error("Invalid value for {} attribute: {}",
-                            LDAP_ATTRIBUTE_NAME_ID, e.getMessage());
-                    logger.debug("LDAP exception while getting CN attribute.", e);
+                            LDAP_ATTRIBUTE_NAME_ID, e.getMessage(), e);
                     return null;
                 }
 
@@ -223,8 +222,7 @@ public Map<String, Connection> getConnections(LDAPAuthenticatedUser user)
                     config.setProtocol(protocol.getString());
                 }
                 catch (LdapInvalidAttributeValueException e) {
-                    logger.error("Invalid value of the protocol entry: {}", e.getMessage());
-                    logger.debug("LDAP exception when getting protocol value.", e);
+                    logger.error("Invalid value of the protocol entry: {}", e.getMessage(), e);
                     return null;
                 }
 
@@ -234,8 +232,7 @@ public Map<String, Connection> getConnections(LDAPAuthenticatedUser user)
                     proxyConfig = getProxyConfiguration(entry);
                 }
                 catch (GuacamoleException e) {
-                    logger.error("Failed to retrieve proxy configuration.", e.getMessage());
-                    logger.debug("Guacamole Exception when retrieving proxy configuration.", e);
+                    logger.error("Failed to retrieve proxy configuration.", e.getMessage(), e);
                     return null;
                 }
 
@@ -250,8 +247,7 @@ public Map<String, Connection> getConnections(LDAPAuthenticatedUser user)
                             parameter = parameterAttribute.getString();
                         }
                         catch (LdapInvalidAttributeValueException e) {
-                            logger.warn("Parameter value not valid for {}: {}", cnName, e.getMessage());
-                            logger.debug("LDAP exception when getting parameter value.", e);
+                            logger.warn("Parameter value not valid for {}: {}", cnName, e.getMessage(), e);
                             return null;
                         }
                         parameterAttribute.remove(parameter);
@@ -394,8 +390,7 @@ private GuacamoleProxyConfiguration getProxyConfiguration(Entry connectionEntry)
             return new GuacamoleProxyConfiguration(proxyHostname, proxyPort, proxyEncryption);
         }
         catch (LdapInvalidAttributeValueException e) {
-            logger.error("Invalid value in proxy configuration: {}", e.getMessage());
-            logger.debug("LDAP exception fetching proxy attribute value.", e);
+            logger.error("Invalid value in proxy configuration: {}", e.getMessage(), e);
             throw new GuacamoleServerException("Invalid LDAP value in proxy configuration.", e);
         }
     }

diff --git a/...camole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/group/UserGroupService.java b/...camole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/group/UserGroupService.java
@@ -214,9 +214,7 @@ public List<Entry> getParentUserGroupEntries(ConnectedLDAPConfiguration config,
                 }
                 catch (LdapInvalidAttributeValueException e) {
                     logger.error("User group missing identifier: {}",
-                            e.getMessage());
-                    logger.debug("LDAP exception while getting "
-                            + "group identifier.", e);
+                            e.getMessage(), e);
                 }
             }
         }
@@ -280,8 +278,7 @@ public Set<String> getParentUserGroupIdentifiers(ConnectedLDAPConfiguration conf
             }
             catch (LdapInvalidAttributeValueException e) {
                 logger.error("User group missing identifier: {}",
-                        e.getMessage());
-                logger.debug("LDAP exception while getting group identifier.", e);
+                        e.getMessage(), e);
             }
 
         });

diff --git a/extensions/guacamole-auth-ldap/src/main/resources/guac-manifest.json b/extensions/guacamole-auth-ldap/src/main/resources/guac-manifest.json
@@ -10,7 +10,6 @@
     ],
 
     "translations" : [
-        "translations/de.json",
         "translations/en.json",
         "translations/zh.json"
     ]

diff --git a/...-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java b/...-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
@@ -94,16 +94,18 @@ private GuacamoleRadiusChallenge getRadiusChallenge(RadiusPacket challengePacket
         // Try to get the state attribute - if it's not there, we have a problem
         RadiusAttribute stateAttr = challengePacket.findAttribute(Attr_State.TYPE);
         if (stateAttr == null) {
-            logger.error("Something went wrong, state attribute not present.");
-            logger.debug("State Attribute turned up null, which shouldn't happen in AccessChallenge.");
+            logger.error("RADIUS server did not include the required \"{}\" "
+                    + "attribute in its challenge packet - cannot continue.",
+                    Attr_State.NAME);
             return null;
         }
 
         // We need to get the reply message so we know what to ask the user
         RadiusAttribute replyAttr = challengePacket.findAttribute(Attr_ReplyMessage.TYPE);
         if (replyAttr == null) {
-            logger.error("No reply message received from the server.");
-            logger.debug("Expecting a Attr_ReplyMessage attribute on this packet, and did not get one.");
+            logger.error("RADIUS server did not include the required \"{}\" "
+                    + "attribute in its challenge packet - cannot continue.",
+                    Attr_ReplyMessage.NAME);
             return null;
         }
 
@@ -162,8 +164,7 @@ public AuthenticatedUser authenticateUser(Credentials credentials)
                                                 null);
             }
             catch (GuacamoleException e) {
-                logger.error("Cannot configure RADIUS server: {}", e.getMessage());
-                logger.debug("Error configuring RADIUS server.", e);
+                logger.error("Cannot configure RADIUS server: {}", e.getMessage(), e);
                 throw new GuacamoleInvalidCredentialsException("Authentication error.", CredentialsInfo.USERNAME_PASSWORD);
             }
         }
@@ -184,13 +185,11 @@ public AuthenticatedUser authenticateUser(Credentials credentials)
                                                               stateBytes);
             }
             catch (IllegalArgumentException e) {
-                logger.warn("Illegal hexadecimal value while parsing RADIUS state string: {}", e.getMessage());
-                logger.debug("Encountered exception while attempting to parse the hexidecimal state value.", e);
+                logger.warn("Illegal hexadecimal value while parsing RADIUS state string: {}", e.getMessage(), e);
                 throw new GuacamoleInvalidCredentialsException("Authentication error.", CredentialsInfo.USERNAME_PASSWORD);
             }
             catch (GuacamoleException e) {
-                logger.error("Cannot configure RADIUS server: {}", e.getMessage());
-                logger.debug("Error configuring RADIUS server.", e);
+                logger.error("Cannot configure RADIUS server: {}", e.getMessage(), e);
                 throw new GuacamoleInvalidCredentialsException("Authentication error.", CredentialsInfo.USERNAME_PASSWORD);
             }
         }
-Original file line number
+Diff line change
@@ Expand Up @@
                     }
                     catch (IOException e) {
-                        logger.error("\"{}\" could not be read/parsed: {}", ldapServers, e.getMessage());
+                        logger.error("\"{}\" could not be read/parsed: {}", ldapServers, e.getMessage(), e);
                     }
                 }
                 else
@@ Expand Down @@