Unable to establish another RDP connection if there is an already existing active Boundary session

[japneet-sahni]

Describe the bug
If I establish a RDP connection to a host (within a target) and logout of the machine (Boundary session is still active), thereafter, if I try to connect to another host, I get an error no tofu token but not in correct session state

To Reproduce
Steps to reproduce the behavior:

1. Go to Boundary Desktop App (v1.4.5) and authenticate (Make sure there are no active Boundary sessions)
2. Click on Targets -> Go to Hosts -> Click Connect for Host1
3. Using Proxy URL, establish a RDP connection (something like 127.0.0.1:56734)
4. The connection is activated and authorized as shown in below worker logs

{"id":"MMdUk84rRo","source":"https://hashicorp.com/boundary/boundary-worker-5ccf8c4566-shw8n/worker","specversion":"1.0","type":"system","data":{"version":"v0.1","op":"worker.(Worker).handleProxy","data":{"msg":"session successfully activated","session_id":"s_pCA4K28MqV"}},"datacontentype":"application/cloudevents","time":"2022-10-25T15:58:08.032659618Z"}
{"id":"6p7UYJn76v","source":"https://hashicorp.com/boundary/boundary-worker-5ccf8c4566-shw8n/worker","specversion":"1.0","type":"system","data":{"version":"v0.1","op":"worker.(Worker).handleProxy","data":{"connection_id":"sc_mRlM1SFJ9I","msg":"connection successfully authorized","session_id":"s_pCA4K28MqV"}},"datacontentype":"application/cloudevents","time":"2022-10-25T15:58:08.275907896Z"}

5. Close the connection from within the Windows host. You will find below in worker logs
   {"id":"7Eb7fjgFNF","source":"https://hashicorp.com/boundary/boundary-worker-5ccf8c4566-shw8n/worker","specversion":"1.0","type":"system","data":{"version":"v0.1","op":"worker.(Worker).handleProxy","data":{"connection_id":"sc_mRlM1SFJ9I","msg":"connection closed","session_id":"s_pCA4K28MqV"}},"datacontentype":"application/cloudevents","time":"2022-10-25T16:00:13.900900772Z"}

6. The session s_pCA4K28MqV will be still active in Boundary
   

7. Try connecting to a different host now from the target list.

8. Using the new Boundary Proxy URL establish a RDP connection to the new host

9. You will get an internal error with below error in worker logs

{"id":"Ongp5mD0dZ","source":"https://hashicorp.com/boundary/boundary-worker-5ccf8c4566-shw8n/worker","specversion":"1.0","type":"system","data":{"version":"v0.1","op":"worker.(Worker).handleProxy","data":{"msg":"session successfully activated","session_id":"s_NDVPyo8Ne1"}},"datacontentype":"application/cloudevents","time":"2022-10-25T16:13:46.697645106Z"}
{"id":"iZbHjQf2sw","source":"https://hashicorp.com/boundary/boundary-worker-5ccf8c4566-shw8n/worker","specversion":"1.0","type":"system","data":{"version":"v0.1","op":"worker.(Worker).handleProxy","data":{"connection_id":"sc_1GJJcPgeeV","msg":"connection successfully authorized","session_id":"s_NDVPyo8Ne1"}},"datacontentype":"application/cloudevents","time":"2022-10-25T16:13:47.011316445Z"}
{"id":"RJF556KC1c","source":"https://hashicorp.com/boundary/boundary-worker-5ccf8c4566-shw8n/worker","specversion":"1.0","type":"system","data":{"version":"v0.1","op":"worker.(Worker).handleProxy","data":{"connection_id":"sc_1GJJcPgeeV","msg":"connection closed","session_id":"s_NDVPyo8Ne1"}},"datacontentype":"application/cloudevents","time":"2022-10-25T16:13:50.519417416Z"}
{"id":"xUmhn590ET","source":"https://hashicorp.com/boundary/boundary-worker-5ccf8c4566-shw8n/worker","specversion":"1.0","type":"error","data":{"error":"no tofu token but not in correct session state","error_fields":{},"id":"e_dXSmrQY3wQ","version":"v0.1","op":"worker.(Worker).handleProxy","info":{"session_id":"s_NDVPyo8Ne1"}},"datacontentype":"application/cloudevents","time":"2022-10-25T16:13:52.449107932Z"}

Expected behavior
I should be able to establish a connection to a new host.

Additional context
As a matter of fact, I should be able to establish a connection for the same host (Host1) with already existing active session or a new session by clicking on "Connect"

[irenarindos]

Thank you for reporting this! What version of Boundary are you running?

We had a bug in prior version of Boundary that surfaced a similar error: #2414
If this is the same bug, it was fixed in versions 10.4 and above.

[japneet-sahni]

@irenarindos : Ah, thanks for sharing this. Not sure, how I missed this ticket. Anyways, we will upgrade Boundary from 10.3 to 10.4 and see if it solves the issue. Let's keep this thread open for couple of days. Any idea, if we can upgrade it to 0.10.5 or 0.11.0 directly? We still haven't gone live and still testing on sandbox.

[irenarindos]

You should be able to upgrade to either version directly. We removed deprecated actions on targets and credentials in 0.11.0 and both 0.10.5 and 0.11.0 have known issues. You can read about them in our Changelog and decide which version to upgrade to if those changes/ issues affect you: https://github.com/hashicorp/boundary/blob/main/CHANGELOG.md

Please let us know if you run into this or any other issues after your upgrade- thanks so much!

[japneet-sahni]

@irenarindos : After upgrading directly from v0.10.3 to v0.11.0, we were able to resolve this issue. Thanks for your quick help here.