[GUACAMOLE-1213] TOTP PSQLException following successful LDAP authentication - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Invalid
Affects Version/s: 1.2.0
Fix Version/s: None
Component/s: guacamole-auth-jdbc-postgresql, guacamole-auth-ldap, guacamole-auth-totp
Labels:
None

Description

I have successfully deployed both guacd and guacamole via docker image to AWS ECS. I have added the TOTP extension to the image. Additionally, I have successfully configured guacamole to use LDAPs to integrate with a Microsoft Active Directory and a Postgres database.

Background:

I can see via in the guacamole logs, that a login attempt is successfully authenticated by the configured LDAPs.

15:25:40.889 [http-nio-8080-exec-4] INFO o.a.g.r.auth.AuthenticationService - User "<user-name>" successfully authenticated from <ip-address>.

I have additionally verified that the same login attempt (with the same user/credentials) will result in successful login and access to the guacamole application when I temporarily deploy WITHOUT the TOTP extension for testing purposes. As I require the MFA protection provided by TOTP, this is not an acceptable option in this situation.

The problem:

In response to this successful login, the TOTP plugin proceeds to attempt to add/update the associated user in the Postgres DB. This fails as is shown in the following guacamole log entries.

15:25:41.003 [http-nio-8080-exec-4] ERROR o.a.g.rest.RESTExceptionMapper - Unexpected internal error:
### Error updating database. Cause: org.postgresql.util.PSQLException: ERROR: operator does not exist: integer = character varying
Hint: No operator matches the given name and argument types. You might need to add explicit type casts.
Position: 487
### The error may involve org.apache.guacamole.auth.jdbc.user.UserMapper.update-Inline
### The error occurred while setting parameters
### SQL: UPDATE guacamole_user SET password_hash = ?, password_salt = ?, password_date = ?, disabled = ?, expired = ?, access_window_start = ?, access_window_end = ?, valid_from = ?, valid_until = ?, timezone = ?, full_name = ?, email_address = ?, organization = ?, organizational_role = ? WHERE user_id = ?
### Cause: org.postgresql.util.PSQLException: ERROR: operator does not exist: integer = character varying

The associated stack trace stems from
org.apache.guacamole.auth.totp.TOTPAuthenticationProvider.decorate(TOTPAuthenticationProvider.java:76)

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Todd Gould

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 13/Nov/20 19:54

Updated:: 16/Nov/20 15:37

Resolved:: 16/Nov/20 15:37