I have successfully deployed both guacd and guacamole via docker image to AWS ECS. I have added the TOTP extension to the image. Additionally, I have successfully configured guacamole to use LDAPs to integrate with a Microsoft Active Directory and a Postgres database.
I can see via in the guacamole logs, that a login attempt is successfully authenticated by the configured LDAPs.
I have additionally verified that the same login attempt (with the same user/credentials) will result in successful login and access to the guacamole application when I temporarily deploy WITHOUT the TOTP extension for testing purposes. As I require the MFA protection provided by TOTP, this is not an acceptable option in this situation.
In response to this successful login, the TOTP plugin proceeds to attempt to add/update the associated user in the Postgres DB. This fails as is shown in the following guacamole log entries.
The associated stack trace stems from