Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Invalid
-
1.2.0
-
None
-
None
-
Debian 10.7
Tomcat 8
Tried browser : chrome, firefox and midori on all linux debian 10
Description
Hi,
Maybe it is my fault but i tried the following :
We have LDAP auth to WIndows AD => this is working
We have MYSQL too to manage user permission in guacamole => this is working
I tried to ADD TOTP so i did this:
- download guacamole-auth-totp-1.2.0.jar in /etc/guacamole/extensions/.
- Edit config to add mysql-auto-create-accounts: true
- Edit my test user permission to add the ability to modify it's own password
- Edit config to add totp issuer and sha1 mode
- Restart tomcat8
- Install google Authenticator on my Iphone
My problem is, I have the enrollment page and display of the Qrcode, if i flash the qrcode with my phone, it adds the totp source to my app correctly. But i can't login, i have "Verification failed. Please try again." every time.
Nothing special in catalina.out log, it says user xxx succesfully authenticated ?!
I tried to manually enter the secret VS scanning the Qrcode, same problem...
Tried to clear the cache, use incognito mode... same...
Tried to edit the database :
MariaDB [guacamole_db]> select * from guacamole_user_attribute;
----------------------------------------------------------------
user_id | attribute_name | attribute_value |
----------------------------------------------------------------
4 | guac-totp-key-confirmed | false |
4 | guac-totp-key-secret | UMV5CJLYYFOU4X6NWN63MYRA7RLMVWHZ |
10 | guac-totp-key-confirmed | true |
10 | guac-totp-key-secret | SYVSRN4OTRTNZOWKWYR7QVCIRSWLWASF |
11 | guac-totp-key-confirmed | false |
11 | guac-totp-key-secret | AZN2L5FCEY46EALDZWDJDGTPOZM2HFF4 |
----------------------------------------------------------------
It says "true" for the test user so i assume the enrollment is working right ?
I tried to set back to false, enrollment showed up again, but same result at the end...
I also tried to edit my test user and give him all the permissions with no luck!
This is why I'm posting here now...
Sorry english is not my first language, i hope i gave you enough information on the problem
Thanks