Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Duplicate
-
1.5.5
-
None
-
None
-
GUACD-INTRANET-SERVER:
OS: Linux rdg-dev 5.10.0-28-amd64 #1 SMP Debian 5.10.209-2 (2024-01-31) x86_64 GNU/Linux
GUACD: Guacamole proxy daemon (guacd) version 1.5.5
TOMCAT-DMZ-SERVER:
OS: Linux rdg-dev 5.10.0-28-amd64 #1 SMP Debian 5.10.209-2 (2024-01-31) x86_64 GNU/Linux
TOMCAT: tomcat9 9.0.43-2~deb11u9 all Apache Tomcat 9 - Servlet and JSP engine
JAVA: openjdk version "11.0.22" 2024-01-16
OpenJDK Runtime Environment (build 11.0.22+7-post-Debian-1deb11u1)
OpenJDK 64-Bit Server VM (build 11.0.22+7-post-Debian-1deb11u1, mixed mode, sharing)GUACD-INTRANET-SERVER: OS: Linux rdg-dev 5.10.0-28-amd64 #1 SMP Debian 5.10.209-2 (2024-01-31) x86_64 GNU/Linux GUACD: Guacamole proxy daemon (guacd) version 1.5.5 TOMCAT-DMZ-SERVER: OS: Linux rdg-dev 5.10.0-28-amd64 #1 SMP Debian 5.10.209-2 (2024-01-31) x86_64 GNU/Linux TOMCAT: tomcat9 9.0.43-2~deb11u9 all Apache Tomcat 9 - Servlet and JSP engine JAVA: openjdk version "11.0.22" 2024-01-16 OpenJDK Runtime Environment (build 11.0.22+7-post-Debian-1deb11u1) OpenJDK 64-Bit Server VM (build 11.0.22+7-post-Debian-1deb11u1, mixed mode, sharing)
Description
Hello,
for onboarding purpose we set the checkbox „password is expired“ to force new users to change their initial password to a custom one. We also enforce totp.
Problem since a few versions:
- user signs in with initial password a
- user forced to change password a to a custom password b
- user pairs totp to authenticator
- user gets redirected to login panel
- login with password a and b not working
- Only using incognito or a newly opened browserwindow made it possible to login with password b - session problem?
- Now password b is working but the otp dialog requires confirmation again with entering totp code (setup window with qr code is shown)
It worked until some versions ago.
Attachments
Issue Links
- duplicates
-
-
- Open
-