[jira] [Closed] (GUACAMOLE-1234) TOTP not working as expected

Mon, 28 Dec 2020 10:45:07 -0800 


     [ 
https://issues.apache.org/jira/browse/GUACAMOLE-1234?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Nick Couchman closed GUACAMOLE-1234.
------------------------------------
    Resolution: Invalid

> TOTP not working as expected
> ----------------------------
>
>                 Key: GUACAMOLE-1234
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-1234
>             Project: Guacamole
>          Issue Type: Bug
>          Components: guacamole-auth-totp
>    Affects Versions: 1.2.0
>         Environment: Debian 10.7
> Tomcat 8
> Tried browser : chrome, firefox and midori on all linux debian 10
>            Reporter: Hugo CAMPION
>            Priority: Major
>
> Hi,
>  
> Maybe it is my fault but i tried the following :
>  
> We have LDAP auth to WIndows AD => this is working
> We have MYSQL too to manage user permission in guacamole => this is working
>  
> I tried to ADD TOTP so i did this:
>  
>  * download guacamole-auth-totp-1.2.0.jar in /etc/guacamole/extensions/.
>  * Edit config to add mysql-auto-create-accounts: true
>  * Edit my test user permission to add the ability to modify it's own password
>  * Edit config to add totp issuer and sha1 mode
>  * Restart tomcat8
>  * Install google Authenticator on my Iphone
>  
> My problem is, I have the enrollment page and display of the Qrcode, if i 
> flash the qrcode with my phone, it adds the totp source to my app correctly. 
> But i can't login, i have "Verification failed. Please try again." every time.
>  
> Nothing special in catalina.out log, it says user xxx succesfully 
> authenticated ?!
>  
> I tried to manually enter the secret VS scanning the Qrcode, same problem...
> Tried to clear the cache, use incognito mode... same...
> Tried to edit the database : 
>  
> MariaDB [guacamole_db]> select * from guacamole_user_attribute;
> +---------+-------------------------+----------------------------------+
> | user_id | attribute_name | attribute_value |
> +---------+-------------------------+----------------------------------+
> | 4 | guac-totp-key-confirmed | false |
> | 4 | guac-totp-key-secret | UMV5CJLYYFOU4X6NWN63MYRA7RLMVWHZ |
> | 10 | guac-totp-key-confirmed | true |
> | 10 | guac-totp-key-secret | SYVSRN4OTRTNZOWKWYR7QVCIRSWLWASF |
> | 11 | guac-totp-key-confirmed | false |
> | 11 | guac-totp-key-secret | AZN2L5FCEY46EALDZWDJDGTPOZM2HFF4 |
> +---------+-------------------------+----------------------------------+
>  
> It says "true" for the test user so i assume the enrollment is working right ?
>  
> I tried to set back to false, enrollment showed up again, but same result at 
> the end...
>  
> I also tried to edit my test user and give him all the permissions with no 
> luck!
>  
> This is why I'm posting here now...
>  
> Sorry english is not my first language, i hope i gave you enough information 
> on the problem
>  
> Thanks
>  
>  
>  
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to