Nick Couchman created GUACAMOLE-770:
---------------------------------------
Summary: Allow for clearing TOTP Data in Admin Interface
Key: GUACAMOLE-770
URL: https://issues.apache.org/jira/browse/GUACAMOLE-770
Project: Guacamole
Issue Type: Improvement
Components: guacamole-auth-totp
Reporter: Nick Couchman
Currently the TOTP attributes for a particular user are completely hidden from
the Administrative interface, even to admin-level users. While hiding this
data is sound security practice - there is no reason why any user, including an
admin, within Guacamole would need to actually see the "key material" for the
TOTP token, it might be nice to come up with some way to allow that data to be
cleared from within the Admin UI such that a user's TOTP status could be
"reset," allowing that user to re-enroll. I'm not sure this is really possible
with any of the current field types, but I'm thinking perhaps there is some
sort of new field type within Guacamole that could be generated, perhaps
specific to the TOTP module, that would allow for clearing out this data.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
