Hello, I am having an issue configuring Apache Guacamole when SAML and TOTP are both enabled. The backend for the server is using MariaDB with the MySQL connector. I am using SAML SSO to Azure AD which signs in successfully when the TOTP module is not enabled. The TOTP module works with a local user that is not using SSO.
When the TOTP module is enabled, the SAML login completes and redirects to the screen for setting up a TOTP code. When you enter the TOTP code, it returns a 403 invalid login response. I have the 403 response below along with the debug logs that happen during the TOTP authentication attempt. 403 POST https://remote.redacted.com/api/tokens Response: {"message":"Invalid login","translatableMessage":{"key":"APP.TEXT_UNTRANSLATED","variables":{"MESSAGE":"Invalid login"}},"statusCode":null,"expected":[{"name":"username","type":"USERNAME"},{"name":"password","type":"PASSWORD"}],"type":"INVALID_CREDENTIALS"} Debug logs: https://pastebin.com/GPCwP5Fk guacamole.properties: https://pastebin.com/DDtB1F8e Any help would be much appreciated. Thanks! -Tyler Hale
