[jira] [Created] (GUACAMOLE-1329) Message for successful login appears three times, no message for failed TOTP

Mon, 19 Apr 2021 10:37:03 -0700 

Florian Obradovic created GUACAMOLE-1329:
--------------------------------------------

             Summary: Message for successful login appears three times, no 
message for failed TOTP
                 Key: GUACAMOLE-1329
                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-1329
             Project: Guacamole
          Issue Type: Bug
          Components: guacamole
    Affects Versions: 1.2.0
         Environment: Package: tomcat8
Versions: 8.5.39-1ubuntu1~18.04.3

Also have DUO extension installed but is not with the users from this example!
            Reporter: Florian Obradovic
         Attachments: image-2021-04-19-19-24-57-999.png

Dear Team

Today I created a dashboard in Graylog to monitor failed and successful 
Guacamole logins and noticed this behaviour:
h2. A user with TOTP enabled
 * a user signs in one single time
 * there appear three lines in catalina.out log file 
 * two lines appear after entering username & password
 * you enter TOTP challenge
 * third line appears

 
{code:java}
After Login:
19:13:08.869 [http-nio-8080-exec-8] INFO o.a.g.r.auth.AuthenticationService - 
User "guac-admin" successfully authenticated from [111.222.333.4, 127.0.0.1].
19:13:09.424 [http-nio-8080-exec-4] INFO o.a.g.r.auth.AuthenticationService - 
User "guac-admin" successfully authenticated from [111.222.333.4, 127.0.0.1].

After entering TOTP challenge:

19:13:11.490 [http-nio-8080-exec-6] INFO o.a.g.r.auth.AuthenticationService - 
User "guac-admin" successfully authenticated from [111.222.333.4, 127.0.0.1]
{code}
 

 

 
h1. A user with TOTP fails to enter TOTP codes
 * a user signs in one single time
 * first *two* after entering username & password
 * {color:#FF0000}*after failing to enter the TOTP codes / entering wrong 
challenges there appear a new line:*
{color:#172b4d}_INFO o.a.g.r.auth.AuthenticationService - User "guac-admin" 
successfully authenticated from [111.222.333.4, 127.0.0.1]_{color}{color}**

h1. A user with DUO enabled
 * a user signs in one single time
 * first line after entering username & password
 * second line after DUO challenge response successfully
 * third line appears after you enter TOTP challenge

----
 

!image-2021-04-19-19-24-57-999.png|width=446,height=475!

 

Best regards, Flo.

 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to