Melvin Schmidt created GUACAMOLE-2105:
-----------------------------------------
Summary: Issue with New User Login – TOTP Setup Causes Initial
Login Failure in Guacamole 1.6.0 (Debian 12)
Key: GUACAMOLE-2105
URL: https://issues.apache.org/jira/browse/GUACAMOLE-2105
Project: Guacamole
Issue Type: Bug
Affects Versions: 1.6.0
Environment: Linux Debian 12
Reporter: Melvin Schmidt
We are currently experiencing a reproducible issue with Apache Guacamole
version 1.6.0 running on Debian 12 when creating new users. The login and TOTP
setup flow appears to be broken. The following sequence of events describes the
problem:
# A new user is created via the Guacamole admin interface.
# The user logs in for the first time and is prompted to set a new password.
# After setting the new password, the user is prompted to configure TOTP
(two-factor authentication).
# Once the TOTP setup is complete, there is a login error, and the user ist
redirected to the login page.
# Upon entering the newly set password the login fails with a “Verification
failed” error.
# After this failed login, the page results in a state where no login (for any
user) is possible.
# Only after reloading again and logging in with the newly set password is
possible.
# The user is prompted to set up TOTP again – the previously configured TOTP
is no longer valid.
# After the second TOTP setup, the user can log in successfully, and the
system behaves as expected from that point onward.
We would appreciate any guidance on how to resolve this issue or if this is a
known bug in version 1.6.0.
Thank you!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
