[jira] [Closed] (GUACAMOLE-2105) Issue with New User Login – TOTP Setup Causes Initial Login Failure in Guacamole 1.6.0 (Debian 12)

Thu, 24 Jul 2025 04:34:05 -0700 


     [ 
https://issues.apache.org/jira/browse/GUACAMOLE-2105?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Nick Couchman closed GUACAMOLE-2105.
------------------------------------
    Resolution: Duplicate

I believe the issue you're seeing has already been documented in GUACAMOLE-1691 
- basically the TOTP extension is incompatible with the "expire password" 
checkbox. See the discussion on that issue.

> Issue with New User Login – TOTP Setup Causes Initial Login Failure in 
> Guacamole 1.6.0 (Debian 12)
> --------------------------------------------------------------------------------------------------
>
>                 Key: GUACAMOLE-2105
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-2105
>             Project: Guacamole
>          Issue Type: Bug
>    Affects Versions: 1.6.0
>         Environment: Linux Debian 12
>            Reporter: Melvin Schmidt
>            Priority: Major
>
> We are currently experiencing a reproducible issue with Apache Guacamole 
> version 1.6.0 running on Debian 12 when creating new users. The login and 
> TOTP setup flow appears to be broken. The following sequence of events 
> describes the problem:
>  # A new user is created via the Guacamole admin interface.
>  # The user logs in for the first time and is prompted to set a new password.
>  # After setting the new password, the user is prompted to configure TOTP 
> (two-factor authentication).
>  # Once the TOTP setup is complete, there is a login error, and the user ist 
> redirected to the login page.
>  # Upon entering the newly set password the login fails with a “Verification 
> failed” error.
>  # After this failed login, the page results in a state where no login (for 
> any user) is possible.
>  # Only after reloading again and logging in with the newly set password is 
> possible.
>  # The user is prompted to set up TOTP again – the previously configured TOTP 
> is no longer valid.
>  # After the second TOTP setup, the user can log in successfully, and the 
> system behaves as expected from that point onward.
> We would appreciate any guidance on how to resolve this issue or if this is a 
> known bug in version 1.6.0.
> Thank you!



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to