Joonas Tuomisto created GUACAMOLE-1233:
------------------------------------------
Summary: Add UI support for TOTP resets
Key: GUACAMOLE-1233
URL: https://issues.apache.org/jira/browse/GUACAMOLE-1233
Project: Guacamole
Issue Type: Improvement
Components: guacamole-auth-totp, guacamole-client
Affects Versions: 1.2.0, 1.1.0
Reporter: Joonas Tuomisto
Currently there is no functionality in the UI to reset a user's TOTP
enrollment. If a user changes devices or uninstalls the TOTP application from
their phone etc., Guacamole administrators have no UI for clearing the TOTP
secret from the database so users can re-enroll. In a larger deployment this is
of course a significant support scenario and a supportability concern as no UI
for it exists.
Ideally the "edit user" page should contain a button such as "Reset TOTP" that
would allow an administrator to clear the user's TOTP enrollment from the
guacamole_user_attribute table.
My personal solution to this issue was a bash script that directly executes SQL
against the Guacamole database (which obviously requires shell access to the
database server) and a custom web server/-ice that provides a web interface to
do the same with LDAP (AD) integrated login (as I can't write Java I couldn't
implement this directly into Guacamole).
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
