[
https://issues.apache.org/jira/browse/GUACAMOLE-839?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17702914#comment-17702914
]
Nick Couchman commented on GUACAMOLE-839:
-----------------------------------------
[~mjumper]: FYI, I've run into a regression with the changes committed to the
master branch as part of this issue. Specifically, when using any module that
throws GuacamoleInsufficientCredentialsException, where additional credentials
are expected, when you try to submit the second set of credentials (e.g. TOTP
code), you get a JavaScript error:
{code:javascript}
angular.min.js:129 RangeError: Maximum call stack size exceeded
at jt (jquery.min.js:2:73536)
at jt (jquery.min.js:2:73723)
at jt (jquery.min.js:2:73723)
at jt (jquery.min.js:2:73723)
at jt (jquery.min.js:2:73723)
at jt (jquery.min.js:2:73723)
at jt (jquery.min.js:2:73723)
at jt (jquery.min.js:2:73723)
at jt (jquery.min.js:2:73723)
at jt (jquery.min.js:2:73723)
(anonymous) @ angular.min.js:129
(anonymous) @ guacamole.0c58c92….js:39653
(anonymous) @ angular.min.js:141
$digest @ angular.min.js:153
$apply @ angular.min.js:156
(anonymous) @ angular.min.js:200
dispatch @ jquery.min.js:2
y.handle @ jquery.min.js:2
{code}
I've bisected it down to this particular commit:
{code:bash}
b6ce4776258ba5366a852b6dc950fb55306c28b1 is the first bad commit
commit b6ce4776258ba5366a852b6dc950fb55306c28b1
Author: Michael Jumper <mjum...@apache.org>
Date: Fri Jan 27 13:49:18 2023 -0800
GUACAMOLE-839: Support deferred retrieval of authentication parameters.
.../src/app/auth/service/authenticationService.js | 86 +++++++++++++---------
1 file changed, 50 insertions(+), 36 deletions(-)
{code}
I haven't looked at those specific changes to see what might cause it, but
almost looks like there's an infinite loop or infinite recursion in there
somewhere.
> Add support for smart card authentication
> -----------------------------------------
>
> Key: GUACAMOLE-839
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-839
> Project: Guacamole
> Issue Type: New Feature
> Components: guacamole-client
> Reporter: Bastian Machek
> Assignee: Mike Jumper
> Priority: Minor
> Fix For: 1.6.0
>
>
> Similar to the other supported SSO mechanisms like SAML and OpenID, the
> Guacamole web application should provide for authentication of users using
> smart cards (and similar hardware devices). Leveraging SSL/TLS client
> authentication, it should be possible to allow users to sign in with any
> hardware device supported by their browser as long as those devices contain a
> certificate that was signed by a certificate authority that the administrator
> has configured the Guacamole webapp to accept.
> *NOTE:* This is only related to authentication with the web application. The
> concept of authenticating with remote desktop services using smart cards is
> very separate and would likely involve adding support for Kerberos or somehow
> directly interacting with the card reader over USB.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
