From 85dae9e52a80d169584f3341e62fddf855d6942f Mon Sep 17 00:00:00 2001
From: Michael Jumper <mike.jumper@guac-dev.org>
Date: Wed, 3 Jun 2015 00:35:10 -0700
Subject: [PATCH] GUAC-1176: Clear passwords if credentials are rejected for
 any reason (even client error). Flag generic login error only for
 specifically invalid credentials.

---
 guacamole/src/main/webapp/app/login/directives/login.js | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/guacamole/src/main/webapp/app/login/directives/login.js b/guacamole/src/main/webapp/app/login/directives/login.js
index fd05d4be3..26316830c 100644
--- a/guacamole/src/main/webapp/app/login/directives/login.js
+++ b/guacamole/src/main/webapp/app/login/directives/login.js
@@ -123,9 +123,12 @@ angular.module('login').directive('guacLogin', [function guacLogin() {
             // Reset upon failure
             ['catch'](function loginFailed(error) {
 
-                // Clear out passwords and flag error if credentials are invalid
-                if (error.type === Error.Type.INVALID_CREDENTIALS) {
+                // Flag generic error for invalid login
+                if (error.type === Error.Type.INVALID_CREDENTIALS)
                     $scope.loginError = true;
+
+                // Clear out passwords if the credentials were rejected for any reason
+                if (error.type !== Error.Type.INSUFFICIENT_CREDENTIALS) {
                     angular.forEach($scope.form, function clearEnteredValueIfPassword(field) {
 
                         // Remove entered value only if field is a password field