From 01f8b4c596f2f20293dae43d75e5399dd0f16998 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Mon, 28 Jan 2013 12:21:41 -0800 Subject: [PATCH] Implement simple authentication provider base class (for convenience and testing). --- .../simple/SimpleAuthenticationProvider.java | 100 ++++++++++++++++ ...SimpleGuacamoleConfigurationDirectory.java | 97 +++++++++++++++ .../guacamole/net/auth/simple/SimpleUser.java | 65 ++++++++++ .../net/auth/simple/SimpleUserContext.java | 113 ++++++++++++++++++ 4 files changed, 375 insertions(+) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleAuthenticationProvider.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleAuthenticationProvider.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleAuthenticationProvider.java new file mode 100644 index 000000000..644f5526c --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleAuthenticationProvider.java @@ -0,0 +1,100 @@ + +package net.sourceforge.guacamole.net.auth.simple; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-auth. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import java.util.Map; +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.net.auth.AuthenticationProvider; +import net.sourceforge.guacamole.net.auth.Credentials; +import net.sourceforge.guacamole.net.auth.User; +import net.sourceforge.guacamole.net.auth.UserContext; +import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; + + +/** + * Provides means of retrieving a set of named GuacamoleConfigurations for a + * given Credentials object. This is a simple AuthenticationProvider + * implementation intended to be easily extended. It is useful for simple + * authentication situations where access to web-based administration and + * complex users and permissions are not required. + * + * The interface provided by SimpleAuthenticationProvider is similar to that of + * the AuthenticationProvider interface of older Guacamole releases. + * + * @author Michael Jumper + */ +public abstract class SimpleAuthenticationProvider + implements AuthenticationProvider { + + /** + * Given an arbitrary credentials object, returns a Map containing all + * configurations authorized by those credentials. The keys of this Map + * are Strings which uniquely identify each configuration. + * + * @param credentials The credentials to use to retrieve authorized + * configurations. + * @return A Map of all configurations authorized by the given credentials, + * or null if the credentials given are not authorized. + * @throws GuacamoleException If an error occurs while retrieving + * configurations. + */ + public abstract Map + getAuthorizedConfigurations(Credentials credentials) + throws GuacamoleException; + + @Override + public UserContext getUserContext(Credentials credentials) + throws GuacamoleException { + + // Get configurations + Map configs = + getAuthorizedConfigurations(credentials); + + // Return as unauthorized if not authorized to retrieve configs + if (configs == null) + return null; + + // Build new user from credentials + User user = new SimpleUser(credentials.getUsername()); + + // Return user context restricted to authorized configs + return new SimpleUserContext(user, configs); + + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java new file mode 100644 index 000000000..28057d2fd --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java @@ -0,0 +1,97 @@ + +package net.sourceforge.guacamole.net.auth.simple; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-auth. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import java.util.Map; +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.GuacamoleSecurityException; +import net.sourceforge.guacamole.net.auth.GuacamoleConfigurationDirectory; +import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; + + +/** + * An extremely simple read-only implementation of a + * GuacamoleConfigurationDirectory which provides access to a pre-defined + * Map of GuacamoleConfigurations. + * + * @author Michael Jumper + */ +public class SimpleGuacamoleConfigurationDirectory + implements GuacamoleConfigurationDirectory { + + /** + * The Map of GuacamoleConfigurations to provide access to. + */ + private Map configs; + + /** + * Creates a new SimpleGuacamoleConfigurationDirectory which provides + * access to the configurations contained within the given Map. + * + * @param configs The Map of GuacamoleConfigurations to provide access to. + */ + public SimpleGuacamoleConfigurationDirectory( + Map configs) { + this.configs = configs; + } + + @Override + public Map getConfigurations() + throws GuacamoleException { + return configs; + } + + @Override + public void addConfiguration(String identifier, + GuacamoleConfiguration config) throws GuacamoleException { + throw new GuacamoleSecurityException("Permission denied."); + } + + @Override + public void updateConfiguration(String identifier, + GuacamoleConfiguration config) throws GuacamoleException { + throw new GuacamoleSecurityException("Permission denied."); + } + + @Override + public void removeConfiguration(String identifier) + throws GuacamoleException { + throw new GuacamoleSecurityException("Permission denied."); + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java new file mode 100644 index 000000000..5d60845f1 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java @@ -0,0 +1,65 @@ + +package net.sourceforge.guacamole.net.auth.simple; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-auth. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import net.sourceforge.guacamole.net.auth.AbstractUser; + + +/** + * An extremely basic User implementation. + * + * @author Michael Jumper + */ +public class SimpleUser extends AbstractUser { + + /** + * Creates a completely uninitialized SimpleUser. + */ + public SimpleUser() { + } + + /** + * Creates a new SimpleUser having the given username. + * + * @param username The username to assign to this SimpleUser. + */ + public SimpleUser(String username) { + setUsername(username); + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java new file mode 100644 index 000000000..e3fae3122 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java @@ -0,0 +1,113 @@ + +package net.sourceforge.guacamole.net.auth.simple; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import java.util.Map; +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.GuacamoleSecurityException; +import net.sourceforge.guacamole.net.auth.GuacamoleConfigurationDirectory; +import net.sourceforge.guacamole.net.auth.PermissionDirectory; +import net.sourceforge.guacamole.net.auth.User; +import net.sourceforge.guacamole.net.auth.UserContext; +import net.sourceforge.guacamole.net.auth.UserDirectory; +import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; + +/** + * An extremely simple UserContext implementation which provides access to + * a defined and restricted set of GuacamoleConfigurations. Access to + * querying or modifying either users or permissions is denied. + * + * @author Michael Jumper + */ +public class SimpleUserContext implements UserContext { + + /** + * Reference to the user whose permissions dictate the configurations + * accessible within this UserContext. + */ + private final User self; + + /** + * The GuacamoleConfigurationDirectory with access only to those + * configurations that the User associated with this UserContext has + * read access to. + */ + private final GuacamoleConfigurationDirectory configDirectory; + + /** + * Creates a new SimpleUserContext which provides access to only those + * configurations within the given Map. The User given must be the user + * that owns this UserContext, and the Map given must contain only + * GuacamoleConfigurations that the given User has read access to. + * + * @param self The owner of this UserContext. + * @param configs A Map of all configurations for which the user associated + * with this UserContext has read access. + */ + public SimpleUserContext(User self, + Map configs) { + + this.self = self; + this.configDirectory = + new SimpleGuacamoleConfigurationDirectory(configs); + + } + + @Override + public User self() { + return self; + } + + @Override + public GuacamoleConfigurationDirectory getGuacamoleConfigurationDirectory() + throws GuacamoleException { + return configDirectory; + } + + @Override + public UserDirectory getUserDirectory() throws GuacamoleException { + throw new GuacamoleSecurityException("Permission denied."); + } + + @Override + public PermissionDirectory getPermissionDirectory() + throws GuacamoleException { + throw new GuacamoleSecurityException("Permission denied."); + } + +}