mirror of
https://github.com/gyurix1968/guacamole-client.git
synced 2025-09-06 13:17:41 +00:00
GUACAMOLE-102: Initial addition of connection weight to JDBC authentication extension
This commit is contained in:
Nick Couchman
committed by
Nick Couchman
Nick Couchman
parent
91920d0b2d
commit
025f77d1c4
@@ -81,6 +81,17 @@ public abstract class JDBCEnvironment extends LocalEnvironment {
|
||||
* If an error occurs while retrieving the property.
|
||||
*/
|
||||
public abstract int getDefaultMaxConnections() throws GuacamoleException;
|
||||
|
||||
/**
|
||||
* Returns the connection weight for the purpose of WRR calculation
|
||||
*
|
||||
* @return
|
||||
* The weight of the connection.
|
||||
*
|
||||
* @throws GuacamoleException
|
||||
* If an error occurs while retrieving the property.
|
||||
*/
|
||||
public abstract int getConnectionWeight() throws GuacamoleException;
|
||||
|
||||
/**
|
||||
* Returns the default maximum number of concurrent connections to allow to
|
||||
|
||||
@@ -54,6 +54,13 @@ public class ConnectionModel extends ChildObjectModel {
|
||||
*/
|
||||
private Integer maxConnectionsPerUser;
|
||||
|
||||
/**
|
||||
* The weight of the connection for the purposes of calculating
|
||||
* WRR algorithm. null indicates nothing has been set, -1 indicates
|
||||
* the system is unavailable.
|
||||
*/
|
||||
private Integer connectionWeight;
|
||||
|
||||
/**
|
||||
* The identifiers of all readable sharing profiles associated with this
|
||||
* connection.
|
||||
@@ -164,6 +171,29 @@ public class ConnectionModel extends ChildObjectModel {
|
||||
return maxConnectionsPerUser;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the connection weight.
|
||||
*
|
||||
* @param connectionWeight
|
||||
* The weight of the connection. null is acceptable, -1 indicates the
|
||||
* connection should not be used.
|
||||
*/
|
||||
public void setConnectionWeight(Integer connectionWeight) {
|
||||
this.connectionWeight = connectionWeight;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the connection weight used in calculating the
|
||||
* WRR algorithm.
|
||||
*
|
||||
* @return
|
||||
* The connection weight. Null indicates no weight has been set,
|
||||
* -1 indicates that the system is unavailable.
|
||||
*/
|
||||
public Integer getConnectionWeight() {
|
||||
return connectionWeight;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the maximum number of connections that can be established to this
|
||||
* connection concurrently by any one user.
|
||||
|
||||
@@ -116,6 +116,11 @@ public class ModeledConnection extends ModeledChildDirectoryObject<ConnectionMod
|
||||
*/
|
||||
public static final String MAX_CONNECTIONS_PER_USER_NAME = "max-connections-per-user";
|
||||
|
||||
/**
|
||||
* The connection weight for the WRR algorithm.
|
||||
*/
|
||||
public static final String CONNECTION_WEIGHT = "connection-weight";
|
||||
|
||||
/**
|
||||
* All attributes related to restricting user accounts, within a logical
|
||||
* form.
|
||||
@@ -265,6 +270,9 @@ public class ModeledConnection extends ModeledChildDirectoryObject<ConnectionMod
|
||||
}
|
||||
}
|
||||
|
||||
// Set connection weight
|
||||
attributes.put(CONNECTION_WEIGHT, NumericField.format(getModel().getConnectionWeight()));
|
||||
|
||||
return attributes;
|
||||
}
|
||||
|
||||
@@ -310,6 +318,13 @@ public class ModeledConnection extends ModeledChildDirectoryObject<ConnectionMod
|
||||
else
|
||||
getModel().setProxyEncryptionMethod(null);
|
||||
|
||||
// Translate connection weight attribute
|
||||
try { getModel().setConnectionWeight(NumericField.parse(attributes.get(CONNECTION_WEIGHT))); }
|
||||
catch (NumberFormatException e) {
|
||||
logger.warn("Not setting the connection weight: {}", e.getMessage());
|
||||
logger.debug("Unable to parse numeric attribute.", e);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -394,6 +409,25 @@ public class ModeledConnection extends ModeledChildDirectoryObject<ConnectionMod
|
||||
encryptionMethod != null ? encryptionMethod : defaultConfig.getEncryptionMethod()
|
||||
);
|
||||
|
||||
/**
|
||||
* Returns the weight of the connection, or the default.
|
||||
*
|
||||
* @return
|
||||
* The weight of the connection.
|
||||
*
|
||||
* @throws GuacamoleException
|
||||
* If an error occurs while parsing the concurrency limit properties
|
||||
* specified within guacamole.properties.
|
||||
*/
|
||||
public int getConnectionWeight() throws GuacamoleException {
|
||||
|
||||
// Pull default from environment if weight is unset
|
||||
Integer value = getModel().getConnectionWeight();
|
||||
if (value == null)
|
||||
return environment.getDefaultConnectionWeight();
|
||||
|
||||
// Otherwise use defined value
|
||||
return value;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -33,6 +33,8 @@ import org.apache.guacamole.GuacamoleResourceConflictException;
|
||||
import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
|
||||
import org.apache.guacamole.auth.jdbc.connectiongroup.ModeledConnectionGroup;
|
||||
import org.apache.guacamole.auth.jdbc.user.RemoteAuthenticatedUser;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
|
||||
/**
|
||||
@@ -44,6 +46,11 @@ import org.apache.guacamole.auth.jdbc.user.RemoteAuthenticatedUser;
|
||||
public class RestrictedGuacamoleTunnelService
|
||||
extends AbstractGuacamoleTunnelService {
|
||||
|
||||
/**
|
||||
* Logger for this class.
|
||||
*/
|
||||
private static final Logger logger = LoggerFactory.getLogger(RestrictedGuacamoleTunnelService.class);
|
||||
|
||||
/**
|
||||
* The environment of the Guacamole server.
|
||||
*/
|
||||
@@ -166,20 +173,24 @@ public class RestrictedGuacamoleTunnelService
|
||||
protected ModeledConnection acquire(RemoteAuthenticatedUser user,
|
||||
List<ModeledConnection> connections) throws GuacamoleException {
|
||||
|
||||
logger.trace("Attempting to acquire a connection...");
|
||||
// Do not acquire connection unless within overall limits
|
||||
if (!tryIncrement(totalActiveConnections, environment.getAbsoluteMaxConnections()))
|
||||
throw new GuacamoleResourceConflictException("Cannot connect. Overall maximum connections reached.");
|
||||
|
||||
// Get username
|
||||
String username = user.getIdentifier();
|
||||
logger.trace("Username is: {}", username);
|
||||
|
||||
logger.trace("Sorting {} connections.", connections.size());
|
||||
// Sort connections in ascending order of usage
|
||||
ModeledConnection[] sortedConnections = connections.toArray(new ModeledConnection[connections.size()]);
|
||||
Arrays.sort(sortedConnections, new Comparator<ModeledConnection>() {
|
||||
|
||||
@Override
|
||||
public int compare(ModeledConnection a, ModeledConnection b) {
|
||||
|
||||
|
||||
logger.trace("Comparing {} to {}.", a.getName(), b.getName());
|
||||
return getActiveConnections(a).size()
|
||||
- getActiveConnections(b).size();
|
||||
|
||||
@@ -194,15 +205,18 @@ public class RestrictedGuacamoleTunnelService
|
||||
for (ModeledConnection connection : sortedConnections) {
|
||||
|
||||
// Attempt to aquire connection according to per-user limits
|
||||
logger.trace("Trying to grab a seat on this train: {}", connection.getName());
|
||||
Seat seat = new Seat(username, connection.getIdentifier());
|
||||
if (tryAdd(activeSeats, seat,
|
||||
connection.getMaxConnectionsPerUser())) {
|
||||
|
||||
logger.trace("Got a seat, trying to get the connection...");
|
||||
// Attempt to aquire connection according to overall limits
|
||||
if (tryAdd(activeConnections, connection.getIdentifier(),
|
||||
connection.getMaxConnections()))
|
||||
return connection;
|
||||
|
||||
logger.trace("Uh-oh, failed to get the connection...");
|
||||
// Acquire failed - retry with next connection
|
||||
activeSeats.remove(seat);
|
||||
|
||||
@@ -213,6 +227,7 @@ public class RestrictedGuacamoleTunnelService
|
||||
|
||||
}
|
||||
|
||||
logger.trace("Well, we failed to get a seat at all...");
|
||||
// Acquire failed
|
||||
totalActiveConnections.decrementAndGet();
|
||||
|
||||
|
||||
@@ -34,7 +34,6 @@ CREATE TABLE `guacamole_connection_group` (
|
||||
`max_connections_per_user` int(11),
|
||||
`enable_session_affinity` boolean NOT NULL DEFAULT 0,
|
||||
|
||||
|
||||
PRIMARY KEY (`connection_group_id`),
|
||||
UNIQUE KEY `connection_group_name_parent` (`connection_group_name`, `parent_id`),
|
||||
|
||||
@@ -65,6 +64,10 @@ CREATE TABLE `guacamole_connection` (
|
||||
-- Concurrency limits
|
||||
`max_connections` int(11),
|
||||
`max_connections_per_user` int(11),
|
||||
|
||||
-- Connection weight
|
||||
`connection_weight` int(11),
|
||||
|
||||
|
||||
PRIMARY KEY (`connection_id`),
|
||||
UNIQUE KEY `connection_name_parent` (`connection_name`, `parent_id`),
|
||||
|
||||
@@ -0,0 +1,25 @@
|
||||
--
|
||||
-- Licensed to the Apache Software Foundation (ASF) under one
|
||||
-- or more contributor license agreements. See the NOTICE file
|
||||
-- distributed with this work for additional information
|
||||
-- regarding copyright ownership. The ASF licenses this file
|
||||
-- to you under the Apache License, Version 2.0 (the
|
||||
-- "License"); you may not use this file except in compliance
|
||||
-- with the License. You may obtain a copy of the License at
|
||||
--
|
||||
-- http://www.apache.org/licenses/LICENSE-2.0
|
||||
--
|
||||
-- Unless required by applicable law or agreed to in writing,
|
||||
-- software distributed under the License is distributed on an
|
||||
-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
-- KIND, either express or implied. See the License for the
|
||||
-- specific language governing permissions and limitations
|
||||
-- under the License.
|
||||
--
|
||||
|
||||
--
|
||||
-- Add per-user password set date
|
||||
--
|
||||
|
||||
ALTER TABLE guacamole_connection
|
||||
ADD COLUMN connection_weight int(11);
|
||||
@@ -87,6 +87,11 @@ public class MySQLEnvironment extends JDBCEnvironment {
|
||||
*/
|
||||
private int DEFAULT_MAX_CONNECTIONS = 0;
|
||||
|
||||
/**
|
||||
* The default value for the connection weight for a connection in
|
||||
* a balancing group.
|
||||
private int DEFAULT_CONNECTION_WEIGHT = 0;
|
||||
|
||||
/**
|
||||
* The default value for the default maximum number of connections to be
|
||||
* allowed to any one connection group. Note that, as long as the legacy
|
||||
@@ -194,6 +199,14 @@ public class MySQLEnvironment extends JDBCEnvironment {
|
||||
);
|
||||
}
|
||||
|
||||
@Override
|
||||
public int getDefaultConnectionWeight() throws GuacamoleException {
|
||||
return getProperty(
|
||||
MySQLGuacamoleProperties.MYSQL_DEFAULT_CONNECTION_WEIGHT,
|
||||
DEFAULT_CONNECTION_WEIGHT
|
||||
);
|
||||
}
|
||||
|
||||
@Override
|
||||
public int getDefaultMaxGroupConnections() throws GuacamoleException {
|
||||
return getProperty(
|
||||
|
||||
@@ -174,6 +174,18 @@ public class MySQLGuacamoleProperties {
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* The connection weight for connections in balancing groups.
|
||||
*/
|
||||
public static final IntegerGuacamoleProperty
|
||||
MYSQL_DEFAULT_CONNECTION_WEIGHT =
|
||||
new IntegerGuacamoleProperty() {
|
||||
|
||||
@Overide
|
||||
public String getName() { return "mysql-default-connection-weight"; }
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* The maximum number of concurrent connections to allow to any one
|
||||
* connection group by an individual user. Zero denotes
|
||||
|
||||
@@ -87,6 +87,11 @@ public class PostgreSQLEnvironment extends JDBCEnvironment {
|
||||
*/
|
||||
private int DEFAULT_MAX_CONNECTIONS = 0;
|
||||
|
||||
/**
|
||||
* The default value for the connection weight for a connection in
|
||||
* a balancing group.
|
||||
private int DEFAULT_CONNECTION_WEIGHT = 0;
|
||||
|
||||
/**
|
||||
* The default value for the default maximum number of connections to be
|
||||
* allowed to any one connection group. Note that, as long as the legacy
|
||||
@@ -194,6 +199,14 @@ public class PostgreSQLEnvironment extends JDBCEnvironment {
|
||||
);
|
||||
}
|
||||
|
||||
@Override
|
||||
public int getDefaultConnectionWeight() throws GuacamoleException {
|
||||
return getProperty(
|
||||
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_CONNECTION_WEIGHT,
|
||||
DEFAULT_CONNECTION_WEIGHT
|
||||
);
|
||||
}
|
||||
|
||||
@Override
|
||||
public int getDefaultMaxGroupConnections() throws GuacamoleException {
|
||||
return getProperty(
|
||||
|
||||
@@ -157,6 +157,15 @@ public class PostgreSQLGuacamoleProperties {
|
||||
|
||||
};
|
||||
|
||||
public static final IntegerGuacamoleProperty
|
||||
POSTGRESQL_DEFAULT_CONNECTION_WEIGHT =
|
||||
new IntegerGuacamoleProperty() {
|
||||
|
||||
@Override
|
||||
public String getName() { return "postgresql-default-connection-weight"; }
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* The maximum number of concurrent connections to allow to any one
|
||||
* connection group. Zero denotes unlimited.
|
||||
|
||||
@@ -37,6 +37,7 @@
|
||||
<result column="proxy_port" property="proxyPort" jdbcType="INTEGER"/>
|
||||
<result column="proxy_encryption_method" property="proxyEncryptionMethod" jdbcType="VARCHAR"
|
||||
javaType="org.apache.guacamole.net.auth.GuacamoleProxyConfiguration$EncryptionMethod"/>
|
||||
<result column="connection_weight" property="connectionWeight" jdbcType="INTEGER"/>
|
||||
|
||||
<!-- Associated sharing profiles -->
|
||||
<collection property="sharingProfileIdentifiers" resultSet="sharingProfiles" ofType="java.lang.String"
|
||||
@@ -95,7 +96,8 @@
|
||||
max_connections_per_user,
|
||||
proxy_hostname,
|
||||
proxy_port,
|
||||
proxy_encryption_method
|
||||
proxy_encryption_method,
|
||||
connection_weight
|
||||
FROM guacamole_connection
|
||||
WHERE connection_id IN
|
||||
<foreach collection="identifiers" item="identifier"
|
||||
@@ -126,7 +128,8 @@
|
||||
max_connections_per_user,
|
||||
proxy_hostname,
|
||||
proxy_port,
|
||||
proxy_encryption_method
|
||||
proxy_encryption_method,
|
||||
connection_weight
|
||||
FROM guacamole_connection
|
||||
JOIN guacamole_connection_permission ON guacamole_connection_permission.connection_id = guacamole_connection.connection_id
|
||||
WHERE guacamole_connection.connection_id IN
|
||||
@@ -162,7 +165,8 @@
|
||||
max_connections_per_user,
|
||||
proxy_hostname,
|
||||
proxy_port,
|
||||
proxy_encryption_method
|
||||
proxy_encryption_method,
|
||||
connection_weight
|
||||
FROM guacamole_connection
|
||||
WHERE
|
||||
<if test="parentIdentifier != null">parent_id = #{parentIdentifier,jdbcType=INTEGER}::integer</if>
|
||||
@@ -189,7 +193,8 @@
|
||||
max_connections_per_user,
|
||||
proxy_hostname,
|
||||
proxy_port,
|
||||
proxy_encryption_method
|
||||
proxy_encryption_method,
|
||||
connection_weight
|
||||
)
|
||||
VALUES (
|
||||
#{object.name,jdbcType=VARCHAR},
|
||||
@@ -199,7 +204,8 @@
|
||||
#{object.maxConnectionsPerUser,jdbcType=INTEGER},
|
||||
#{object.proxyHostname,jdbcType=VARCHAR},
|
||||
#{object.proxyPort,jdbcType=INTEGER},
|
||||
#{object.proxyEncryptionMethod,jdbcType=VARCHAR}::guacamole_proxy_encryption_method
|
||||
#{object.proxyEncryptionMethod,jdbcType=VARCHAR}::guacamole_proxy_encryption_method,
|
||||
#{object.connectionWeight,jdbcType=INTEGER}
|
||||
)
|
||||
|
||||
</insert>
|
||||
@@ -214,7 +220,8 @@
|
||||
max_connections_per_user = #{object.maxConnectionsPerUser,jdbcType=INTEGER},
|
||||
proxy_hostname = #{object.proxyHostname,jdbcType=VARCHAR},
|
||||
proxy_port = #{object.proxyPort,jdbcType=INTEGER},
|
||||
proxy_encryption_method = #{object.proxyEncryptionMethod,jdbcType=VARCHAR}::guacamole_proxy_encryption_method
|
||||
proxy_encryption_method = #{object.proxyEncryptionMethod,jdbcType=VARCHAR}::guacamole_proxy_encryption_method,
|
||||
connection_weight = #{object.connectionWeight,jdbcType=INTEGER}
|
||||
WHERE connection_id = #{object.objectID,jdbcType=INTEGER}::integer
|
||||
</update>
|
||||
|
||||
|
||||
Reference in New Issue
Block a user