From 1cfd2ee8356a55dae903d313bab81f6683701485 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Fri, 21 Jan 2022 15:23:41 -0800 Subject: [PATCH] GUACAMOLE-641: Index records by username ONLY if not related to a hostname. Doing otherwise would mean that a particular user would never be able to be associated with a specific password/key by their username if they have any explicit server-specific account. --- .../apache/guacamole/vault/ksm/secret/KsmClient.java | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/extensions/guacamole-vault/modules/guacamole-vault-ksm/src/main/java/org/apache/guacamole/vault/ksm/secret/KsmClient.java b/extensions/guacamole-vault/modules/guacamole-vault-ksm/src/main/java/org/apache/guacamole/vault/ksm/secret/KsmClient.java index 64a2c6746..4812b904c 100644 --- a/extensions/guacamole-vault/modules/guacamole-vault-ksm/src/main/java/org/apache/guacamole/vault/ksm/secret/KsmClient.java +++ b/extensions/guacamole-vault/modules/guacamole-vault-ksm/src/main/java/org/apache/guacamole/vault/ksm/secret/KsmClient.java @@ -238,11 +238,15 @@ public class KsmClient { // Store based on UID ... cachedRecordsByUid.put(record.getRecordUid(), record); - // ... and hostname/address ... - addRecordForHost(record, recordService.getHostname(record)); + // ... and hostname/address + String hostname = recordService.getHostname(record); + addRecordForHost(record, hostname); - // ... and username - addRecordForLogin(record, recordService.getUsername(record)); + // Store based on username ONLY if no hostname (will otherwise + // result in ambiguous entries for servers tied to identical + // accounts) + if (hostname == null) + addRecordForLogin(record, recordService.getUsername(record)); });