safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-10 15:11:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUAC-832: Use "enable-http-auth" property to control whether the "Authorization" header is considered during authentication.

Browse Source
This commit is contained in:
Michael Jumper
2014-08-22 14:47:21 -07:00
parent 045d5375e3
commit 2db4a783d7
2 changed files with 27 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/AuthenticatingHttpServlet.java
View File

@@ -91,15 +91,26 @@ public abstract class AuthenticatingHttpServlet extends HttpServlet {
*/ */
private AuthenticationProvider authProvider; private AuthenticationProvider authProvider;
/**
* Whether HTTP authentication should be used (the "Authorization" header).
*/
private boolean useHttpAuthentication;
@Override @Override
public void init() throws ServletException { public void init() throws ServletException {
// Get auth provider instance // Parse Guacamole configuration
try { try {
// Get auth provider instance
authProvider = GuacamoleProperties.getRequiredProperty(BasicGuacamoleProperties.AUTH_PROVIDER); authProvider = GuacamoleProperties.getRequiredProperty(BasicGuacamoleProperties.AUTH_PROVIDER);
// Enable HTTP auth, if requested
useHttpAuthentication = GuacamoleProperties.getProperty(BasicGuacamoleProperties.ENABLE_HTTP_AUTH, false);
} }
catch (GuacamoleException e) { catch (GuacamoleException e) {
logger.error("Error getting authentication provider from properties.", e); logger.error("Error reading Guacamole configuration.", e);
throw new ServletException(e); throw new ServletException(e);
} }
@@ -283,7 +294,7 @@ public abstract class AuthenticatingHttpServlet extends HttpServlet {
String password = request.getParameter("password"); String password = request.getParameter("password");
// If no username/password given, try Authorization header // If no username/password given, try Authorization header
if (username == null && password == null) { if (useHttpAuthentication && username == null && password == null) {
String authorization = request.getHeader("Authorization"); String authorization = request.getHeader("Authorization");
if (authorization != null && authorization.startsWith("Basic ")) { if (authorization != null && authorization.startsWith("Basic ")) {

13
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/properties/BasicGuacamoleProperties.java
View File

@@ -22,6 +22,7 @@
package org.glyptodon.guacamole.net.basic.properties; package org.glyptodon.guacamole.net.basic.properties;
import org.glyptodon.guacamole.properties.BooleanGuacamoleProperty;
import org.glyptodon.guacamole.properties.FileGuacamoleProperty; import org.glyptodon.guacamole.properties.FileGuacamoleProperty;
import org.glyptodon.guacamole.properties.LongGuacamoleProperty; import org.glyptodon.guacamole.properties.LongGuacamoleProperty;
@@ -48,6 +49,18 @@ public class BasicGuacamoleProperties {
}; };
/**
* Whether HTTP "Authorization" headers should be taken into account when
* authenticating the user. By default, "Authorization" headers are
* ignored.
*/
public static final BooleanGuacamoleProperty ENABLE_HTTP_AUTH = new BooleanGuacamoleProperty() {
@Override
public String getName() { return "enable-http-auth"; }
};
/** /**
* The directory to search for authentication provider classes. * The directory to search for authentication provider classes.
*/ */