GUACAMOLE-221: Ensure the underlying protocol is exposed for database-driven connections.

The protocol associated with a tunnel should be correctly set regardless of whether the tunnel results from a Connection, ConnectionGroup, or ActiveConnection.
2025-09-06 05:07:41 +00:00 · 2020-11-24 01:00:41 -08:00
parent 7e1be61bed
commit 483c01a6ac
1 changed files with 34 additions and 68 deletions
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/tunnel/AbstractGuacamoleTunnelService.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/tunnel/AbstractGuacamoleTunnelService.java
@@ -201,87 +201,54 @@ public abstract class AbstractGuacamoleTunnelService implements GuacamoleTunnelS
            ModeledConnectionGroup connectionGroup);
    /**
-     * Returns a guacamole configuration containing the protocol and parameters
+     * Returns a GuacamoleConfiguration which connects to the given connection.
-     * from the given connection. If the ID of an active connection is
+     * If the ID of an active connection is provided, that active connection
-     * provided, that connection will be joined instead of starting a new
+     * will be joined rather than establishing an entirely new connection. If
-     * primary connection. If tokens are used in the connection parameter
+     * a sharing profile is provided, the parameters associated with that
-     * values, credentials from the given user will be substituted
+     * sharing profile will be used to define the access provided to the user
-     * appropriately.
+     * accessing the shared connection. If tokens are used in the connection
-     *
+     * parameter values of the sharing profile, credentials from the given user
-     * @param user
+     * will be substituted appropriately.
     *     The user whose credentials should be used if necessary.
     *
     * @param connection
-     *     The connection whose protocol and parameters should be added to the
+     *     The connection that the user is connecting to.
     *     returned configuration.
     *
     * @param connectionID
-     *     The ID of the active connection to be joined, as returned by guacd,
+     *     The ID of the active connection being joined, as provided by guacd
-     *     or null if a new primary connection should be established.
+     *     when the original connection was established, or null if a new
-     *
+     *     connection should be established instead.
     * @return
     *     A GuacamoleConfiguration containing the protocol and parameters from
     *     the given connection.
     */
    private GuacamoleConfiguration getGuacamoleConfiguration(RemoteAuthenticatedUser user,
            ModeledConnection connection, String connectionID) {
        // Generate configuration from available data
        GuacamoleConfiguration config = new GuacamoleConfiguration();
        // Join existing active connection, if any
        if (connectionID != null)
            config.setConnectionID(connectionID);
        // Set protocol from connection if not joining an active connection
        else {
            ConnectionModel model = connection.getModel();
            config.setProtocol(model.getProtocol());
        }
        // Set parameters from associated data
        Collection<ConnectionParameterModel> parameters = connectionParameterMapper.select(connection.getIdentifier());
        for (ConnectionParameterModel parameter : parameters)
            config.setParameter(parameter.getName(), parameter.getValue());
        return config;
    }
    /**
     * Returns a guacamole configuration which joins the active connection
     * having the given ID, using the provided sharing profile to restrict the
     * access provided to the user accessing the shared connection. If tokens
     * are used in the connection parameter values of the sharing profile,
     * credentials from the given user will be substituted appropriately.
     *
     * @param user
     *     The user whose credentials should be used if necessary.
     *
     * @param sharingProfile
     *     The sharing profile whose associated parameters dictate the level
-     *     of access granted to the user joining the connection.
+     *     of access granted to the user joining the connection, or null if the
-     *
+     *     parameters associated with the connection should be used.
     * @param connectionID
     *     The ID of the connection being joined, as provided by guacd when the
     *     original connection was established, or null if a new connection
     *     should be created instead.
     *
     * @return
-     *     A GuacamoleConfiguration containing the protocol and parameters from
+     *     A GuacamoleConfiguration defining the requested, possibly shared
-     *     the given connection.
+     *     connection.
     */
-    private GuacamoleConfiguration getGuacamoleConfiguration(RemoteAuthenticatedUser user,
+    private GuacamoleConfiguration getGuacamoleConfiguration(
-            ModeledSharingProfile sharingProfile, String connectionID) {
+            ModeledConnection connection, String connectionID,
            ModeledSharingProfile sharingProfile) {
        ConnectionModel model = connection.getModel();
        // Generate configuration from available data
        GuacamoleConfiguration config = new GuacamoleConfiguration();
        config.setProtocol(model.getProtocol());
        config.setConnectionID(connectionID);
        // Set parameters from associated data
-        Collection<SharingProfileParameterModel> parameters = sharingProfileParameterMapper.select(sharingProfile.getIdentifier());
+        if (sharingProfile != null) {
-        for (SharingProfileParameterModel parameter : parameters)
+            Collection<SharingProfileParameterModel> parameters = sharingProfileParameterMapper.select(sharingProfile.getIdentifier());
-            config.setParameter(parameter.getName(), parameter.getValue());
+            for (SharingProfileParameterModel parameter : parameters)
                config.setParameter(parameter.getName(), parameter.getValue());
        }
        else {
            Collection<ConnectionParameterModel> parameters = connectionParameterMapper.select(connection.getIdentifier());
            for (ConnectionParameterModel parameter : parameters)
                config.setParameter(parameter.getName(), parameter.getValue());
        }
        return config;
@@ -488,7 +455,7 @@ public abstract class AbstractGuacamoleTunnelService implements GuacamoleTunnelS
            if (activeConnection.isPrimaryConnection()) {
                activeConnections.put(connection.getIdentifier(), activeConnection);
                activeConnectionGroups.put(connection.getParentIdentifier(), activeConnection);
-                config = getGuacamoleConfiguration(activeConnection.getUser(), connection, activeConnection.getConnectionID());
+                config = getGuacamoleConfiguration(connection, activeConnection.getConnectionID(), null);
            }
            // If we ARE joining an active connection under the restrictions of
@@ -502,8 +469,7 @@ public abstract class AbstractGuacamoleTunnelService implements GuacamoleTunnelS
                // Build configuration from the sharing profile and the ID of
                // the connection being joined
-                config = getGuacamoleConfiguration(activeConnection.getUser(),
+                config = getGuacamoleConfiguration(connection, connectionID, activeConnection.getSharingProfile());
                        activeConnection.getSharingProfile(), connectionID);
            }