GUACAMOLE-1239: Make identifier comparison case-insensitive.

2025-09-06 05:07:41 +00:00 · 2023-07-18 17:26:40 -04:00
parent 073d1d476e
commit 4d5101574a
43 changed files with 853 additions and 12 deletions
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCEnvironment.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCEnvironment.java
@@ -271,5 +271,18 @@ public abstract class JDBCEnvironment extends DelegatingEnvironment {
        return true;

    }
+    
+    /**
+     * Returns a boolean value that indicates whether or not usernames should
+     * be treated as case-sensitive.
+     * 
+     * @return
+     *     true if usernames should be treated as case-sensitive, or false if
+     *     usernames should be treated as case-insensitive.
+     * 
+     * @throws GuacamoleException 
+     *     If guacamole.properties cannot be parsed.
+     */
+    public abstract boolean getCaseSensitiveUsernames() throws GuacamoleException;

 }
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/ModeledAuthenticatedUser.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/ModeledAuthenticatedUser.java
@@ -194,5 +194,10 @@ public class ModeledAuthenticatedUser extends RemoteAuthenticatedUser {
    public boolean isPrivileged() throws GuacamoleException {
        return getUser().isPrivileged();
    }
+    
+    @Override
+    public boolean isCaseSensitive() {
+        return user.isCaseSensitive();
+    }

 }
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/ModeledUser.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/ModeledUser.java
@@ -36,6 +36,7 @@ import java.util.TimeZone;
 import org.apache.guacamole.auth.jdbc.security.PasswordEncryptionService;
 import org.apache.guacamole.auth.jdbc.security.SaltService;
 import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
 import org.apache.guacamole.auth.jdbc.base.ModeledPermissions;
 import org.apache.guacamole.form.BooleanField;
 import org.apache.guacamole.form.DateField;
@@ -180,6 +181,13 @@ public class ModeledUser extends ModeledPermissions<UserModel> implements User {
     */
    @Inject
    private Provider<UserRecordSet> userRecordSetProvider;
+    
+    /**
+     * The environment associated with this instance of the JDBC authentication
+     * module.
+     */
+    @Inject
+    private JDBCEnvironment environment;

    /**
     * Whether attributes which control access restrictions should be exposed
@@ -780,5 +788,15 @@ public class ModeledUser extends ModeledPermissions<UserModel> implements User {
    public boolean isSkeleton() {
        return (getModel().getEntityID() == null);
    }
+    
+    @Override
+    public boolean isCaseSensitive() {
+        try {
+            return environment.getCaseSensitiveUsernames();
+        }
+        catch (GuacamoleException e) {
+            return true;
+        }
+    }

 }