GUACAMOLE-641: Log primary sources of configuration information.

2025-09-06 05:07:41 +00:00 · 2020-08-25 17:25:27 -07:00
parent c54f126824
commit 4dd2a80c84
6 changed files with 85 additions and 11 deletions
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/DynamicallyAuthenticatedDataSource.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/DynamicallyAuthenticatedDataSource.java
@@ -0,0 +1,76 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.jdbc;
+
+import com.google.inject.Inject;
+import com.google.inject.Singleton;
+import com.google.inject.name.Named;
+import java.sql.Connection;
+import java.sql.SQLException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.ibatis.datasource.pooled.PooledDataSource;
+import org.apache.ibatis.datasource.unpooled.UnpooledDataSource;
+
+/**
+ * Pooled DataSource implementation which dynamically retrieves the database
+ * username and password from the Guacamole server environment each time a
+ * new database connection is created.
+ */
+@Singleton
+public class DynamicallyAuthenticatedDataSource extends PooledDataSource {
+
+    /**
+     * Creates a new DynamicallyAuthenticatedDataSource which dynamically
+     * retrieves database credentials from the given JDBCEnvironment each time
+     * a new database connection is needed.
+     *
+     * @param environment
+     *     The JDBCEnvironment that should be used to retrieve database
+     *     credentials.
+     *
+     * @param driverClassLoader
+     * @param driver
+     * @param url
+     */
+    @Inject
+    public DynamicallyAuthenticatedDataSource(JDBCEnvironment environment,
+            @Named(value="JDBC.driverClassLoader") ClassLoader driverClassLoader,
+            @Named(value="JDBC.driver") String driver,
+            @Named(value="JDBC.url") String url) {
+
+        // Wrap unpooled DataSource, overriding the connection process such
+        // that credentials are dynamically retrieved from the JDBCEnvironment
+        super(new UnpooledDataSource(driverClassLoader, driver, url, null, null) {
+
+            @Override
+            public Connection getConnection() throws SQLException {
+                try {
+                    return super.getConnection(environment.getUsername(), environment.getPassword());
+                }
+                catch (GuacamoleException e) {
+                    throw new SQLException("Retrieval of database credentials failed.", e);
+                }
+            }
+
+        });
+
+    }
+
+}
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderModule.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderModule.java
@@ -20,6 +20,7 @@
 package org.apache.guacamole.auth.jdbc;

 import com.google.inject.Scopes;
+import javax.sql.DataSource;
 import org.apache.guacamole.auth.jdbc.user.ModeledUserContext;
 import org.apache.guacamole.auth.jdbc.connectiongroup.RootConnectionGroup;
 import org.apache.guacamole.auth.jdbc.connectiongroup.ModeledConnectionGroup;
@@ -90,7 +91,6 @@ import org.apache.guacamole.auth.jdbc.usergroup.UserGroupMemberUserMapper;
 import org.apache.guacamole.auth.jdbc.usergroup.UserGroupParentUserGroupMapper;
 import org.apache.guacamole.auth.jdbc.usergroup.UserGroupService;
 import org.mybatis.guice.MyBatisModule;
-import org.mybatis.guice.datasource.builtin.PooledDataSourceProvider;
 import org.apache.guacamole.auth.jdbc.user.UserParentUserGroupMapper;

 /**
@@ -121,7 +121,7 @@ public class JDBCAuthenticationProviderModule extends MyBatisModule {
    protected void initialize() {
        
        // Datasource
-        bindDataSourceProviderType(PooledDataSourceProvider.class);
+        bind(DataSource.class).to(DynamicallyAuthenticatedDataSource.class);
        
        // Transaction factory
        bindTransactionFactoryType(JdbcTransactionFactory.class);
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/java/org/apache/guacamole/auth/mysql/MySQLAuthenticationProviderModule.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/java/org/apache/guacamole/auth/mysql/MySQLAuthenticationProviderModule.java
@@ -72,8 +72,6 @@ public class MySQLAuthenticationProviderModule implements Module {
        myBatisProperties.setProperty("JDBC.host", environment.getMySQLHostname());
        myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getMySQLPort()));
        myBatisProperties.setProperty("JDBC.schema", environment.getMySQLDatabase());
-        myBatisProperties.setProperty("JDBC.username", environment.getUsername());
-        myBatisProperties.setProperty("JDBC.password", environment.getPassword());
        myBatisProperties.setProperty("JDBC.autoCommit", "false");
        myBatisProperties.setProperty("mybatis.pooled.pingEnabled", "true");
        myBatisProperties.setProperty("mybatis.pooled.pingQuery", "SELECT 1");
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/java/org/apache/guacamole/auth/postgresql/PostgreSQLAuthenticationProviderModule.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/java/org/apache/guacamole/auth/postgresql/PostgreSQLAuthenticationProviderModule.java
@@ -64,8 +64,6 @@ public class PostgreSQLAuthenticationProviderModule implements Module {
        myBatisProperties.setProperty("JDBC.host", environment.getPostgreSQLHostname());
        myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getPostgreSQLPort()));
        myBatisProperties.setProperty("JDBC.schema", environment.getPostgreSQLDatabase());
-        myBatisProperties.setProperty("JDBC.username", environment.getUsername());
-        myBatisProperties.setProperty("JDBC.password", environment.getPassword());
        myBatisProperties.setProperty("JDBC.autoCommit", "false");
        myBatisProperties.setProperty("mybatis.pooled.pingEnabled", "true");
        myBatisProperties.setProperty("mybatis.pooled.pingQuery", "SELECT 1");
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerAuthenticationProviderModule.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerAuthenticationProviderModule.java
@@ -69,8 +69,6 @@ public class SQLServerAuthenticationProviderModule implements Module {
        myBatisProperties.setProperty("JDBC.host", environment.getSQLServerHostname());
        myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getSQLServerPort()));
        myBatisProperties.setProperty("JDBC.schema", environment.getSQLServerDatabase());
-        myBatisProperties.setProperty("JDBC.username", environment.getUsername());
-        myBatisProperties.setProperty("JDBC.password", environment.getPassword());
        
        myBatisProperties.setProperty("JDBC.autoCommit", "false");
        myBatisProperties.setProperty("mybatis.pooled.pingEnabled", "true");