safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 21:27:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #290 from glyptodon/jdbc-env

Browse Source 
GUAC-1373: Refactor JDBC auth properties into own class
This commit is contained in:
James Muehlner
2015-11-12 13:20:05 -08:00
parent db2a00dcb8 65393adeda
commit 4e4ba9ac45
13 changed files with 819 additions and 357 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/JDBCAuthenticationProviderModule.java
View File

@@ -62,7 +62,7 @@ import org.glyptodon.guacamole.auth.jdbc.activeconnection.ActiveConnectionPermis
import org.glyptodon.guacamole.auth.jdbc.activeconnection.ActiveConnectionPermissionSet;
import org.glyptodon.guacamole.auth.jdbc.activeconnection.ActiveConnectionService;
import org.glyptodon.guacamole.auth.jdbc.activeconnection.TrackedActiveConnection;
import org.glyptodon.guacamole.environment.Environment;
import org.glyptodon.guacamole.auth.jdbc.tunnel.RestrictedGuacamoleTunnelService;
import org.glyptodon.guacamole.net.auth.AuthenticationProvider;
import org.mybatis.guice.MyBatisModule;
import org.mybatis.guice.datasource.builtin.PooledDataSourceProvider;
@@ -80,12 +80,7 @@ public class JDBCAuthenticationProviderModule extends MyBatisModule {
/**
* The environment of the Guacamole server.
*/
private final Environment environment;
/**
* The service to use to provide GuacamoleTunnels for each connection.
*/
private final GuacamoleTunnelService tunnelService;
private final JDBCEnvironment environment;
/**
* The AuthenticationProvider which is using this module to configure
@@ -104,16 +99,11 @@ public class JDBCAuthenticationProviderModule extends MyBatisModule {
*
* @param environment
* The environment to use to configure injected classes.
*
* @param tunnelService
* The tunnel service to use to provide tunnels sockets for connections.
*/
public JDBCAuthenticationProviderModule(AuthenticationProvider authProvider,
Environment environment,
GuacamoleTunnelService tunnelService) {
JDBCEnvironment environment) {
this.authProvider = authProvider;
this.environment = environment;
this.tunnelService = tunnelService;
}
@Override
@@ -140,7 +130,7 @@ public class JDBCAuthenticationProviderModule extends MyBatisModule {
bind(ActiveConnectionDirectory.class);
bind(ActiveConnectionPermissionSet.class);
bind(AuthenticationProvider.class).toInstance(authProvider);
bind(Environment.class).toInstance(environment);
bind(JDBCEnvironment.class).toInstance(environment);
bind(ConnectionDirectory.class);
bind(ConnectionGroupDirectory.class);
bind(ConnectionGroupPermissionSet.class);
@@ -163,15 +153,13 @@ public class JDBCAuthenticationProviderModule extends MyBatisModule {
bind(ConnectionGroupService.class);
bind(ConnectionPermissionService.class);
bind(ConnectionService.class);
bind(GuacamoleTunnelService.class).to(RestrictedGuacamoleTunnelService.class);
bind(PasswordEncryptionService.class).to(SHA256PasswordEncryptionService.class);
bind(SaltService.class).to(SecureRandomSaltService.class);
bind(SystemPermissionService.class);
bind(UserPermissionService.class);
bind(UserService.class);
// Bind provided tunnel service
bind(GuacamoleTunnelService.class).toInstance(tunnelService);
}
}

106
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/JDBCEnvironment.java Normal file
View File

@@ -0,0 +1,106 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.glyptodon.guacamole.auth.jdbc;
import org.glyptodon.guacamole.GuacamoleException;
import org.glyptodon.guacamole.environment.LocalEnvironment;
/**
* A JDBC-specific implementation of Environment that defines generic properties
* intended for use within JDBC based authentication providers.
*
* @author James Muehlner
*/
public abstract class JDBCEnvironment extends LocalEnvironment {
/**
* Constructs a new JDBCEnvironment using an underlying LocalEnviroment to
* read properties from the file system.
*
* @throws GuacamoleException
* If an error occurs while setting up the underlying LocalEnvironment.
*/
public JDBCEnvironment() throws GuacamoleException {
super();
}
/**
* Returns the default maximum number of concurrent connections to allow to
* any one connection, unless specified differently on an individual
* connection. Zero denotes unlimited.
*
* @return
* The default maximum allowable number of concurrent connections
* to any connection.
*
* @throws GuacamoleException
* If an error occurs while retrieving the property.
*/
public abstract int getDefaultMaxConnections() throws GuacamoleException;
/**
* Returns the default maximum number of concurrent connections to allow to
* any one connection group, unless specified differently on an individual
* connection group. Zero denotes unlimited.
*
* @return
* The default maximum allowable number of concurrent connections
* to any connection group.
*
* @throws GuacamoleException
* If an error occurs while retrieving the property.
*/
public abstract int getDefaultMaxGroupConnections()
throws GuacamoleException;
/**
* Returns the default maximum number of concurrent connections to allow to
* any one connection by an individual user, unless specified differently on
* an individual connection. Zero denotes unlimited.
*
* @return
* The default maximum allowable number of concurrent connections to
* any connection by an individual user.
*
* @throws GuacamoleException
* If an error occurs while retrieving the property.
*/
public abstract int getDefaultMaxConnectionsPerUser()
throws GuacamoleException;
/**
* Returns the default maximum number of concurrent connections to allow to
* any one connection group by an individual user, unless specified
* differently on an individual connection group. Zero denotes unlimited.
*
* @return
* The default maximum allowable number of concurrent connections to
* any connection group by an individual user.
*
* @throws GuacamoleException
* If an error occurs while retrieving the property.
*/
public abstract int getDefaultMaxGroupConnectionsPerUser()
throws GuacamoleException;
}

56
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/connection/ModeledConnection.java
View File

@@ -32,6 +32,7 @@ import java.util.List;
import java.util.Map;
import org.glyptodon.guacamole.auth.jdbc.tunnel.GuacamoleTunnelService;
import org.glyptodon.guacamole.GuacamoleException;
import org.glyptodon.guacamole.auth.jdbc.JDBCEnvironment;
import org.glyptodon.guacamole.auth.jdbc.base.ModeledGroupedDirectoryObject;
import org.glyptodon.guacamole.form.Field;
import org.glyptodon.guacamole.form.Form;
@@ -88,6 +89,12 @@ public class ModeledConnection extends ModeledGroupedDirectoryObject<ConnectionM
CONCURRENCY_LIMITS
));
/**
* The environment of the Guacamole server.
*/
@Inject
private JDBCEnvironment environment;
/**
* Service for managing connections.
*/
@@ -200,4 +207,53 @@ public class ModeledConnection extends ModeledGroupedDirectoryObject<ConnectionM
}
/**
* Returns the maximum number of connections that should be allowed to this
* connection overall. If no limit applies, zero is returned.
*
* @return
* The maximum number of connections that should be allowed to this
* connection overall, or zero if no limit applies.
*
* @throws GuacamoleException
* If an error occurs while parsing the concurrency limit properties
* specified within guacamole.properties.
*/
public int getMaxConnections() throws GuacamoleException {
// Pull default from environment if connection limit is unset
Integer value = getModel().getMaxConnections();
if (value == null)
return environment.getDefaultMaxConnections();
// Otherwise use defined value
return value;
}
/**
* Returns the maximum number of connections that should be allowed to this
* connection for any individual user. If no limit applies, zero is
* returned.
*
* @return
* The maximum number of connections that should be allowed to this
* connection for any individual user, or zero if no limit applies.
*
* @throws GuacamoleException
* If an error occurs while parsing the concurrency limit properties
* specified within guacamole.properties.
*/
public int getMaxConnectionsPerUser() throws GuacamoleException {
// Pull default from environment if per-user connection limit is unset
Integer value = getModel().getMaxConnectionsPerUser();
if (value == null)
return environment.getDefaultMaxConnectionsPerUser();
// Otherwise use defined value
return value;
}
}

58
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/connectiongroup/ModeledConnectionGroup.java
View File

@@ -32,6 +32,7 @@ import java.util.Set;
import org.glyptodon.guacamole.auth.jdbc.connection.ConnectionService;
import org.glyptodon.guacamole.auth.jdbc.tunnel.GuacamoleTunnelService;
import org.glyptodon.guacamole.GuacamoleException;
import org.glyptodon.guacamole.auth.jdbc.JDBCEnvironment;
import org.glyptodon.guacamole.auth.jdbc.base.ModeledGroupedDirectoryObject;
import org.glyptodon.guacamole.form.Field;
import org.glyptodon.guacamole.form.Form;
@@ -86,6 +87,12 @@ public class ModeledConnectionGroup extends ModeledGroupedDirectoryObject<Connec
CONCURRENCY_LIMITS
));
/**
* The environment of the Guacamole server.
*/
@Inject
private JDBCEnvironment environment;
/**
* Service for managing connections.
*/
@@ -186,4 +193,55 @@ public class ModeledConnectionGroup extends ModeledGroupedDirectoryObject<Connec
}
/**
* Returns the maximum number of connections that should be allowed to this
* connection group overall. If no limit applies, zero is returned.
*
* @return
* The maximum number of connections that should be allowed to this
* connection group overall, or zero if no limit applies.
*
* @throws GuacamoleException
* If an error occurs while parsing the concurrency limit properties
* specified within guacamole.properties.
*/
public int getMaxConnections() throws GuacamoleException {
// Pull default from environment if connection limit is unset
Integer value = getModel().getMaxConnections();
if (value == null)
return environment.getDefaultMaxGroupConnections();
// Otherwise use defined value
return value;
}
/**
* Returns the maximum number of connections that should be allowed to this
* connection group for any individual user. If no limit applies, zero is
* returned.
*
* @return
* The maximum number of connections that should be allowed to this
* connection group for any individual user, or zero if no limit
* applies.
*
* @throws GuacamoleException
* If an error occurs while parsing the concurrency limit properties
* specified within guacamole.properties.
*/
public int getMaxConnectionsPerUser() throws GuacamoleException {
// Pull default from environment if per-user connection limit is unset
Integer value = getModel().getMaxConnectionsPerUser();
if (value == null)
return environment.getDefaultMaxGroupConnectionsPerUser();
// Otherwise use defined value
return value;
}
}

3
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/tunnel/AbstractGuacamoleTunnelService.java
View File

@@ -45,6 +45,7 @@ import org.glyptodon.guacamole.auth.jdbc.connection.ParameterModel;
import org.glyptodon.guacamole.auth.jdbc.user.UserModel;
import org.glyptodon.guacamole.GuacamoleException;
import org.glyptodon.guacamole.GuacamoleSecurityException;
import org.glyptodon.guacamole.auth.jdbc.JDBCEnvironment;
import org.glyptodon.guacamole.auth.jdbc.connection.ConnectionMapper;
import org.glyptodon.guacamole.environment.Environment;
import org.glyptodon.guacamole.net.GuacamoleSocket;
@@ -72,7 +73,7 @@ public abstract class AbstractGuacamoleTunnelService implements GuacamoleTunnelS
* The environment of the Guacamole server.
*/
@Inject
private Environment environment;
private JDBCEnvironment environment;
/**
* Mapper for accessing connections.

91
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/tunnel/ConfigurableGuacamoleTunnelService.java → extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/tunnel/RestrictedGuacamoleTunnelService.java
View File

@@ -44,7 +44,7 @@ import org.glyptodon.guacamole.auth.jdbc.connectiongroup.ModeledConnectionGroup;
* @author Michael Jumper
*/
@Singleton
public class ConfigurableGuacamoleTunnelService
public class RestrictedGuacamoleTunnelService
extends AbstractGuacamoleTunnelService {
/**
@@ -67,66 +67,6 @@ public class ConfigurableGuacamoleTunnelService
*/
private final ConcurrentHashMultiset<String> activeGroups = ConcurrentHashMultiset.<String>create();
/**
* The maximum number of connections allowed per connection by default, or
* zero if no default limit applies.
*/
private final int connectionDefaultMaxConnections;
/**
* The maximum number of connections a user may have to any one connection
* by default, or zero if no default limit applies.
*/
private final int connectionDefaultMaxConnectionsPerUser;
/**
* The maximum number of connections allowed per connection group by
* default, or zero if no default limit applies.
*/
private final int connectionGroupDefaultMaxConnections;
/**
* The maximum number of connections a user may have to any one connection
* group by default, or zero if no default limit applies.
*/
private final int connectionGroupDefaultMaxConnectionsPerUser;
/**
* Creates a new ConfigurableGuacamoleTunnelService which applies the given
* limitations when new connections are acquired.
*
* @param connectionDefaultMaxConnections
* The maximum number of connections allowed per connection by default,
* or zero if no default limit applies.
*
* @param connectionDefaultMaxConnectionsPerUser
* The maximum number of connections a user may have to any one
* connection by default, or zero if no default limit applies.
*
* @param connectionGroupDefaultMaxConnections
* The maximum number of connections allowed per connection group by
* default, or zero if no default limit applies.
*
* @param connectionGroupDefaultMaxConnectionsPerUser
* The maximum number of connections a user may have to any one
* connection group by default, or zero if no default limit applies.
*/
public ConfigurableGuacamoleTunnelService(
int connectionDefaultMaxConnections,
int connectionDefaultMaxConnectionsPerUser,
int connectionGroupDefaultMaxConnections,
int connectionGroupDefaultMaxConnectionsPerUser) {
// Set default connection limits
this.connectionDefaultMaxConnections = connectionDefaultMaxConnections;
this.connectionDefaultMaxConnectionsPerUser = connectionDefaultMaxConnectionsPerUser;
// Set default connection group limits
this.connectionGroupDefaultMaxConnections = connectionGroupDefaultMaxConnections;
this.connectionGroupDefaultMaxConnectionsPerUser = connectionGroupDefaultMaxConnectionsPerUser;
}
/**
* Attempts to add a single instance of the given value to the given
* multiset without exceeding the specified maximum number of values. If
@@ -200,23 +140,14 @@ public class ConfigurableGuacamoleTunnelService
// Return the first unreserved connection
for (ModeledConnection connection : sortedConnections) {
// Determine per-user limits on this connection
Integer connectionMaxConnectionsPerUser = connection.getModel().getMaxConnectionsPerUser();
if (connectionMaxConnectionsPerUser == null)
connectionMaxConnectionsPerUser = connectionDefaultMaxConnectionsPerUser;
// Determine overall limits on this connection
Integer connectionMaxConnections = connection.getModel().getMaxConnections();
if (connectionMaxConnections == null)
connectionMaxConnections = connectionDefaultMaxConnections;
// Attempt to aquire connection according to per-user limits
Seat seat = new Seat(username, connection.getIdentifier());
if (tryAdd(activeSeats, seat, connectionMaxConnectionsPerUser)) {
if (tryAdd(activeSeats, seat,
connection.getMaxConnectionsPerUser())) {
// Attempt to aquire connection according to overall limits
if (tryAdd(activeConnections, connection.getIdentifier(),
connectionMaxConnections))
connection.getMaxConnections()))
return connection;
// Acquire failed - retry with next connection
@@ -252,24 +183,14 @@ public class ConfigurableGuacamoleTunnelService
// Get username
String username = user.getUser().getIdentifier();
// Determine per-user limits on this connection group
Integer connectionGroupMaxConnectionsPerUser = connectionGroup.getModel().getMaxConnectionsPerUser();
if (connectionGroupMaxConnectionsPerUser == null)
connectionGroupMaxConnectionsPerUser = connectionGroupDefaultMaxConnectionsPerUser;
// Determine overall limits on this connection group
Integer connectionGroupMaxConnections = connectionGroup.getModel().getMaxConnections();
if (connectionGroupMaxConnections == null)
connectionGroupMaxConnections = connectionGroupDefaultMaxConnections;
// Attempt to aquire connection group according to per-user limits
Seat seat = new Seat(username, connectionGroup.getIdentifier());
if (tryAdd(activeGroupSeats, seat,
connectionGroupMaxConnectionsPerUser)) {
connectionGroup.getMaxConnectionsPerUser())) {
// Attempt to aquire connection group according to overall limits
if (tryAdd(activeGroups, connectionGroup.getIdentifier(),
connectionGroupMaxConnections))
connectionGroup.getMaxConnections()))
return;
// Acquire failed

122
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/MySQLAuthenticationProvider.java
View File

@@ -29,14 +29,8 @@ import org.glyptodon.guacamole.net.auth.AuthenticationProvider;
import org.glyptodon.guacamole.net.auth.Credentials;
import org.glyptodon.guacamole.net.auth.UserContext;
import org.glyptodon.guacamole.auth.jdbc.JDBCAuthenticationProviderModule;
import org.glyptodon.guacamole.auth.jdbc.tunnel.GuacamoleTunnelService;
import org.glyptodon.guacamole.auth.jdbc.tunnel.ConfigurableGuacamoleTunnelService;
import org.glyptodon.guacamole.auth.jdbc.user.AuthenticationProviderService;
import org.glyptodon.guacamole.environment.Environment;
import org.glyptodon.guacamole.environment.LocalEnvironment;
import org.glyptodon.guacamole.net.auth.AuthenticatedUser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* Provides a MySQL based implementation of the AuthenticationProvider
@@ -47,123 +41,12 @@ import org.slf4j.LoggerFactory;
*/
public class MySQLAuthenticationProvider implements AuthenticationProvider {
/**
* Logger for this class.
*/
private static final Logger logger = LoggerFactory.getLogger(MySQLAuthenticationProvider.class);
/**
* Injector which will manage the object graph of this authentication
* provider.
*/
private final Injector injector;
/**
* Returns the appropriate tunnel service given the Guacamole environment.
* The service is configured based on configuration options that dictate
* the default concurrent usage policy.
*
* @param environment
* The environment of the Guacamole server.
*
* @return
* A tunnel service implementation configured according to the
* concurrent usage policy options set in the Guacamole environment.
*
* @throws GuacamoleException
* If an error occurs while reading the configuration options.
*/
private GuacamoleTunnelService getTunnelService(Environment environment)
throws GuacamoleException {
// Tunnel service default configuration
int connectionDefaultMaxConnections;
int connectionDefaultMaxConnectionsPerUser;
int connectionGroupDefaultMaxConnections;
int connectionGroupDefaultMaxConnectionsPerUser;
// Read legacy concurrency-related properties
Boolean disallowSimultaneous = environment.getProperty(MySQLGuacamoleProperties.MYSQL_DISALLOW_SIMULTANEOUS_CONNECTIONS);
Boolean disallowDuplicate = environment.getProperty(MySQLGuacamoleProperties.MYSQL_DISALLOW_DUPLICATE_CONNECTIONS);
// Legacy "simultaneous" property dictates only the maximum number of
// connections per connection
if (disallowSimultaneous != null) {
// Translate legacy property
if (disallowSimultaneous) {
connectionDefaultMaxConnections = 1;
connectionGroupDefaultMaxConnections = 0;
}
else {
connectionDefaultMaxConnections = 0;
connectionGroupDefaultMaxConnections = 0;
}
// Warn of deprecation
logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
MySQLGuacamoleProperties.MYSQL_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(),
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_CONNECTIONS.getName(),
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
// Inform of new equivalent
logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
MySQLGuacamoleProperties.MYSQL_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(), disallowSimultaneous,
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_CONNECTIONS.getName(), connectionDefaultMaxConnections,
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_GROUP_CONNECTIONS.getName(), connectionGroupDefaultMaxConnections);
}
// If legacy property is not specified, use new property
else {
connectionDefaultMaxConnections = environment.getProperty(MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_CONNECTIONS, 0);
connectionGroupDefaultMaxConnections = environment.getProperty(MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_GROUP_CONNECTIONS, 0);
}
// Legacy "duplicate" property dictates whether connections and groups
// may be used concurrently only by different users
if (disallowDuplicate != null) {
// Translate legacy property
if (disallowDuplicate) {
connectionDefaultMaxConnectionsPerUser = 1;
connectionGroupDefaultMaxConnectionsPerUser = 1;
}
else {
connectionDefaultMaxConnectionsPerUser = 0;
connectionGroupDefaultMaxConnectionsPerUser = 0;
}
// Warn of deprecation
logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
MySQLGuacamoleProperties.MYSQL_DISALLOW_DUPLICATE_CONNECTIONS.getName(),
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(),
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
// Inform of new equivalent
logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
MySQLGuacamoleProperties.MYSQL_DISALLOW_DUPLICATE_CONNECTIONS.getName(), disallowDuplicate,
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(), connectionDefaultMaxConnectionsPerUser,
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER.getName(), connectionGroupDefaultMaxConnectionsPerUser);
}
// If legacy property is not specified, use new property
else {
connectionDefaultMaxConnectionsPerUser = environment.getProperty(MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_CONNECTIONS_PER_USER, 1);
connectionGroupDefaultMaxConnectionsPerUser = environment.getProperty(MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER, 1);
}
// Return service configured for specified default limits
return new ConfigurableGuacamoleTunnelService(
connectionDefaultMaxConnections,
connectionDefaultMaxConnectionsPerUser,
connectionGroupDefaultMaxConnections,
connectionGroupDefaultMaxConnectionsPerUser
);
}
/**
* Creates a new MySQLAuthenticationProvider that reads and writes
* authentication data to a MySQL database defined by properties in
@@ -176,7 +59,7 @@ public class MySQLAuthenticationProvider implements AuthenticationProvider {
public MySQLAuthenticationProvider() throws GuacamoleException {
// Get local environment
Environment environment = new LocalEnvironment();
MySQLEnvironment environment = new MySQLEnvironment();
// Set up Guice injector.
injector = Guice.createInjector(
@@ -185,8 +68,7 @@ public class MySQLAuthenticationProvider implements AuthenticationProvider {
new MySQLAuthenticationProviderModule(environment),
// Configure JDBC authentication core
new JDBCAuthenticationProviderModule(this, environment,
getTunnelService(environment))
new JDBCAuthenticationProviderModule(this, environment)
);

13
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/MySQLAuthenticationProviderModule.java
View File

@@ -27,7 +27,6 @@ import com.google.inject.Module;
import com.google.inject.name.Names;
import java.util.Properties;
import org.glyptodon.guacamole.GuacamoleException;
import org.glyptodon.guacamole.environment.Environment;
import org.mybatis.guice.datasource.helper.JdbcHelper;
/**
@@ -59,16 +58,16 @@ public class MySQLAuthenticationProviderModule implements Module {
* If a required property is missing, or an error occurs while parsing
* a property.
*/
public MySQLAuthenticationProviderModule(Environment environment)
public MySQLAuthenticationProviderModule(MySQLEnvironment environment)
throws GuacamoleException {
// Set the MySQL-specific properties for MyBatis.
myBatisProperties.setProperty("mybatis.environment.id", "guacamole");
myBatisProperties.setProperty("JDBC.host", environment.getRequiredProperty(MySQLGuacamoleProperties.MYSQL_HOSTNAME));
myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getRequiredProperty(MySQLGuacamoleProperties.MYSQL_PORT)));
myBatisProperties.setProperty("JDBC.schema", environment.getRequiredProperty(MySQLGuacamoleProperties.MYSQL_DATABASE));
myBatisProperties.setProperty("JDBC.username", environment.getRequiredProperty(MySQLGuacamoleProperties.MYSQL_USERNAME));
myBatisProperties.setProperty("JDBC.password", environment.getRequiredProperty(MySQLGuacamoleProperties.MYSQL_PASSWORD));
myBatisProperties.setProperty("JDBC.host", environment.getMySQLHostname());
myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getMySQLPort()));
myBatisProperties.setProperty("JDBC.schema", environment.getMySQLDatabase());
myBatisProperties.setProperty("JDBC.username", environment.getMySQLUsername());
myBatisProperties.setProperty("JDBC.password", environment.getMySQLPassword());
myBatisProperties.setProperty("JDBC.autoCommit", "false");
myBatisProperties.setProperty("mybatis.pooled.pingEnabled", "true");
myBatisProperties.setProperty("mybatis.pooled.pingQuery", "SELECT 1");

276
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/MySQLEnvironment.java Normal file
View File

@@ -0,0 +1,276 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package net.sourceforge.guacamole.net.auth.mysql;
import org.glyptodon.guacamole.GuacamoleException;
import org.glyptodon.guacamole.auth.jdbc.JDBCEnvironment;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* A MySQL-specific implementation of JDBCEnvironment provides database
* properties specifically for MySQL.
*
* @author James Muehlner
* @author Michael Jumper
*/
public class MySQLEnvironment extends JDBCEnvironment {
/**
* Logger for this class.
*/
private static final Logger logger = LoggerFactory.getLogger(MySQLEnvironment.class);
/**
* The default host to connect to, if MYSQL_HOSTNAME is not specified.
*/
private static final String DEFAULT_HOSTNAME = "localhost";
/**
* The default port to connect to, if MYSQL_PORT is not specified.
*/
private static final int DEFAULT_PORT = 3306;
/**
* The default value for the default maximum number of connections to be
* allowed per user to any one connection. Note that, as long as the
* legacy "disallow duplicate" and "disallow simultaneous" properties are
* still supported, these cannot be constants, as the legacy properties
* dictate the values that should be used in the absence of the correct
* properties.
*/
private int DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
/**
* The default value for the default maximum number of connections to be
* allowed per user to any one connection group. Note that, as long as the
* legacy "disallow duplicate" and "disallow simultaneous" properties are
* still supported, these cannot be constants, as the legacy properties
* dictate the values that should be used in the absence of the correct
* properties.
*/
private int DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
/**
* The default value for the default maximum number of connections to be
* allowed to any one connection. Note that, as long as the legacy
* "disallow duplicate" and "disallow simultaneous" properties are still
* supported, these cannot be constants, as the legacy properties dictate
* the values that should be used in the absence of the correct properties.
*/
private int DEFAULT_MAX_CONNECTIONS = 0;
/**
* The default value for the default maximum number of connections to be
* allowed to any one connection group. Note that, as long as the legacy
* "disallow duplicate" and "disallow simultaneous" properties are still
* supported, these cannot be constants, as the legacy properties dictate
* the values that should be used in the absence of the correct properties.
*/
private int DEFAULT_MAX_GROUP_CONNECTIONS = 0;
/**
* Constructs a new MySQLEnvironment, providing access to MySQL-specific
* configuration options.
*
* @throws GuacamoleException
* If an error occurs while setting up the underlying JDBCEnvironment
* or while parsing legacy MySQL configuration options.
*/
public MySQLEnvironment() throws GuacamoleException {
// Init underlying JDBC environment
super();
// Read legacy concurrency-related property
Boolean disallowSimultaneous = getProperty(MySQLGuacamoleProperties.MYSQL_DISALLOW_SIMULTANEOUS_CONNECTIONS);
Boolean disallowDuplicate = getProperty(MySQLGuacamoleProperties.MYSQL_DISALLOW_DUPLICATE_CONNECTIONS);
// Legacy "simultaneous" property dictates only the maximum number of
// connections per connection
if (disallowSimultaneous != null) {
// Translate legacy property
if (disallowSimultaneous) {
DEFAULT_MAX_CONNECTIONS = 1;
DEFAULT_MAX_GROUP_CONNECTIONS = 0;
}
else {
DEFAULT_MAX_CONNECTIONS = 0;
DEFAULT_MAX_GROUP_CONNECTIONS = 0;
}
// Warn of deprecation
logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
MySQLGuacamoleProperties.MYSQL_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(),
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_CONNECTIONS.getName(),
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
// Inform of new equivalent
logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
MySQLGuacamoleProperties.MYSQL_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(), disallowSimultaneous,
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_CONNECTIONS.getName(), DEFAULT_MAX_CONNECTIONS,
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_GROUP_CONNECTIONS.getName(), DEFAULT_MAX_GROUP_CONNECTIONS);
}
// Legacy "duplicate" property dictates whether connections and groups
// may be used concurrently only by different users
if (disallowDuplicate != null) {
// Translate legacy property
if (disallowDuplicate) {
DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
}
else {
DEFAULT_MAX_CONNECTIONS_PER_USER = 0;
DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 0;
}
// Warn of deprecation
logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
MySQLGuacamoleProperties.MYSQL_DISALLOW_DUPLICATE_CONNECTIONS.getName(),
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(),
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
// Inform of new equivalent
logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
MySQLGuacamoleProperties.MYSQL_DISALLOW_DUPLICATE_CONNECTIONS.getName(), disallowDuplicate,
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_CONNECTIONS_PER_USER,
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER);
}
}
@Override
public int getDefaultMaxConnections() throws GuacamoleException {
return getProperty(
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_CONNECTIONS,
DEFAULT_MAX_CONNECTIONS
);
}
@Override
public int getDefaultMaxGroupConnections() throws GuacamoleException {
return getProperty(
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_GROUP_CONNECTIONS,
DEFAULT_MAX_GROUP_CONNECTIONS
);
}
@Override
public int getDefaultMaxConnectionsPerUser() throws GuacamoleException {
return getProperty(
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_CONNECTIONS_PER_USER,
DEFAULT_MAX_CONNECTIONS_PER_USER
);
}
@Override
public int getDefaultMaxGroupConnectionsPerUser() throws GuacamoleException {
return getProperty(
MySQLGuacamoleProperties.MYSQL_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER,
DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER
);
}
/**
* Returns the hostname of the MySQL server hosting the Guacamole
* authentication tables. If unspecified, this will be "localhost".
*
* @return
* The URL of the MySQL server.
*
* @throws GuacamoleException
* If an error occurs while retrieving the property value.
*/
public String getMySQLHostname() throws GuacamoleException {
return getProperty(
MySQLGuacamoleProperties.MYSQL_HOSTNAME,
DEFAULT_HOSTNAME
);
}
/**
* Returns the port number of the MySQL server hosting the Guacamole
* authentication tables. If unspecified, this will be the default MySQL
* port of 3306.
*
* @return
* The port number of the MySQL server.
*
* @throws GuacamoleException
* If an error occurs while retrieving the property value.
*/
public int getMySQLPort() throws GuacamoleException {
return getProperty(MySQLGuacamoleProperties.MYSQL_PORT, DEFAULT_PORT);
}
/**
* Returns the name of the MySQL database containing the Guacamole
* authentication tables.
*
* @return
* The name of the MySQL database.
*
* @throws GuacamoleException
* If an error occurs while retrieving the property value, or if the
* value was not set, as this property is required.
*/
public String getMySQLDatabase() throws GuacamoleException {
return getRequiredProperty(MySQLGuacamoleProperties.MYSQL_DATABASE);
}
/**
* Returns the username that should be used when authenticating with the
* MySQL database containing the Guacamole authentication tables.
*
* @return
* The username for the MySQL database.
*
* @throws GuacamoleException
* If an error occurs while retrieving the property value, or if the
* value was not set, as this property is required.
*/
public String getMySQLUsername() throws GuacamoleException {
return getRequiredProperty(MySQLGuacamoleProperties.MYSQL_USERNAME);
}
/**
* Returns the password that should be used when authenticating with the
* MySQL database containing the Guacamole authentication tables.
*
* @return
* The password for the MySQL database.
*
* @throws GuacamoleException
* If an error occurs while retrieving the property value, or if the
* value was not set, as this property is required.
*/
public String getMySQLPassword() throws GuacamoleException {
return getRequiredProperty(MySQLGuacamoleProperties.MYSQL_PASSWORD);
}
}

22
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/MySQLGuacamoleProperties.java
View File

@@ -28,6 +28,7 @@ import org.glyptodon.guacamole.properties.StringGuacamoleProperty;
/**
* Properties used by the MySQL Authentication plugin.
*
* @author James Muehlner
*/
public class MySQLGuacamoleProperties {
@@ -38,7 +39,8 @@ public class MySQLGuacamoleProperties {
private MySQLGuacamoleProperties() {}
/**
* The URL of the MySQL server hosting the guacamole authentication tables.
* The hostname of the MySQL server hosting the Guacamole authentication
* tables.
*/
public static final StringGuacamoleProperty MYSQL_HOSTNAME = new StringGuacamoleProperty() {
@@ -48,7 +50,8 @@ public class MySQLGuacamoleProperties {
};
/**
* The port of the MySQL server hosting the guacamole authentication tables.
* The port number of the MySQL server hosting the Guacamole authentication
* tables.
*/
public static final IntegerGuacamoleProperty MYSQL_PORT = new IntegerGuacamoleProperty() {
@@ -58,7 +61,8 @@ public class MySQLGuacamoleProperties {
};
/**
* The name of the MySQL database containing the guacamole authentication tables.
* The name of the MySQL database containing the Guacamole authentication
* tables.
*/
public static final StringGuacamoleProperty MYSQL_DATABASE = new StringGuacamoleProperty() {
@@ -68,7 +72,8 @@ public class MySQLGuacamoleProperties {
};
/**
* The username used to authenticate to the MySQL database containing the guacamole authentication tables.
* The username that should be used when authenticating with the MySQL
* database containing the Guacamole authentication tables.
*/
public static final StringGuacamoleProperty MYSQL_USERNAME = new StringGuacamoleProperty() {
@@ -78,7 +83,8 @@ public class MySQLGuacamoleProperties {
};
/**
* The password used to authenticate to the MySQL database containing the guacamole authentication tables.
* The password that should be used when authenticating with the MySQL
* database containing the Guacamole authentication tables.
*/
public static final StringGuacamoleProperty MYSQL_PASSWORD = new StringGuacamoleProperty() {
@@ -88,7 +94,8 @@ public class MySQLGuacamoleProperties {
};
/**
* Whether or not multiple users accessing the same connection at the same time should be disallowed.
* Whether or not multiple users accessing the same connection at the same
* time should be disallowed.
*/
public static final BooleanGuacamoleProperty MYSQL_DISALLOW_SIMULTANEOUS_CONNECTIONS = new BooleanGuacamoleProperty() {
@@ -98,7 +105,8 @@ public class MySQLGuacamoleProperties {
};
/**
* Whether or not the same user accessing the same connection or connection group at the same time should be disallowed.
* Whether or not the same user accessing the same connection or connection
* group at the same time should be disallowed.
*/
public static final BooleanGuacamoleProperty MYSQL_DISALLOW_DUPLICATE_CONNECTIONS = new BooleanGuacamoleProperty() {

116
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/java/org/glyptodon/guacamole/auth/postgresql/PostgreSQLAuthenticationProvider.java
View File

@@ -29,11 +29,8 @@ import org.glyptodon.guacamole.net.auth.AuthenticationProvider;
import org.glyptodon.guacamole.net.auth.Credentials;
import org.glyptodon.guacamole.net.auth.UserContext;
import org.glyptodon.guacamole.auth.jdbc.JDBCAuthenticationProviderModule;
import org.glyptodon.guacamole.auth.jdbc.tunnel.ConfigurableGuacamoleTunnelService;
import org.glyptodon.guacamole.auth.jdbc.tunnel.GuacamoleTunnelService;
import org.glyptodon.guacamole.auth.jdbc.JDBCEnvironment;
import org.glyptodon.guacamole.auth.jdbc.user.AuthenticationProviderService;
import org.glyptodon.guacamole.environment.Environment;
import org.glyptodon.guacamole.environment.LocalEnvironment;
import org.glyptodon.guacamole.net.auth.AuthenticatedUser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -58,112 +55,6 @@ public class PostgreSQLAuthenticationProvider implements AuthenticationProvider
*/
private final Injector injector;
/**
* Returns the appropriate tunnel service given the Guacamole environment.
* The service is configured based on configuration options that dictate
* the default concurrent usage policy.
*
* @param environment
* The environment of the Guacamole server.
*
* @return
* A tunnel service implementation configured according to the
* concurrent usage policy options set in the Guacamole environment.
*
* @throws GuacamoleException
* If an error occurs while reading the configuration options.
*/
private GuacamoleTunnelService getTunnelService(Environment environment)
throws GuacamoleException {
// Tunnel service default configuration
int connectionDefaultMaxConnections;
int connectionDefaultMaxConnectionsPerUser;
int connectionGroupDefaultMaxConnections;
int connectionGroupDefaultMaxConnectionsPerUser;
// Read legacy concurrency-related properties
Boolean disallowSimultaneous = environment.getProperty(PostgreSQLGuacamoleProperties.POSTGRESQL_DISALLOW_SIMULTANEOUS_CONNECTIONS);
Boolean disallowDuplicate = environment.getProperty(PostgreSQLGuacamoleProperties.POSTGRESQL_DISALLOW_DUPLICATE_CONNECTIONS);
// Legacy "simultaneous" property dictates only the maximum number of
// connections per connection
if (disallowSimultaneous != null) {
// Translate legacy property
if (disallowSimultaneous) {
connectionDefaultMaxConnections = 1;
connectionGroupDefaultMaxConnections = 0;
}
else {
connectionDefaultMaxConnections = 0;
connectionGroupDefaultMaxConnections = 0;
}
// Warn of deprecation
logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
PostgreSQLGuacamoleProperties.POSTGRESQL_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(),
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_CONNECTIONS.getName(),
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
// Inform of new equivalent
logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
PostgreSQLGuacamoleProperties.POSTGRESQL_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(), disallowSimultaneous,
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_CONNECTIONS.getName(), connectionDefaultMaxConnections,
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_GROUP_CONNECTIONS.getName(), connectionGroupDefaultMaxConnections);
}
// If legacy property is not specified, use new property
else {
connectionDefaultMaxConnections = environment.getProperty(PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_CONNECTIONS, 0);
connectionGroupDefaultMaxConnections = environment.getProperty(PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_GROUP_CONNECTIONS, 0);
}
// Legacy "duplicate" property dictates whether connections and groups
// may be used concurrently only by different users
if (disallowDuplicate != null) {
// Translate legacy property
if (disallowDuplicate) {
connectionDefaultMaxConnectionsPerUser = 1;
connectionGroupDefaultMaxConnectionsPerUser = 1;
}
else {
connectionDefaultMaxConnectionsPerUser = 0;
connectionGroupDefaultMaxConnectionsPerUser = 0;
}
// Warn of deprecation
logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
PostgreSQLGuacamoleProperties.POSTGRESQL_DISALLOW_DUPLICATE_CONNECTIONS.getName(),
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(),
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
// Inform of new equivalent
logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
PostgreSQLGuacamoleProperties.POSTGRESQL_DISALLOW_DUPLICATE_CONNECTIONS.getName(), disallowDuplicate,
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(), connectionDefaultMaxConnectionsPerUser,
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER.getName(), connectionGroupDefaultMaxConnectionsPerUser);
}
// If legacy property is not specified, use new property
else {
connectionDefaultMaxConnectionsPerUser = environment.getProperty(PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_CONNECTIONS_PER_USER, 1);
connectionGroupDefaultMaxConnectionsPerUser = environment.getProperty(PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER, 1);
}
// Return service configured for specified default limits
return new ConfigurableGuacamoleTunnelService(
connectionDefaultMaxConnections,
connectionDefaultMaxConnectionsPerUser,
connectionGroupDefaultMaxConnections,
connectionGroupDefaultMaxConnectionsPerUser
);
}
/**
* Creates a new PostgreSQLAuthenticationProvider that reads and writes
* authentication data to a PostgreSQL database defined by properties in
@@ -176,7 +67,7 @@ public class PostgreSQLAuthenticationProvider implements AuthenticationProvider
public PostgreSQLAuthenticationProvider() throws GuacamoleException {
// Get local environment
Environment environment = new LocalEnvironment();
PostgreSQLEnvironment environment = new PostgreSQLEnvironment();
// Set up Guice injector.
injector = Guice.createInjector(
@@ -185,8 +76,7 @@ public class PostgreSQLAuthenticationProvider implements AuthenticationProvider
new PostgreSQLAuthenticationProviderModule(environment),
// Configure JDBC authentication core
new JDBCAuthenticationProviderModule(this, environment,
getTunnelService(environment))
new JDBCAuthenticationProviderModule(this, environment)
);

13
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/java/org/glyptodon/guacamole/auth/postgresql/PostgreSQLAuthenticationProviderModule.java
View File

@@ -27,7 +27,6 @@ import com.google.inject.Module;
import com.google.inject.name.Names;
import java.util.Properties;
import org.glyptodon.guacamole.GuacamoleException;
import org.glyptodon.guacamole.environment.Environment;
import org.mybatis.guice.datasource.helper.JdbcHelper;
/**
@@ -60,16 +59,16 @@ public class PostgreSQLAuthenticationProviderModule implements Module {
* If a required property is missing, or an error occurs while parsing
* a property.
*/
public PostgreSQLAuthenticationProviderModule(Environment environment)
public PostgreSQLAuthenticationProviderModule(PostgreSQLEnvironment environment)
throws GuacamoleException {
// Set the PostgreSQL-specific properties for MyBatis.
myBatisProperties.setProperty("mybatis.environment.id", "guacamole");
myBatisProperties.setProperty("JDBC.host", environment.getRequiredProperty(PostgreSQLGuacamoleProperties.POSTGRESQL_HOSTNAME));
myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getRequiredProperty(PostgreSQLGuacamoleProperties.POSTGRESQL_PORT)));
myBatisProperties.setProperty("JDBC.schema", environment.getRequiredProperty(PostgreSQLGuacamoleProperties.POSTGRESQL_DATABASE));
myBatisProperties.setProperty("JDBC.username", environment.getRequiredProperty(PostgreSQLGuacamoleProperties.POSTGRESQL_USERNAME));
myBatisProperties.setProperty("JDBC.password", environment.getRequiredProperty(PostgreSQLGuacamoleProperties.POSTGRESQL_PASSWORD));
myBatisProperties.setProperty("JDBC.host", environment.getPostgreSQLHostname());
myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getPostgreSQLPort()));
myBatisProperties.setProperty("JDBC.schema", environment.getPostgreSQLDatabase());
myBatisProperties.setProperty("JDBC.username", environment.getPostgreSQLUsername());
myBatisProperties.setProperty("JDBC.password", environment.getPostgreSQLPassword());
myBatisProperties.setProperty("JDBC.autoCommit", "false");
myBatisProperties.setProperty("mybatis.pooled.pingEnabled", "true");
myBatisProperties.setProperty("mybatis.pooled.pingQuery", "SELECT 1");

278
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/java/org/glyptodon/guacamole/auth/postgresql/PostgreSQLEnvironment.java Normal file
View File

@@ -0,0 +1,278 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.glyptodon.guacamole.auth.postgresql;
import org.glyptodon.guacamole.GuacamoleException;
import org.glyptodon.guacamole.auth.jdbc.JDBCEnvironment;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* A PostgreSQL-specific implementation of JDBCEnvironment provides database
* properties specifically for PostgreSQL.
*
* @author Michael Jumper
*/
public class PostgreSQLEnvironment extends JDBCEnvironment {
/**
* Logger for this class.
*/
private static final Logger logger = LoggerFactory.getLogger(PostgreSQLEnvironment.class);
/**
* The default host to connect to, if POSTGRESQL_HOSTNAME is not specified.
*/
private static final String DEFAULT_HOSTNAME = "localhost";
/**
* The default port to connect to, if POSTGRESQL_PORT is not specified.
*/
private static final int DEFAULT_PORT = 5432;
/**
* The default value for the default maximum number of connections to be
* allowed per user to any one connection. Note that, as long as the
* legacy "disallow duplicate" and "disallow simultaneous" properties are
* still supported, these cannot be constants, as the legacy properties
* dictate the values that should be used in the absence of the correct
* properties.
*/
private int DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
/**
* The default value for the default maximum number of connections to be
* allowed per user to any one connection group. Note that, as long as the
* legacy "disallow duplicate" and "disallow simultaneous" properties are
* still supported, these cannot be constants, as the legacy properties
* dictate the values that should be used in the absence of the correct
* properties.
*/
private int DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
/**
* The default value for the default maximum number of connections to be
* allowed to any one connection. Note that, as long as the legacy
* "disallow duplicate" and "disallow simultaneous" properties are still
* supported, these cannot be constants, as the legacy properties dictate
* the values that should be used in the absence of the correct properties.
*/
private int DEFAULT_MAX_CONNECTIONS = 0;
/**
* The default value for the default maximum number of connections to be
* allowed to any one connection group. Note that, as long as the legacy
* "disallow duplicate" and "disallow simultaneous" properties are still
* supported, these cannot be constants, as the legacy properties dictate
* the values that should be used in the absence of the correct properties.
*/
private int DEFAULT_MAX_GROUP_CONNECTIONS = 0;
/**
* Constructs a new PostgreSQLEnvironment, providing access to PostgreSQL-specific
* configuration options.
*
* @throws GuacamoleException
* If an error occurs while setting up the underlying JDBCEnvironment
* or while parsing legacy PostgreSQL configuration options.
*/
public PostgreSQLEnvironment() throws GuacamoleException {
// Init underlying JDBC environment
super();
// Read legacy concurrency-related property
Boolean disallowSimultaneous = getProperty(PostgreSQLGuacamoleProperties.POSTGRESQL_DISALLOW_SIMULTANEOUS_CONNECTIONS);
Boolean disallowDuplicate = getProperty(PostgreSQLGuacamoleProperties.POSTGRESQL_DISALLOW_DUPLICATE_CONNECTIONS);
// Legacy "simultaneous" property dictates only the maximum number of
// connections per connection
if (disallowSimultaneous != null) {
// Translate legacy property
if (disallowSimultaneous) {
DEFAULT_MAX_CONNECTIONS = 1;
DEFAULT_MAX_GROUP_CONNECTIONS = 0;
}
else {
DEFAULT_MAX_CONNECTIONS = 0;
DEFAULT_MAX_GROUP_CONNECTIONS = 0;
}
// Warn of deprecation
logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
PostgreSQLGuacamoleProperties.POSTGRESQL_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(),
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_CONNECTIONS.getName(),
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
// Inform of new equivalent
logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
PostgreSQLGuacamoleProperties.POSTGRESQL_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(), disallowSimultaneous,
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_CONNECTIONS.getName(), DEFAULT_MAX_CONNECTIONS,
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_GROUP_CONNECTIONS.getName(), DEFAULT_MAX_GROUP_CONNECTIONS);
}
// Legacy "duplicate" property dictates whether connections and groups
// may be used concurrently only by different users
if (disallowDuplicate != null) {
// Translate legacy property
if (disallowDuplicate) {
DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
}
else {
DEFAULT_MAX_CONNECTIONS_PER_USER = 0;
DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 0;
}
// Warn of deprecation
logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
PostgreSQLGuacamoleProperties.POSTGRESQL_DISALLOW_DUPLICATE_CONNECTIONS.getName(),
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(),
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
// Inform of new equivalent
logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
PostgreSQLGuacamoleProperties.POSTGRESQL_DISALLOW_DUPLICATE_CONNECTIONS.getName(), disallowDuplicate,
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_CONNECTIONS_PER_USER,
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER);
}
}
@Override
public int getDefaultMaxConnections() throws GuacamoleException {
return getProperty(
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_CONNECTIONS,
DEFAULT_MAX_CONNECTIONS
);
}
@Override
public int getDefaultMaxGroupConnections() throws GuacamoleException {
return getProperty(
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_GROUP_CONNECTIONS,
DEFAULT_MAX_GROUP_CONNECTIONS
);
}
@Override
public int getDefaultMaxConnectionsPerUser() throws GuacamoleException {
return getProperty(
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_CONNECTIONS_PER_USER,
DEFAULT_MAX_CONNECTIONS_PER_USER
);
}
@Override
public int getDefaultMaxGroupConnectionsPerUser() throws GuacamoleException {
return getProperty(
PostgreSQLGuacamoleProperties.POSTGRESQL_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER,
DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER
);
}
/**
* Returns the hostname of the PostgreSQL server hosting the Guacamole
* authentication tables. If unspecified, this will be "localhost".
*
* @return
* The URL of the PostgreSQL server.
*
* @throws GuacamoleException
* If an error occurs while retrieving the property value.
*/
public String getPostgreSQLHostname() throws GuacamoleException {
return getProperty(
PostgreSQLGuacamoleProperties.POSTGRESQL_HOSTNAME,
DEFAULT_HOSTNAME
);
}
/**
* Returns the port number of the PostgreSQL server hosting the Guacamole
* authentication tables. If unspecified, this will be the default
* PostgreSQL port of 5432.
*
* @return
* The port number of the PostgreSQL server.
*
* @throws GuacamoleException
* If an error occurs while retrieving the property value.
*/
public int getPostgreSQLPort() throws GuacamoleException {
return getProperty(
PostgreSQLGuacamoleProperties.POSTGRESQL_PORT,
DEFAULT_PORT
);
}
/**
* Returns the name of the PostgreSQL database containing the Guacamole
* authentication tables.
*
* @return
* The name of the PostgreSQL database.
*
* @throws GuacamoleException
* If an error occurs while retrieving the property value, or if the
* value was not set, as this property is required.
*/
public String getPostgreSQLDatabase() throws GuacamoleException {
return getRequiredProperty(PostgreSQLGuacamoleProperties.POSTGRESQL_DATABASE);
}
/**
* Returns the username that should be used when authenticating with the
* PostgreSQL database containing the Guacamole authentication tables.
*
* @return
* The username for the PostgreSQL database.
*
* @throws GuacamoleException
* If an error occurs while retrieving the property value, or if the
* value was not set, as this property is required.
*/
public String getPostgreSQLUsername() throws GuacamoleException {
return getRequiredProperty(PostgreSQLGuacamoleProperties.POSTGRESQL_USERNAME);
}
/**
* Returns the password that should be used when authenticating with the
* PostgreSQL database containing the Guacamole authentication tables.
*
* @return
* The password for the PostgreSQL database.
*
* @throws GuacamoleException
* If an error occurs while retrieving the property value, or if the
* value was not set, as this property is required.
*/
public String getPostgreSQLPassword() throws GuacamoleException {
return getRequiredProperty(PostgreSQLGuacamoleProperties.POSTGRESQL_PASSWORD);
}
}