Merge 0.9.14-incubating changes back to master.

guacamole-ext/src/main/java/org/apache/guacamole/net/event/AuthenticationSuccessEvent.java

@@ -19,8 +19,8 @@
 
 package org.apache.guacamole.net.event;
 
+import org.apache.guacamole.net.auth.AuthenticatedUser;
 import org.apache.guacamole.net.auth.Credentials;
-import org.apache.guacamole.net.auth.UserContext;
 
 /**
  * An event which is triggered whenever a user's credentials pass
@@ -35,37 +35,32 @@ import org.apache.guacamole.net.auth.UserContext;
 public class AuthenticationSuccessEvent implements UserEvent, CredentialEvent {
 
     /**
-     * The UserContext associated with the request that is connecting the
+     * The AuthenticatedUser identifying the user that successfully
-     * tunnel, if any.
+     * authenticated.
      */
-    private UserContext context;
+    private final AuthenticatedUser authenticatedUser;
-
-    /**
-     * The credentials which passed authentication.
-     */
-    private Credentials credentials;
 
     /**
      * Creates a new AuthenticationSuccessEvent which represents a successful
-     * authentication attempt with the given credentials.
+     * authentication attempt by the user identified by the given
+     * AuthenticatedUser object.
      *
-     * @param context The UserContext created as a result of successful
+     * @param authenticatedUser
-     *                authentication.
+     *     The AuthenticatedUser identifying the user that successfully
-     * @param credentials The credentials which passed authentication.
+     *     authenticated.
      */
-    public AuthenticationSuccessEvent(UserContext context, Credentials credentials) {
+    public AuthenticationSuccessEvent(AuthenticatedUser authenticatedUser) {
-        this.context = context;
+        this.authenticatedUser = authenticatedUser;
-        this.credentials = credentials;
     }
 
     @Override
-    public UserContext getUserContext() {
+    public AuthenticatedUser getAuthenticatedUser() {
-        return context;
+        return authenticatedUser;
     }
 
     @Override
     public Credentials getCredentials() {
-        return credentials;
+        return authenticatedUser.getCredentials();
     }
 
 }

guacamole-ext/src/main/java/org/apache/guacamole/net/event/TunnelCloseEvent.java

@@ -20,8 +20,8 @@
 package org.apache.guacamole.net.event;
 
 import org.apache.guacamole.net.GuacamoleTunnel;
+import org.apache.guacamole.net.auth.AuthenticatedUser;
 import org.apache.guacamole.net.auth.Credentials;
-import org.apache.guacamole.net.auth.UserContext;
 
 /**
  * An event which is triggered whenever a tunnel is being closed. The tunnel
@@ -36,42 +36,48 @@ import org.apache.guacamole.net.auth.UserContext;
 public class TunnelCloseEvent implements UserEvent, CredentialEvent, TunnelEvent {
 
     /**
-     * The UserContext associated with the request that is closing the
+     * The AuthenticatedUser associated with the user that is closing the
      * tunnel, if any.
      */
-    private UserContext context;
+    private final AuthenticatedUser authenticatedUser;
 
     /**
-     * The credentials associated with the request that connected the
+     * The credentials associated with the request that closed the tunnel, if
-     * tunnel, if any.
+     * any.
      */
-    private Credentials credentials;
+    private final Credentials credentials;
 
     /**
      * The tunnel being closed.
      */
-    private GuacamoleTunnel tunnel;
+    private final GuacamoleTunnel tunnel;
 
     /**
      * Creates a new TunnelCloseEvent which represents the closing of the
      * given tunnel via a request associated with the given credentials.
      *
-     * @param context The UserContext associated with the request closing 
+     * @param authenticatedUser
-     *                the tunnel.
+     *     The AuthenticatedUser associated with the user that is closing the
-     * @param credentials The credentials associated with the request that 
+     *     tunnel, if any.
-     *                    connected the tunnel.
+     *
-     * @param tunnel The tunnel being closed.
+     * @param credentials
+     *     The credentials associated with the request that closed the
+     *     tunnel. Note that these credentials are not necessarily the same as
+     *     the credentials provided when the user authenticated.
+     *
+     * @param tunnel
+     *     The tunnel being closed.
      */
-    public TunnelCloseEvent(UserContext context, Credentials credentials,
+    public TunnelCloseEvent(AuthenticatedUser authenticatedUser,
-            GuacamoleTunnel tunnel) {
+            Credentials credentials, GuacamoleTunnel tunnel) {
-        this.context = context;
+        this.authenticatedUser = authenticatedUser;
         this.credentials = credentials;
         this.tunnel = tunnel;
     }
 
     @Override
-    public UserContext getUserContext() {
+    public AuthenticatedUser getAuthenticatedUser() {
-        return context;
+        return authenticatedUser;
     }
 
     @Override

guacamole-ext/src/main/java/org/apache/guacamole/net/event/TunnelConnectEvent.java

@@ -20,6 +20,7 @@
 package org.apache.guacamole.net.event;
 
 import org.apache.guacamole.net.GuacamoleTunnel;
+import org.apache.guacamole.net.auth.AuthenticatedUser;
 import org.apache.guacamole.net.auth.Credentials;
 import org.apache.guacamole.net.auth.UserContext;
 
@@ -36,42 +37,47 @@ import org.apache.guacamole.net.auth.UserContext;
 public class TunnelConnectEvent implements UserEvent, CredentialEvent, TunnelEvent {
 
     /**
-     * The UserContext associated with the request that is connecting the
+     * The AuthenticatedUser associated with the user that is connecting the
      * tunnel, if any.
      */
-    private UserContext context;
+    private final AuthenticatedUser authenticatedUser;
 
     /**
      * The credentials associated with the request that is connecting the
      * tunnel, if any.
      */
-    private Credentials credentials;
+    private final Credentials credentials;
 
     /**
      * The tunnel being connected.
      */
-    private GuacamoleTunnel tunnel;
+    private final GuacamoleTunnel tunnel;
 
     /**
      * Creates a new TunnelConnectEvent which represents the connecting of the
      * given tunnel via a request associated with the given credentials.
      *
-     * @param context The UserContext associated with the request connecting
+     * @param authenticatedUser
-     *                the tunnel.
+     *     The AuthenticatedUser associated with the user that is connecting the
-     * @param credentials The credentials associated with the request connecting
+     *     tunnel, if any.
-     *                    the tunnel.
+     *
+     * @param credentials
+     *     The credentials associated with the request that connected the
+     *     tunnel. Note that these credentials are not necessarily the same as
+     *     the credentials provided when the user authenticated.
+     *
      * @param tunnel The tunnel being connected.
      */
-    public TunnelConnectEvent(UserContext context, Credentials credentials,
+    public TunnelConnectEvent(AuthenticatedUser authenticatedUser,
-            GuacamoleTunnel tunnel) {
+            Credentials credentials, GuacamoleTunnel tunnel) {
-        this.context = context;
+        this.authenticatedUser = authenticatedUser;
         this.credentials = credentials;
         this.tunnel = tunnel;
     }
 
     @Override
-    public UserContext getUserContext() {
+    public AuthenticatedUser getAuthenticatedUser() {
-        return context;
+        return authenticatedUser;
     }
 
     @Override

guacamole-ext/src/main/java/org/apache/guacamole/net/event/UserEvent.java

@@ -19,20 +19,22 @@
 
 package org.apache.guacamole.net.event;
 
-import org.apache.guacamole.net.auth.UserContext;
+import org.apache.guacamole.net.auth.AuthenticatedUser;
 
 /**
- * Abstract basis for events which may have an associated UserContext when
+ * Abstract basis for events which may have an associated AuthenticatedUser when
  * triggered.
  */
 public interface UserEvent {
 
     /**
-     * Returns the current UserContext of the user triggering the event, if any.
+     * Returns the AuthenticatedUser identifying the user triggering the event,
+     * if any.
      *
-     * @return The current UserContext of the user triggering the event, if
+     * @return
-     *         any, or null if no UserContext is associated with the event.
+     *     The AuthenticatedUser identifying the user triggering the event, if
+     *     any, or null if no AuthenticatedUser is associated with the event.
      */
-    UserContext getUserContext();
+    AuthenticatedUser getAuthenticatedUser();
 
 }

guacamole/src/main/java/org/apache/guacamole/rest/auth/AuthenticationService.java

@@ -224,24 +224,12 @@ public class AuthenticationService {
      * @param authenticatedUser
      *      The user that was successfully authenticated.
      *
-     * @param session
-     *      The existing session for the user (if any).
-     *
      * @throws GuacamoleException
      *      If thrown by a listener.
      */
-    private void fireAuthenticationSuccessEvent(
+    private void fireAuthenticationSuccessEvent(AuthenticatedUser authenticatedUser)
-            AuthenticatedUser authenticatedUser, GuacamoleSession session)
             throws GuacamoleException {
-
+        listenerService.handleEvent(new AuthenticationSuccessEvent(authenticatedUser));
-        UserContext userContext = null;
-        if (session != null) {
-            userContext = session.getUserContext(
-                authenticatedUser.getAuthenticationProvider().getIdentifier());
-        }
-
-        listenerService.handleEvent(new AuthenticationSuccessEvent(
-            userContext, authenticatedUser.getCredentials()));
     }
 
     /**
@@ -286,13 +274,13 @@ public class AuthenticationService {
             if (existingSession != null) {
                 AuthenticatedUser updatedUser = updateAuthenticatedUser(
                         existingSession.getAuthenticatedUser(), credentials);
-                fireAuthenticationSuccessEvent(updatedUser, existingSession);
+                fireAuthenticationSuccessEvent(updatedUser);
                 return updatedUser;
             }
 
             // Otherwise, attempt authentication as a new user
             AuthenticatedUser authenticatedUser = AuthenticationService.this.authenticateUser(credentials);
-            fireAuthenticationSuccessEvent(authenticatedUser, null);
+            fireAuthenticationSuccessEvent(authenticatedUser);
 
             if (logger.isInfoEnabled())
                 logger.info("User \"{}\" successfully authenticated from {}.",

guacamole/src/main/java/org/apache/guacamole/tunnel/TunnelRequestService.java

@@ -27,6 +27,7 @@ import org.apache.guacamole.GuacamoleSecurityException;
 import org.apache.guacamole.GuacamoleSession;
 import org.apache.guacamole.GuacamoleUnauthorizedException;
 import org.apache.guacamole.net.GuacamoleTunnel;
+import org.apache.guacamole.net.auth.AuthenticatedUser;
 import org.apache.guacamole.net.auth.Connection;
 import org.apache.guacamole.net.auth.ConnectionGroup;
 import org.apache.guacamole.net.auth.Credentials;
@@ -71,9 +72,9 @@ public class TunnelRequestService {
      * Notifies bound listeners that a new tunnel has been connected.
      * Listeners may veto a connected tunnel by throwing any GuacamoleException.
      *
-     * @param userContext
+     * @param authenticatedUser
-     *      The UserContext associated with the user for whom the tunnel is
+     *      The AuthenticatedUser associated with the user for whom the tunnel
-     *      being created.
+     *      is being created.
      *
      * @param credentials
      *      Credentials that authenticate the user.
@@ -84,9 +85,10 @@ public class TunnelRequestService {
      * @throws GuacamoleException
      *     If thrown by a listener or if any listener vetoes the connected tunnel.
      */
-    private void fireTunnelConnectEvent(UserContext userContext,
+    private void fireTunnelConnectEvent(AuthenticatedUser authenticatedUser,
             Credentials credentials, GuacamoleTunnel tunnel) throws GuacamoleException {
-        listenerService.handleEvent(new TunnelConnectEvent(userContext, credentials, tunnel));
+        listenerService.handleEvent(new TunnelConnectEvent(authenticatedUser,
+                credentials, tunnel));
     }
 
     /**
@@ -94,9 +96,9 @@ public class TunnelRequestService {
      * Listeners are allowed to veto a request to close a tunnel by throwing any
      * GuacamoleException.
      *
-     * @param userContext
+     * @param authenticatedUser
-     *      The UserContext associated with the user for whom the tunnel is
+     *      The AuthenticatedUser associated with the user for whom the tunnel
-     *      being created.
+     *      is being closed.
      *
      * @param credentials
      *      Credentials that authenticate the user.
@@ -107,10 +109,11 @@ public class TunnelRequestService {
      * @throws GuacamoleException
      *     If thrown by a listener.
      */
-    private void fireTunnelClosedEvent(UserContext userContext,
+    private void fireTunnelClosedEvent(AuthenticatedUser authenticatedUser,
             Credentials credentials, GuacamoleTunnel tunnel)
             throws GuacamoleException {
-        listenerService.handleEvent(new TunnelCloseEvent(userContext, credentials, tunnel));
+        listenerService.handleEvent(new TunnelCloseEvent(authenticatedUser,
+                credentials, tunnel));
     }
 
     /**
@@ -299,9 +302,10 @@ public class TunnelRequestService {
             @Override
             public void close() throws GuacamoleException {
 
-                // notify listeners to allow close request to be vetoed
+                // Notify listeners to allow close request to be vetoed
-                fireTunnelClosedEvent(context,
+                AuthenticatedUser authenticatedUser = session.getAuthenticatedUser();
-                    session.getAuthenticatedUser().getCredentials(), tunnel);
+                fireTunnelClosedEvent(authenticatedUser,
+                    authenticatedUser.getCredentials(), tunnel);
 
                 long connectionEndTime = System.currentTimeMillis();
                 long duration = connectionEndTime - connectionStartTime;
@@ -389,7 +393,7 @@ public class TunnelRequestService {
             GuacamoleTunnel tunnel = createConnectedTunnel(userContext, type, id, info);
 
             // Notify listeners to allow connection to be vetoed
-            fireTunnelConnectEvent(userContext,
+            fireTunnelConnectEvent(session.getAuthenticatedUser(),
                     session.getAuthenticatedUser().getCredentials(), tunnel);
 
             // Associate tunnel with session