safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-12 16:07:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUACAMOLE-1: Refactor org.glyptodon package/groupId to org.apache.

Browse Source
This commit is contained in:
Michael Jumper
2016-03-22 14:05:53 -07:00
parent 2358d88683
commit 6990344697
402 changed files with 1536 additions and 1536 deletions
Download Patch File Download Diff File Expand all files Collapse all files

120
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/AbstractActiveConnection.java Normal file
View File

@@ -0,0 +1,120 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth;
import java.util.Date;
import org.apache.guacamole.net.GuacamoleTunnel;
public abstract class AbstractActiveConnection implements ActiveConnection {
/**
* The identifier of this active connection.
*/
private String identifier;
/**
* The identifier of the associated connection.
*/
private String connectionIdentifier;
/**
* The date and time this active connection began.
*/
private Date startDate;
/**
* The remote host that initiated this connection.
*/
private String remoteHost;
/**
* The username of the user that initiated this connection.
*/
private String username;
/**
* The underlying GuacamoleTunnel.
*/
private GuacamoleTunnel tunnel;
@Override
public String getIdentifier() {
return identifier;
}
@Override
public void setIdentifier(String identifier) {
this.identifier = identifier;
}
@Override
public String getConnectionIdentifier() {
return connectionIdentifier;
}
@Override
public void setConnectionIdentifier(String connnectionIdentifier) {
this.connectionIdentifier = connnectionIdentifier;
}
@Override
public Date getStartDate() {
return startDate;
}
@Override
public void setStartDate(Date startDate) {
this.startDate = startDate;
}
@Override
public String getRemoteHost() {
return remoteHost;
}
@Override
public void setRemoteHost(String remoteHost) {
this.remoteHost = remoteHost;
}
@Override
public String getUsername() {
return username;
}
@Override
public void setUsername(String username) {
this.username = username;
}
@Override
public GuacamoleTunnel getTunnel() {
return tunnel;
}
@Override
public void setTunnel(GuacamoleTunnel tunnel) {
this.tunnel = tunnel;
}
}

73
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/AbstractAuthenticatedUser.java Normal file
View File

@@ -0,0 +1,73 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth;
/**
* Basic implementation of an AuthenticatedUser which uses the username to
* determine equality. Username comparison is case-sensitive.
*
* @author Michael Jumper
*/
public abstract class AbstractAuthenticatedUser implements AuthenticatedUser {
/**
* The name of this user.
*/
private String username;
@Override
public String getIdentifier() {
return username;
}
@Override
public void setIdentifier(String username) {
this.username = username;
}
@Override
public int hashCode() {
if (username == null) return 0;
return username.hashCode();
}
@Override
public boolean equals(Object obj) {
// Not equal if null or not a User
if (obj == null) return false;
if (!(obj instanceof AbstractAuthenticatedUser)) return false;
// Get username
String objUsername = ((AbstractAuthenticatedUser) obj).username;
// If null, equal only if this username is null
if (objUsername == null) return username == null;
// Otherwise, equal only if strings are identical
return objUsername.equals(username);
}
}

119
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/AbstractConnection.java Normal file
View File

@@ -0,0 +1,119 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth;
import org.apache.guacamole.protocol.GuacamoleConfiguration;
/**
* Basic implementation of a Guacamole connection.
*
* @author Michael Jumper
*/
public abstract class AbstractConnection implements Connection {
/**
* The name associated with this connection.
*/
private String name;
/**
* The unique identifier associated with this connection.
*/
private String identifier;
/**
* The unique identifier of the parent ConnectionGroup for
* this Connection.
*/
private String parentIdentifier;
/**
* The GuacamoleConfiguration associated with this connection.
*/
private GuacamoleConfiguration configuration;
@Override
public String getName() {
return name;
}
@Override
public void setName(String name) {
this.name = name;
}
@Override
public String getIdentifier() {
return identifier;
}
@Override
public void setIdentifier(String identifier) {
this.identifier = identifier;
}
@Override
public String getParentIdentifier() {
return parentIdentifier;
}
@Override
public void setParentIdentifier(String parentIdentifier) {
this.parentIdentifier = parentIdentifier;
}
@Override
public GuacamoleConfiguration getConfiguration() {
return configuration;
}
@Override
public void setConfiguration(GuacamoleConfiguration configuration) {
this.configuration = configuration;
}
@Override
public int hashCode() {
if (identifier == null) return 0;
return identifier.hashCode();
}
@Override
public boolean equals(Object obj) {
// Not equal if null or not a Connection
if (obj == null) return false;
if (!(obj instanceof AbstractConnection)) return false;
// Get identifier
String objIdentifier = ((AbstractConnection) obj).identifier;
// If null, equal only if this identifier is null
if (objIdentifier == null) return identifier == null;
// Otherwise, equal only if strings are identical
return objIdentifier.equals(identifier);
}
}

117
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/AbstractConnectionGroup.java Normal file
View File

@@ -0,0 +1,117 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth;
/**
* Basic implementation of a Guacamole connection group.
*
* @author James Muehlner
*/
public abstract class AbstractConnectionGroup implements ConnectionGroup {
/**
* The name associated with this connection group.
*/
private String name;
/**
* The unique identifier associated with this connection group.
*/
private String identifier;
/**
* The unique identifier of the parent connection group for
* this connection group.
*/
private String parentIdentifier;
/**
* The type of this connection group.
*/
private ConnectionGroup.Type type;
@Override
public String getName() {
return name;
}
@Override
public void setName(String name) {
this.name = name;
}
@Override
public String getIdentifier() {
return identifier;
}
@Override
public void setIdentifier(String identifier) {
this.identifier = identifier;
}
@Override
public String getParentIdentifier() {
return parentIdentifier;
}
@Override
public void setParentIdentifier(String parentIdentifier) {
this.parentIdentifier = parentIdentifier;
}
@Override
public ConnectionGroup.Type getType() {
return type;
}
@Override
public void setType(ConnectionGroup.Type type) {
this.type = type;
}
@Override
public int hashCode() {
if (identifier == null) return 0;
return identifier.hashCode();
}
@Override
public boolean equals(Object obj) {
// Not equal if null or not a ConnectionGroup
if (obj == null) return false;
if (!(obj instanceof AbstractConnectionGroup)) return false;
// Get identifier
String objIdentifier = ((AbstractConnectionGroup) obj).identifier;
// If null, equal only if this identifier is null
if (objIdentifier == null) return identifier == null;
// Otherwise, equal only if strings are identical
return objIdentifier.equals(identifier);
}
}

90
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/AbstractUser.java Normal file
View File

@@ -0,0 +1,90 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth;
/**
* Basic implementation of a Guacamole user which uses the username to
* determine equality. Username comparison is case-sensitive.
*
* @author Michael Jumper
*/
public abstract class AbstractUser implements User {
/**
* The name of this user.
*/
private String username;
/**
* This user's password. Note that while this provides a means for the
* password to be set, the data stored in this String is not necessarily
* the user's actual password. It may be hashed, it may be arbitrary.
*/
private String password;
@Override
public String getIdentifier() {
return username;
}
@Override
public void setIdentifier(String username) {
this.username = username;
}
@Override
public String getPassword() {
return password;
}
@Override
public void setPassword(String password) {
this.password = password;
}
@Override
public int hashCode() {
if (username == null) return 0;
return username.hashCode();
}
@Override
public boolean equals(Object obj) {
// Not equal if null or not a User
if (obj == null) return false;
if (!(obj instanceof AbstractUser)) return false;
// Get username
String objUsername = ((AbstractUser) obj).username;
// If null, equal only if this username is null
if (objUsername == null) return username == null;
// Otherwise, equal only if strings are identical
return objUsername.equals(username);
}
}

128
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/ActiveConnection.java Normal file
View File

@@ -0,0 +1,128 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth;
import java.util.Date;
import org.apache.guacamole.net.GuacamoleTunnel;
/**
* A pairing of username and GuacamoleTunnel representing an active usage of a
* particular connection.
*
* @author Michael Jumper
*/
public interface ActiveConnection extends Identifiable {
/**
* Returns the identifier of the connection being actively used. Unlike the
* other information stored in this object, the connection identifier must
* be present and MAY NOT be null.
*
* @return
* The identifier of the connection being actively used.
*/
String getConnectionIdentifier();
/**
* Sets the identifier of the connection being actively used.
*
* @param connnectionIdentifier
* The identifier of the connection being actively used.
*/
void setConnectionIdentifier(String connnectionIdentifier);
/**
* Returns the date and time the connection began.
*
* @return
* The date and time the connection began, or null if this
* information is not available.
*/
Date getStartDate();
/**
* Sets the date and time the connection began.
*
* @param startDate
* The date and time the connection began, or null if this
* information is not available.
*/
void setStartDate(Date startDate);
/**
* Returns the hostname or IP address of the remote host that initiated the
* connection, if known. If the hostname or IP address is not known, null
* is returned.
*
* @return
* The hostname or IP address of the remote host, or null if this
* information is not available.
*/
String getRemoteHost();
/**
* Sets the hostname or IP address of the remote host that initiated the
* connection.
*
* @param remoteHost
* The hostname or IP address of the remote host, or null if this
* information is not available.
*/
void setRemoteHost(String remoteHost);
/**
* Returns the name of the user who is using this connection.
*
* @return
* The name of the user who is using this connection, or null if this
* information is not available.
*/
String getUsername();
/**
* Sets the name of the user who is using this connection.
*
* @param username
* The name of the user who is using this connection, or null if this
* information is not available.
*/
void setUsername(String username);
/**
* Returns the connected GuacamoleTunnel being used. This may be null if
* access to the underlying tunnel is denied.
*
* @return
* The connected GuacamoleTunnel, or null if permission is denied.
*/
GuacamoleTunnel getTunnel();
/**
* Sets the connected GuacamoleTunnel being used.
*
* @param tunnel
* The connected GuacamoleTunnel, or null if permission is denied.
*/
void setTunnel(GuacamoleTunnel tunnel);
}

51
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/AuthenticatedUser.java Normal file
View File

@@ -0,0 +1,51 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth;
/**
* A user of the Guacamole web application who has been authenticated by an
* AuthenticationProvider.
*
* @author Michael Jumper
*/
public interface AuthenticatedUser extends Identifiable {
/**
* Returns the AuthenticationProvider that authenticated this user.
*
* @return
* The AuthenticationProvider that authenticated this user.
*/
AuthenticationProvider getAuthenticationProvider();
/**
* Returns the credentials that the user provided when they successfully
* authenticated.
*
* @return
* The credentials provided by the user when they authenticated.
*/
Credentials getCredentials();
}

148
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/AuthenticationProvider.java Normal file
View File

@@ -0,0 +1,148 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth;
import org.apache.guacamole.GuacamoleException;
/**
* Provides means of authorizing users and for accessing and managing data
* associated with those users. Access to such data is limited according to the
* AuthenticationProvider implementation.
*
* @author Michael Jumper
*/
public interface AuthenticationProvider {
/**
* Returns the identifier which uniquely and consistently identifies this
* AuthenticationProvider implementation. This identifier may not be null
* and must be unique across all AuthenticationProviders loaded by the
* Guacamole web application.
*
* @return
* The unique identifier assigned to this AuthenticationProvider, which
* may not be null.
*/
String getIdentifier();
/**
* Returns an AuthenticatedUser representing the user authenticated by the
* given credentials, if any.
*
* @param credentials
* The credentials to use for authentication.
*
* @return
* An AuthenticatedUser representing the user authenticated by the
* given credentials, if any, or null if the credentials are invalid.
*
* @throws GuacamoleException
* If an error occurs while authenticating the user, or if access is
* temporarily, permanently, or conditionally denied, such as if the
* supplied credentials are insufficient or invalid.
*/
AuthenticatedUser authenticateUser(Credentials credentials)
throws GuacamoleException;
/**
* Returns a new or updated AuthenticatedUser for the given credentials
* already having produced the given AuthenticatedUser. Note that because
* this function will be called for all future requests after initial
* authentication, including tunnel requests, care must be taken to avoid
* using functions of HttpServletRequest which invalidate the entire request
* body, such as getParameter(). Doing otherwise may cause the
* GuacamoleHTTPTunnelServlet to fail.
*
* @param credentials
* The credentials to use for authentication.
*
* @param authenticatedUser
* An AuthenticatedUser object representing the user authenticated by
* an arbitrary set of credentials. The AuthenticatedUser may come from
* this AuthenticationProvider or any other installed
* AuthenticationProvider.
*
* @return
* An updated AuthenticatedUser representing the user authenticated by
* the given credentials, if any, or null if the credentials are
* invalid.
*
* @throws GuacamoleException
* If an error occurs while updating the AuthenticatedUser.
*/
AuthenticatedUser updateAuthenticatedUser(AuthenticatedUser authenticatedUser,
Credentials credentials) throws GuacamoleException;
/**
* Returns the UserContext of the user authenticated by the given
* credentials.
*
* @param authenticatedUser
* An AuthenticatedUser object representing the user authenticated by
* an arbitrary set of credentials. The AuthenticatedUser may come from
* this AuthenticationProvider or any other installed
* AuthenticationProvider.
*
* @return
* A UserContext describing the permissions, connection, connection
* groups, etc. accessible or associated with the given authenticated
* user, or null if this AuthenticationProvider refuses to provide any
* such data.
*
* @throws GuacamoleException
* If an error occurs while creating the UserContext.
*/
UserContext getUserContext(AuthenticatedUser authenticatedUser)
throws GuacamoleException;
/**
* Returns a new or updated UserContext for the given AuthenticatedUser
* already having the given UserContext. Note that because this function
* will be called for all future requests after initial authentication,
* including tunnel requests, care must be taken to avoid using functions
* of HttpServletRequest which invalidate the entire request body, such as
* getParameter(). Doing otherwise may cause the GuacamoleHTTPTunnelServlet
* to fail.
*
* @param context
* The existing UserContext belonging to the user in question.
*
* @param authenticatedUser
* An AuthenticatedUser object representing the user authenticated by
* an arbitrary set of credentials. The AuthenticatedUser may come from
* this AuthenticationProvider or any other installed
* AuthenticationProvider.
*
* @return
* An updated UserContext describing the permissions, connection,
* connection groups, etc. accessible or associated with the given
* authenticated user, or null if this AuthenticationProvider refuses
* to provide any such data.
*
* @throws GuacamoleException
* If an error occurs while updating the UserContext.
*/
UserContext updateUserContext(UserContext context,
AuthenticatedUser authenticatedUser) throws GuacamoleException;
}

63
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/Connectable.java Normal file
View File

@@ -0,0 +1,63 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.net.GuacamoleTunnel;
import org.apache.guacamole.protocol.GuacamoleClientInformation;
/**
* An object which Guacamole can connect to.
*
* @author Michael Jumper
*/
public interface Connectable {
/**
* Establishes a connection to guacd using the information associated with
* this object. The connection will be provided the given client
* information.
*
* @param info
* Information associated with the connecting client.
*
* @return
* A fully-established GuacamoleTunnel.
*
* @throws GuacamoleException
* If an error occurs while connecting to guacd, or if permission to
* connect is denied.
*/
public GuacamoleTunnel connect(GuacamoleClientInformation info)
throws GuacamoleException;
/**
* Returns the number of active connections associated with this object.
* Implementations may simply return 0 if this value is not tracked.
*
* @return
* The number of active connections associated with this object.
*/
public int getActiveConnections();
}

125
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/Connection.java Normal file
View File

@@ -0,0 +1,125 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth;
import java.util.List;
import java.util.Map;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.protocol.GuacamoleConfiguration;
/**
* Represents a pairing of a GuacamoleConfiguration with a unique,
* human-readable identifier, and abstracts the connection process. The
* backing GuacamoleConfiguration may be intentionally obfuscated or tokenized
* to protect sensitive configuration information.
*
* @author Michael Jumper
*/
public interface Connection extends Identifiable, Connectable {
/**
* Returns the name assigned to this Connection.
* @return The name assigned to this Connection.
*/
public String getName();
/**
* Sets the name assigned to this Connection.
*
* @param name The name to assign.
*/
public void setName(String name);
/**
* Returns the unique identifier of the parent ConnectionGroup for
* this Connection.
*
* @return The unique identifier of the parent ConnectionGroup for
* this Connection.
*/
public String getParentIdentifier();
/**
* Sets the unique identifier of the parent ConnectionGroup for
* this Connection.
*
* @param parentIdentifier The unique identifier of the parent
* ConnectionGroup for this Connection.
*/
public void setParentIdentifier(String parentIdentifier);
/**
* Returns the GuacamoleConfiguration associated with this Connection. Note
* that because configurations may contain sensitive information, some data
* in this configuration may be omitted or tokenized.
*
* @return The GuacamoleConfiguration associated with this Connection.
*/
public GuacamoleConfiguration getConfiguration();
/**
* Sets the GuacamoleConfiguration associated with this Connection.
*
* @param config The GuacamoleConfiguration to associate with this
* Connection.
*/
public void setConfiguration(GuacamoleConfiguration config);
/**
* Returns all attributes associated with this connection. The returned map
* may not be modifiable.
*
* @return
* A map of all attribute identifiers to their corresponding values,
* for all attributes associated with this connection, which may not be
* modifiable.
*/
Map<String, String> getAttributes();
/**
* Sets the given attributes. If an attribute within the map is not
* supported, it will simply be dropped. Any attributes not within the
* given map will be left untouched.
*
* @param attributes
* A map of all attribute identifiers to their corresponding values.
*/
void setAttributes(Map<String, String> attributes);
/**
* Returns a list of ConnectionRecords representing the usage history
* of this Connection, including any active users. ConnectionRecords
* in this list will be sorted in descending order of end time (active
* connections are first), and then in descending order of start time
* (newer connections are first).
*
* @return A list of ConnectionRecrods representing the usage history
* of this Connection.
*
* @throws GuacamoleException If an error occurs while reading the history
* of this connection, or if permission is
* denied.
*/
public List<? extends ConnectionRecord> getHistory() throws GuacamoleException;
}

153
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/ConnectionGroup.java Normal file
View File

@@ -0,0 +1,153 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth;
import java.util.Map;
import java.util.Set;
import org.apache.guacamole.GuacamoleException;
/**
* Represents a connection group, which can contain both other connection groups
* as well as connections.
*
* @author James Muehlner
*/
public interface ConnectionGroup extends Identifiable, Connectable {
/**
* All legal types of connection group.
*/
public enum Type {
/**
* A connection group that purely organizes other connections or
* connection groups, serving only as a container. An organizational
* connection group is analogous to a directory or folder in a
* filesystem.
*/
ORGANIZATIONAL,
/**
* A connection group that acts as a load balancer. A balancing
* connection group can be connected to in the same manner as a
* connection, and will transparently route to the least-used
* underlying connection.
*/
BALANCING
};
/**
* Returns the name assigned to this ConnectionGroup.
* @return The name assigned to this ConnectionGroup.
*/
public String getName();
/**
* Sets the name assigned to this ConnectionGroup.
*
* @param name The name to assign.
*/
public void setName(String name);
/**
* Returns the unique identifier of the parent ConnectionGroup for
* this ConnectionGroup.
*
* @return The unique identifier of the parent ConnectionGroup for
* this ConnectionGroup.
*/
public String getParentIdentifier();
/**
* Sets the unique identifier of the parent ConnectionGroup for
* this ConnectionGroup.
*
* @param parentIdentifier The unique identifier of the parent
* ConnectionGroup for this ConnectionGroup.
*/
public void setParentIdentifier(String parentIdentifier);
/**
* Set the type of this ConnectionGroup.
*
* @param type The type of this ConnectionGroup.
*/
public void setType(Type type);
/**
* Returns the type of this connection.
* @return the type of this connection.
*/
public Type getType();
/**
* Returns the identifiers of all readable connections that are children
* of this connection group.
*
* @return
* The set of identifiers of all readable connections that are children
* of this connection group.
*
* @throws GuacamoleException
* If an error occurs while retrieving the identifiers.
*/
public Set<String> getConnectionIdentifiers() throws GuacamoleException;
/**
* Returns the identifiers of all readable connection groups that are
* children of this connection group.
*
* @return
* The set of identifiers of all readable connection groups that are
* children of this connection group.
*
* @throws GuacamoleException
* If an error occurs while retrieving the identifiers.
*/
public Set<String> getConnectionGroupIdentifiers()
throws GuacamoleException;
/**
* Returns all attributes associated with this connection group. The
* returned map may not be modifiable.
*
* @return
* A map of all attribute identifiers to their corresponding values,
* for all attributes associated with this connection group, which may
* not be modifiable.
*/
Map<String, String> getAttributes();
/**
* Sets the given attributes. If an attribute within the map is not
* supported, it will simply be dropped. Any attributes not within the
* given map will be left untouched.
*
* @param attributes
* A map of all attribute identifiers to their corresponding values.
*/
void setAttributes(Map<String, String> attributes);
}

98
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/ConnectionRecord.java Normal file
View File

@@ -0,0 +1,98 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth;
import java.util.Date;
/**
* A logging record describing when a user started and ended usage of a
* particular connection.
*
* @author Michael Jumper
*/
public interface ConnectionRecord {
/**
* Returns the identifier of the connection associated with this
* connection record.
*
* @return
* The identifier of the connection associated with this connection
* record.
*/
public String getConnectionIdentifier();
/**
* Returns the name of the connection associated with this connection
* record.
*
* @return
* The name of the connection associated with this connection record.
*/
public String getConnectionName();
/**
* Returns the date and time the connection began.
*
* @return The date and time the connection began.
*/
public Date getStartDate();
/**
* Returns the date and time the connection ended, if applicable.
*
* @return The date and time the connection ended, or null if the
* connection is still running or if the end time is unknown.
*/
public Date getEndDate();
/**
* Returns the hostname or IP address of the remote host that used the
* connection associated with this record, if known. If the hostname or IP
* address is not known, null is returned.
*
* @return
* The hostname or IP address of the remote host, or null if this
* information is not available.
*/
public String getRemoteHost();
/**
* Returns the name of the user who used or is using the connection at the
* times given by this connection record.
*
* @return The name of the user who used or is using the associated
* connection.
*/
public String getUsername();
/**
* Returns whether the connection associated with this record is still
* active.
*
* @return true if the connection associated with this record is still
* active, false otherwise.
*/
public boolean isActive();
}

131
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/ConnectionRecordSet.java Normal file
View File

@@ -0,0 +1,131 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth;
import java.util.Collection;
import org.apache.guacamole.GuacamoleException;
/**
* The set of all available connection records, or a subset of those records.
*
* @author James Muehlner
* @author Michael Jumper
*/
public interface ConnectionRecordSet {
/**
* All properties of connection records which can be used as sorting
* criteria.
*/
enum SortableProperty {
/**
* The date and time when the connection associated with the
* connection record began.
*/
START_DATE
};
/**
* Returns all connection records within this set as a standard Collection.
*
* @return
* A collection containing all connection records within this set.
*
* @throws GuacamoleException
* If an error occurs while retrieving the connection records within
* this set.
*/
Collection<ConnectionRecord> asCollection() throws GuacamoleException;
/**
* Returns the subset of connection records to only those where the
* connection name, user identifier, or any associated date field contain
* the given value. This function may also affect the contents of the
* current ConnectionRecordSet. The contents of the current
* ConnectionRecordSet should NOT be relied upon after this function is
* called.
*
* @param value
* The value which all connection records within the resulting subset
* should contain within their associated connection name or user
* identifier.
*
* @return
* The subset of connection history records which contain the specified
* value within their associated connection name or user identifier.
*
* @throws GuacamoleException
* If an error occurs while restricting the current subset.
*/
ConnectionRecordSet contains(String value) throws GuacamoleException;
/**
* Returns the subset of connection history records containing only the
* first <code>limit</code> records. If the subset has fewer than
* <code>limit</code> records, then this function has no effect. This
* function may also affect the contents of the current
* ConnectionRecordSet. The contents of the current ConnectionRecordSet
* should NOT be relied upon after this function is called.
*
* @param limit
* The maximum number of records that the new subset should contain.
*
* @return
* The subset of connection history records that containing only the
* first <code>limit</code> records.
*
* @throws GuacamoleException
* If an error occurs while limiting the current subset.
*/
ConnectionRecordSet limit(int limit) throws GuacamoleException;
/**
* Returns a ConnectionRecordSet containing identically the records within
* this set, sorted according to the specified criteria. The sort operation
* performed is guaranteed to be stable with respect to any past call to
* sort(). This function may also affect the contents of the current
* ConnectionRecordSet. The contents of the current ConnectionRecordSet
* should NOT be relied upon after this function is called.
*
* @param property
* The property by which the connection records within the resulting
* set should be sorted.
*
* @param desc
* Whether the records should be sorted according to the specified
* property in descending order. If false, records will be sorted
* according to the specified property in ascending order.
*
* @return
* The ConnnectionRecordSet, sorted according to the specified
* criteria.
*
* @throws GuacamoleException
* If an error occurs while sorting the current subset.
*/
ConnectionRecordSet sort(SortableProperty property, boolean desc)
throws GuacamoleException;
}

139
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/Credentials.java Normal file
View File

@@ -0,0 +1,139 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth;
import java.io.Serializable;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
/**
* Simple arbitrary set of credentials, including a username/password pair,
* the HttpServletRequest associated with the request for authorization
* (if any) and the HttpSession associated with that request.
*
* This class is used along with AuthenticationProvider to provide arbitrary
* HTTP-based authentication for Guacamole.
*
* @author Michael Jumper
*/
public class Credentials implements Serializable {
/**
* Unique identifier associated with this specific version of Credentials.
*/
private static final long serialVersionUID = 1L;
/**
* An arbitrary username.
*/
private String username;
/**
* An arbitrary password.
*/
private String password;
/**
* The HttpServletRequest carrying additional credentials, if any.
*/
private transient HttpServletRequest request;
/**
* The HttpSession carrying additional credentials, if any.
*/
private transient HttpSession session;
/**
* Returns the password associated with this set of credentials.
* @return The password associated with this username/password pair, or
* null if no password has been set.
*/
public String getPassword() {
return password;
}
/**
* Sets the password associated with this set of credentials.
* @param password The password to associate with this username/password
* pair.
*/
public void setPassword(String password) {
this.password = password;
}
/**
* Returns the username associated with this set of credentials.
* @return The username associated with this username/password pair, or
* null if no username has been set.
*/
public String getUsername() {
return username;
}
/**
* Sets the username associated with this set of credentials.
* @param username The username to associate with this username/password
* pair.
*/
public void setUsername(String username) {
this.username = username;
}
/**
* Returns the HttpServletRequest associated with this set of credentials.
* @return The HttpServletRequest associated with this set of credentials,
* or null if no such request exists.
*/
public HttpServletRequest getRequest() {
return request;
}
/**
* Sets the HttpServletRequest associated with this set of credentials.
* @param request The HttpServletRequest to associated with this set of
* credentials.
*/
public void setRequest(HttpServletRequest request) {
this.request = request;
}
/**
* Returns the HttpSession associated with this set of credentials.
* @return The HttpSession associated with this set of credentials, or null
* if no such request exists.
*/
public HttpSession getSession() {
return session;
}
/**
* Sets the HttpSession associated with this set of credentials.
* @param session The HttpSession to associated with this set of
* credentials.
*/
public void setSession(HttpSession session) {
this.session = session;
}
}

128
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/Directory.java Normal file
View File

@@ -0,0 +1,128 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth;
import java.util.Collection;
import java.util.Set;
import org.apache.guacamole.GuacamoleException;
/**
* Provides access to a collection of all objects with associated identifiers,
* and allows user manipulation and removal. Objects returned by a Directory
* are not necessarily backed by the stored objects, thus updating an object
* always requires calling the update() function.
*
* @author Michael Jumper
* @param <ObjectType>
* The type of objects stored within this Directory.
*/
public interface Directory<ObjectType extends Identifiable> {
/**
* Returns the object having the given identifier. Note that changes to
* the object returned will not necessarily affect the object stored within
* the Directory. To update an object stored within an
* Directory such that future calls to get() will return the updated
* object, you must call update() on the object after modification.
*
* @param identifier The identifier to use when locating the object to
* return.
* @return The object having the given identifier, or null if no such object
* exists.
*
* @throws GuacamoleException If an error occurs while retrieving the
* object, or if permission for retrieving the
* object is denied.
*/
ObjectType get(String identifier) throws GuacamoleException;
/**
* Returns the objects having the given identifiers. Note that changes to
* any object returned will not necessarily affect the object stored within
* the Directory. To update an object stored within a
* Directory such that future calls to get() will return the updated
* object, you must call update() on the object after modification.
*
* @param identifiers
* The identifiers to use when locating the objects to return.
*
* @return
* The objects having the given identifiers. If any identifiers do not
* correspond to accessible objects, those identifiers will be ignored.
* If no objects correspond to any of the given identifiers, the
* returned collection will be empty.
*
* @throws GuacamoleException
* If an error occurs while retrieving the objects, or if permission
* to retrieve the requested objects is denied.
*/
Collection<ObjectType> getAll(Collection<String> identifiers)
throws GuacamoleException;
/**
* Returns a Set containing all identifiers for all objects within this
* Directory.
*
* @return A Set of all identifiers.
* @throws GuacamoleException If an error occurs while retrieving
* the identifiers.
*/
Set<String> getIdentifiers() throws GuacamoleException;
/**
* Adds the given object to the overall set. If a new identifier is
* created for the added object, that identifier will be automatically
* assigned via setIdentifier().
*
* @param object
* The object to add.
*
* @throws GuacamoleException
* If an error occurs while adding the object, or if adding the object
* is not allowed.
*/
void add(ObjectType object)
throws GuacamoleException;
/**
* Updates the stored object with the data contained in the given object.
*
* @param object The object which will supply the data for the update.
*
* @throws GuacamoleException If an error occurs while updating the object,
* or if updating the object is not allowed.
*/
void update(ObjectType object)
throws GuacamoleException;
/**
* Removes the object with the given identifier from the overall set.
*
* @param identifier The identifier of the object to remove.
*
* @throws GuacamoleException If an error occurs while removing the object,
* or if removing object is not allowed.
*/
void remove(String identifier) throws GuacamoleException;
}

52
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/Identifiable.java Normal file
View File

@@ -0,0 +1,52 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth;
/**
* An object which has a deterministic, unique identifier, which may not be
* null.
*
* @author Michael Jumper
*/
public interface Identifiable {
/**
* Returns the unique identifier assigned to this object. All identifiable
* objects must have a deterministic, unique identifier which may not be
* null.
*
* @return
* The unique identifier assigned to this object, which may not be
* null.
*/
public String getIdentifier();
/**
* Sets the identifier assigned to this object.
*
* @param identifier
* The identifier to assign.
*/
public void setIdentifier(String identifier);
}

144
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/User.java Normal file
View File

@@ -0,0 +1,144 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth;
import java.util.Map;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.net.auth.permission.ObjectPermissionSet;
import org.apache.guacamole.net.auth.permission.SystemPermissionSet;
/**
* A user of the Guacamole web application.
*
* @author Michael Jumper
*/
public interface User extends Identifiable {
/**
* Returns this user's password. Note that the password returned may be
* hashed or completely arbitrary.
*
* @return A String which may (or may not) be the user's password.
*/
public String getPassword();
/**
* Sets this user's password. Note that while this function is guaranteed
* to change the password of this User object, there is no guarantee that
* getPassword() will return the value given to setPassword().
*
* @param password The password to set.
*/
public void setPassword(String password);
/**
* Returns all attributes associated with this user. The returned map may
* not be modifiable.
*
* @return
* A map of all attribute identifiers to their corresponding values,
* for all attributes associated with this user, which may not be
* modifiable.
*/
Map<String, String> getAttributes();
/**
* Sets the given attributes. If an attribute within the map is not
* supported, it will simply be dropped. Any attributes not within the
* given map will be left untouched.
*
* @param attributes
* A map of all attribute identifiers to their corresponding values.
*/
void setAttributes(Map<String, String> attributes);
/**
* Returns all system-level permissions given to this user.
*
* @return
* A SystemPermissionSet of all system-level permissions granted to
* this user.
*
* @throws GuacamoleException
* If an error occurs while retrieving permissions, or if reading all
* permissions is not allowed.
*/
SystemPermissionSet getSystemPermissions() throws GuacamoleException;
/**
* Returns all connection permissions given to this user.
*
* @return
* An ObjectPermissionSet of all connection permissions granted to this
* user.
*
* @throws GuacamoleException
* If an error occurs while retrieving permissions, or if reading all
* permissions is not allowed.
*/
ObjectPermissionSet getConnectionPermissions()
throws GuacamoleException;
/**
* Returns all connection group permissions given to this user.
*
* @return
* An ObjectPermissionSet of all connection group permissions granted
* to this user.
*
* @throws GuacamoleException
* If an error occurs while retrieving permissions, or if reading all
* permissions is not allowed.
*/
ObjectPermissionSet getConnectionGroupPermissions()
throws GuacamoleException;
/**
* Returns all permissions given to this user regarding currently-active
* connections.
*
* @return
* An ObjectPermissionSet of all active connection permissions granted
* to this user.
*
* @throws GuacamoleException
* If an error occurs while retrieving permissions, or if reading all
* permissions is not allowed.
*/
ObjectPermissionSet getActiveConnectionPermissions()
throws GuacamoleException;
/**
* Returns all user permissions given to this user.
*
* @return
* An ObjectPermissionSet of all user permissions granted to this user.
*
* @throws GuacamoleException
* If an error occurs while retrieving permissions, or if reading all
* permissions is not allowed.
*/
ObjectPermissionSet getUserPermissions() throws GuacamoleException;
}

171
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/UserContext.java Normal file
View File

@@ -0,0 +1,171 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth;
import java.util.Collection;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.form.Form;
/**
* The context of an active user. The functions of this class enforce all
* permissions and act only within the rights of the associated user.
*
* @author Michael Jumper
*/
public interface UserContext {
/**
* Returns the User whose access rights control the operations of this
* UserContext.
*
* @return The User whose access rights control the operations of this
* UserContext.
*/
User self();
/**
* Returns the AuthenticationProvider which created this UserContext, which
* may not be the same AuthenticationProvider that authenticated the user
* associated with this UserContext.
*
* @return
* The AuthenticationProvider that created this UserContext.
*/
AuthenticationProvider getAuthenticationProvider();
/**
* Retrieves a Directory which can be used to view and manipulate other
* users, but only as allowed by the permissions given to the user of this
* UserContext.
*
* @return A Directory whose operations are bound by the restrictions
* of this UserContext.
*
* @throws GuacamoleException If an error occurs while creating the
* Directory.
*/
Directory<User> getUserDirectory() throws GuacamoleException;
/**
* Retrieves a Directory which can be used to view and manipulate
* connections and their configurations, but only as allowed by the
* permissions given to the user.
*
* @return A Directory whose operations are bound by the permissions of
* the user.
*
* @throws GuacamoleException If an error occurs while creating the
* Directory.
*/
Directory<Connection> getConnectionDirectory()
throws GuacamoleException;
/**
* Retrieves a Directory which can be used to view and manipulate
* connection groups and their members, but only as allowed by the
* permissions given to the user.
*
* @return A Directory whose operations are bound by the permissions of
* the user.
*
* @throws GuacamoleException If an error occurs while creating the
* Directory.
*/
Directory<ConnectionGroup> getConnectionGroupDirectory()
throws GuacamoleException;
/**
* Retrieves a Directory which can be used to view and manipulate
* active connections, but only as allowed by the permissions given to the
* user.
*
* @return
* A Directory whose operations are bound by the permissions of the
* user.
*
* @throws GuacamoleException
* If an error occurs while creating the Directory.
*/
Directory<ActiveConnection> getActiveConnectionDirectory()
throws GuacamoleException;
/**
* Retrieves all connection records visible to current user. The resulting
* set of connection records can be further filtered and ordered using the
* methods defined on ConnectionRecordSet.
*
* @return
* A set of all connection records visible to the current user.
*
* @throws GuacamoleException
* If an error occurs while retrieving the connection records.
*/
ConnectionRecordSet getConnectionHistory() throws GuacamoleException;
/**
* Retrieves a connection group which can be used to view and manipulate
* connections, but only as allowed by the permissions given to the user of
* this UserContext.
*
* @return A connection group whose operations are bound by the restrictions
* of this UserContext.
*
* @throws GuacamoleException If an error occurs while creating the
* Directory.
*/
ConnectionGroup getRootConnectionGroup() throws GuacamoleException;
/**
* Retrieves a collection of all attributes applicable to users. This
* collection will contain only those attributes which the current user has
* general permission to view or modify. If there are no such attributes,
* this collection will be empty.
*
* @return
* A collection of all attributes applicable to users.
*/
Collection<Form> getUserAttributes();
/**
* Retrieves a collection of all attributes applicable to connections. This
* collection will contain only those attributes which the current user has
* general permission to view or modify. If there are no such attributes,
* this collection will be empty.
*
* @return
* A collection of all attributes applicable to connections.
*/
Collection<Form> getConnectionAttributes();
/**
* Retrieves a collection of all attributes applicable to connection
* groups. This collection will contain only those attributes which the
* current user has general permission to view or modify. If there are no
* such attributes, this collection will be empty.
*
* @return
* A collection of all attributes applicable to connection groups.
*/
Collection<Form> getConnectionGroupAttributes();
}

93
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/credentials/CredentialsInfo.java Normal file
View File

@@ -0,0 +1,93 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.credentials;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import org.apache.guacamole.form.Field;
import org.apache.guacamole.form.PasswordField;
import org.apache.guacamole.form.UsernameField;
/**
* Information which describes a set of valid credentials.
*
* @author Michael Jumper
*/
public class CredentialsInfo {
/**
* All fields required for valid credentials.
*/
private final Collection<Field> fields;
/**
* Creates a new CredentialsInfo object which requires the given fields for
* any conforming credentials.
*
* @param fields
* The fields to require.
*/
public CredentialsInfo(Collection<Field> fields) {
this.fields = fields;
}
/**
* Returns all fields required for valid credentials as described by this
* object.
*
* @return
* All fields required for valid credentials.
*/
public Collection<Field> getFields() {
return Collections.unmodifiableCollection(fields);
}
/**
* CredentialsInfo object which describes empty credentials. No fields are
* required.
*/
public static final CredentialsInfo EMPTY = new CredentialsInfo(Collections.<Field>emptyList());
/**
* A field describing the username HTTP parameter expected by Guacamole
* during login, if usernames are being used.
*/
public static final Field USERNAME = new UsernameField("username");
/**
* A field describing the password HTTP parameter expected by Guacamole
* during login, if passwords are being used.
*/
public static final Field PASSWORD = new PasswordField("password");
/**
* CredentialsInfo object which describes standard username/password
* credentials.
*/
public static final CredentialsInfo USERNAME_PASSWORD = new CredentialsInfo(Arrays.asList(
USERNAME,
PASSWORD
));
}

100
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/credentials/GuacamoleCredentialsException.java Normal file
View File

@@ -0,0 +1,100 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.credentials;
import org.apache.guacamole.GuacamoleUnauthorizedException;
/**
* A security-related exception thrown when access is denied to a user because
* of a problem related to the provided credentials. Additional information
* describing the form of valid credentials is provided.
*
* @author Michael Jumper
*/
public class GuacamoleCredentialsException extends GuacamoleUnauthorizedException {
/**
* Information describing the form of valid credentials.
*/
private final CredentialsInfo credentialsInfo;
/**
* Creates a new GuacamoleInvalidCredentialsException with the given
* message, cause, and associated credential information.
*
* @param message
* A human readable description of the exception that occurred.
*
* @param cause
* The cause of this exception.
*
* @param credentialsInfo
* Information describing the form of valid credentials.
*/
public GuacamoleCredentialsException(String message, Throwable cause,
CredentialsInfo credentialsInfo) {
super(message, cause);
this.credentialsInfo = credentialsInfo;
}
/**
* Creates a new GuacamoleInvalidCredentialsException with the given
* message and associated credential information.
*
* @param message
* A human readable description of the exception that occurred.
*
* @param credentialsInfo
* Information describing the form of valid credentials.
*/
public GuacamoleCredentialsException(String message, CredentialsInfo credentialsInfo) {
super(message);
this.credentialsInfo = credentialsInfo;
}
/**
* Creates a new GuacamoleInvalidCredentialsException with the given cause
* and associated credential information.
*
* @param cause
* The cause of this exception.
*
* @param credentialsInfo
* Information describing the form of valid credentials.
*/
public GuacamoleCredentialsException(Throwable cause, CredentialsInfo credentialsInfo) {
super(cause);
this.credentialsInfo = credentialsInfo;
}
/**
* Returns information describing the form of valid credentials.
*
* @return
* Information describing the form of valid credentials.
*/
public CredentialsInfo getCredentialsInfo() {
return credentialsInfo;
}
}

82
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/credentials/GuacamoleInsufficientCredentialsException.java Normal file
View File

@@ -0,0 +1,82 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.credentials;
/**
* A security-related exception thrown when access is denied to a user because
* the provided credentials are not sufficient for authentication to succeed.
* The validity or invalidity of the given credentials is not specified, and
* more information is needed before a decision can be made. Additional
* information describing the form of valid credentials is provided.
*
* @author Michael Jumper
*/
public class GuacamoleInsufficientCredentialsException extends GuacamoleCredentialsException {
/**
* Creates a new GuacamoleInsufficientCredentialsException with the given
* message, cause, and associated credential information.
*
* @param message
* A human readable description of the exception that occurred.
*
* @param cause
* The cause of this exception.
*
* @param credentialsInfo
* Information describing the form of valid credentials.
*/
public GuacamoleInsufficientCredentialsException(String message, Throwable cause,
CredentialsInfo credentialsInfo) {
super(message, cause, credentialsInfo);
}
/**
* Creates a new GuacamoleInsufficientCredentialsException with the given
* message and associated credential information.
*
* @param message
* A human readable description of the exception that occurred.
*
* @param credentialsInfo
* Information describing the form of valid credentials.
*/
public GuacamoleInsufficientCredentialsException(String message, CredentialsInfo credentialsInfo) {
super(message, credentialsInfo);
}
/**
* Creates a new GuacamoleInsufficientCredentialsException with the given
* cause and associated credential information.
*
* @param cause
* The cause of this exception.
*
* @param credentialsInfo
* Information describing the form of valid credentials.
*/
public GuacamoleInsufficientCredentialsException(Throwable cause, CredentialsInfo credentialsInfo) {
super(cause, credentialsInfo);
}
}

80
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/credentials/GuacamoleInvalidCredentialsException.java Normal file
View File

@@ -0,0 +1,80 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.credentials;
/**
* A security-related exception thrown when access is denied to a user because
* the provided credentials are invalid. Additional information describing
* the form of valid credentials is provided.
*
* @author Michael Jumper
*/
public class GuacamoleInvalidCredentialsException extends GuacamoleCredentialsException {
/**
* Creates a new GuacamoleInvalidCredentialsException with the given
* message, cause, and associated credential information.
*
* @param message
* A human readable description of the exception that occurred.
*
* @param cause
* The cause of this exception.
*
* @param credentialsInfo
* Information describing the form of valid credentials.
*/
public GuacamoleInvalidCredentialsException(String message, Throwable cause,
CredentialsInfo credentialsInfo) {
super(message, cause, credentialsInfo);
}
/**
* Creates a new GuacamoleInvalidCredentialsException with the given
* message and associated credential information.
*
* @param message
* A human readable description of the exception that occurred.
*
* @param credentialsInfo
* Information describing the form of valid credentials.
*/
public GuacamoleInvalidCredentialsException(String message, CredentialsInfo credentialsInfo) {
super(message, credentialsInfo);
}
/**
* Creates a new GuacamoleInvalidCredentialsException with the given cause
* and associated credential information.
*
* @param cause
* The cause of this exception.
*
* @param credentialsInfo
* Information describing the form of valid credentials.
*/
public GuacamoleInvalidCredentialsException(Throwable cause, CredentialsInfo credentialsInfo) {
super(cause, credentialsInfo);
}
}

28
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/package-info.java Normal file
View File

@@ -0,0 +1,28 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
/**
* Provides classes which can be used to extend or replace the authentication
* functionality of the Guacamole web application.
*/
package org.apache.guacamole.net.auth;

139
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/permission/ObjectPermission.java Normal file
View File

@@ -0,0 +1,139 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.permission;
/**
* A permission which affects a specific object, rather than the system as a
* whole.
*
* @author Michael Jumper
*/
public class ObjectPermission implements Permission<ObjectPermission.Type> {
/**
* Specific types of object-level permissions. Each permission type is
* related to a specific class of object-level operation.
*/
public enum Type {
/**
* Read data within an object.
*/
READ,
/**
* Update data within an object.
*/
UPDATE,
/**
* Delete an object.
*/
DELETE,
/**
* Change who has access to an object.
*/
ADMINISTER
}
/**
* The identifier of the GuacamoleConfiguration associated with the
* operation affected by this permission.
*/
private final String identifier;
/**
* The type of operation affected by this permission.
*/
private final Type type;
/**
* Creates a new ObjectPermission having the given type and identifier.
* The identifier must be the unique identifier assigned to the object
* associated with this permission by the AuthenticationProvider in use.
*
* @param type
* The type of operation affected by this permission.
*
* @param identifier
* The identifier of the object associated with the operation affected
* by this permission.
*/
public ObjectPermission(Type type, String identifier) {
this.identifier = identifier;
this.type = type;
}
/**
* Returns the identifier of the specific object affected by this
* permission.
*
* @return The identifier of the specific object affected by this
* permission.
*/
public String getObjectIdentifier() {
return identifier;
}
@Override
public Type getType() {
return type;
}
@Override
public int hashCode() {
int hash = 5;
if (identifier != null) hash = 47 * hash + identifier.hashCode();
if (type != null) hash = 47 * hash + type.hashCode();
return hash;
}
@Override
public boolean equals(Object obj) {
// Not equal if null or wrong type
if (obj == null) return false;
if (getClass() != obj.getClass()) return false;
final ObjectPermission other = (ObjectPermission) obj;
// Not equal if different type
if (this.type != other.type)
return false;
// If null identifier, equality depends on whether other identifier
// is null
if (identifier == null)
return other.identifier == null;
// Otherwise, equality depends entirely on identifier
return identifier.equals(other.identifier);
}
}

134
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/permission/ObjectPermissionSet.java Normal file
View File

@@ -0,0 +1,134 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.permission;
import java.util.Collection;
import java.util.Set;
import org.apache.guacamole.GuacamoleException;
/**
* A set of permissions which affect arbitrary objects, where each object has
* an associated unique identifier.
*
* @author Michael Jumper
*/
public interface ObjectPermissionSet extends PermissionSet<ObjectPermission> {
/**
* Tests whether the permission of the given type is granted for the
* object having the given identifier.
*
* @param permission
* The permission to check.
*
* @param identifier
* The identifier of the object affected by the permission being
* checked.
*
* @return
* true if the permission is granted, false otherwise.
*
* @throws GuacamoleException
* If an error occurs while checking permissions, or if permissions
* cannot be checked due to lack of permissions to do so.
*/
boolean hasPermission(ObjectPermission.Type permission,
String identifier) throws GuacamoleException;
/**
* Adds the specified permission for the object having the given
* identifier.
*
* @param permission
* The permission to add.
*
* @param identifier
* The identifier of the object affected by the permission being
* added.
*
* @throws GuacamoleException
* If an error occurs while adding the permission, or if permission to
* add permissions is denied.
*/
void addPermission(ObjectPermission.Type permission,
String identifier) throws GuacamoleException;
/**
* Removes the specified permission for the object having the given
* identifier.
*
* @param permission
* The permission to remove.
*
* @param identifier
* The identifier of the object affected by the permission being
* added.
*
* @throws GuacamoleException
* If an error occurs while removing the permission, or if permission
* to remove permissions is denied.
*/
void removePermission(ObjectPermission.Type permission,
String identifier) throws GuacamoleException;
/**
* Tests whether this user has the specified permissions for the objects
* having the given identifiers. The identifier of an object is returned
* in a new collection if at least one of the specified permissions is
* granted for that object.
*
* @param permissions
* The permissions to check. An identifier will be included in the
* resulting collection if at least one of these permissions is granted
* for the associated object
*
* @param identifiers
* The identifiers of the objects affected by the permissions being
* checked.
*
* @return
* A collection containing the subset of identifiers for which at least
* one of the specified permissions is granted.
*
* @throws GuacamoleException
* If an error occurs while checking permissions, or if permissions
* cannot be checked due to lack of permissions to do so.
*/
Collection<String> getAccessibleObjects(
Collection<ObjectPermission.Type> permissions,
Collection<String> identifiers) throws GuacamoleException;
@Override
Set<ObjectPermission> getPermissions()
throws GuacamoleException;
@Override
void addPermissions(Set<ObjectPermission> permissions)
throws GuacamoleException;
@Override
void removePermissions(Set<ObjectPermission> permissions)
throws GuacamoleException;
}

42
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/permission/Permission.java Normal file
View File

@@ -0,0 +1,42 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.permission;
/**
* A permission which affects a specific type of operation, where all available
* operation types are defined by an enumeration.
*
* @author Michael Jumper
* @param <Type> The enumeration of all available operation types that this
* permission can affect.
*/
public interface Permission<Type extends Enum> {
/**
* Returns the type of operation affected by this permission.
* @return The type of operation affected by this permission.
*/
public Type getType();
}

82
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/permission/PermissionSet.java Normal file
View File

@@ -0,0 +1,82 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.permission;
import java.util.Set;
import org.apache.guacamole.GuacamoleException;
/**
* An arbitrary set of permissions.
*
* @author Michael Jumper
* @param <PermissionType>
* The type of permission stored within this PermissionSet.
*/
public interface PermissionSet<PermissionType extends Permission> {
/**
* Returns a Set which contains all permissions granted within this
* permission set.
*
* @return
* A Set containing all permissions granted within this permission set.
*
* @throws GuacamoleException
* If an error occurs while retrieving permissions, or if permissions
* cannot be retrieved due to lack of permissions to do so.
*/
Set<PermissionType> getPermissions() throws GuacamoleException;
/**
* Adds the specified permissions, if not already granted. If a specified
* permission is already granted, no operation is performed regarding that
* permission.
*
* @param permissions
* The permissions to add.
*
* @throws GuacamoleException
* If an error occurs while adding the permissions, or if permission to
* add permissions is denied.
*/
void addPermissions(Set<PermissionType> permissions)
throws GuacamoleException;
/**
* Removes each of the specified permissions, if granted. If a specified
* permission is not granted, no operation is performed regarding that
* permission.
*
* @param permissions
* The permissions to remove.
*
* @throws GuacamoleException
* If an error occurs while removing the permissions, or if permission
* to remove permissions is denied.
*/
void removePermissions(Set<PermissionType> permissions)
throws GuacamoleException;
}

105
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/permission/SystemPermission.java Normal file
View File

@@ -0,0 +1,105 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.permission;
/**
* A permission which affects the system as a whole, rather than an individual
* object.
*
* @author Michael Jumper
*/
public class SystemPermission implements Permission<SystemPermission.Type> {
/**
* Specific types of system-level permissions. Each permission type is
* related to a specific class of system-level operation.
*/
public enum Type {
/**
* Create users.
*/
CREATE_USER,
/**
* Create connections.
*/
CREATE_CONNECTION,
/**
* Create connection groups.
*/
CREATE_CONNECTION_GROUP,
/**
* Administer the system in general, including adding permissions
* which affect the system (like user creation, connection creation,
* and system administration).
*/
ADMINISTER
}
/**
* The type of operation affected by this permission.
*/
private Type type;
/**
* Creates a new SystemPermission with the given
* type.
*
* @param type The type of operation controlled by this permission.
*/
public SystemPermission(Type type) {
this.type = type;
}
@Override
public Type getType() {
return type;
}
@Override
public int hashCode() {
return type.hashCode();
}
@Override
public boolean equals(Object obj) {
// Not equal if null or wrong type
if (obj == null) return false;
if (getClass() != obj.getClass()) return false;
final SystemPermission other = (SystemPermission) obj;
// Compare types
if (type != other.type)
return false;
return true;
}
}

89
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/permission/SystemPermissionSet.java Normal file
View File

@@ -0,0 +1,89 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.permission;
import java.util.Set;
import org.apache.guacamole.GuacamoleException;
/**
* A set of permissions which affects the system as a whole.
*
* @author Michael Jumper
*/
public interface SystemPermissionSet extends PermissionSet<SystemPermission> {
/**
* Tests whether the permission of the given type is granted.
*
* @param permission
* The permission to check.
*
* @return
* true if the permission is granted, false otherwise.
*
* @throws GuacamoleException
* If an error occurs while checking permissions, or if permissions
* cannot be checked due to lack of permissions to do so.
*/
boolean hasPermission(SystemPermission.Type permission)
throws GuacamoleException;
/**
* Adds the specified permission.
*
* @param permission
* The permission to add.
*
* @throws GuacamoleException
* If an error occurs while adding the permission, or if permission to
* add permissions is denied.
*/
void addPermission(SystemPermission.Type permission)
throws GuacamoleException;
/**
* Removes the specified permission.
*
* @param permission
* The permission to remove.
*
* @throws GuacamoleException
* If an error occurs while removing the permission, or if permission
* to remove permissions is denied.
*/
void removePermission(SystemPermission.Type permission)
throws GuacamoleException;
@Override
Set<SystemPermission> getPermissions() throws GuacamoleException;
@Override
void addPermissions(Set<SystemPermission> permissions)
throws GuacamoleException;
@Override
void removePermissions(Set<SystemPermission> permissions)
throws GuacamoleException;
}

28
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/permission/package-info.java Normal file
View File

@@ -0,0 +1,28 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
/**
* Provides classes which describe the various permissions a Guacamole user
* can be granted.
*/
package org.apache.guacamole.net.auth.permission;

264
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleAuthenticationProvider.java Normal file
View File

@@ -0,0 +1,264 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.simple;
import java.util.Map;
import java.util.UUID;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.net.auth.AbstractAuthenticatedUser;
import org.apache.guacamole.net.auth.AuthenticationProvider;
import org.apache.guacamole.net.auth.AuthenticatedUser;
import org.apache.guacamole.net.auth.Credentials;
import org.apache.guacamole.net.auth.UserContext;
import org.apache.guacamole.protocol.GuacamoleConfiguration;
import org.apache.guacamole.token.StandardTokens;
import org.apache.guacamole.token.TokenFilter;
/**
* Provides means of retrieving a set of named GuacamoleConfigurations for a
* given Credentials object. This is a simple AuthenticationProvider
* implementation intended to be easily extended. It is useful for simple
* authentication situations where access to web-based administration and
* complex users and permissions are not required.
*
* The interface provided by SimpleAuthenticationProvider is similar to that of
* the AuthenticationProvider interface of older Guacamole releases.
*
* @author Michael Jumper
*/
public abstract class SimpleAuthenticationProvider
implements AuthenticationProvider {
/**
* Given an arbitrary credentials object, returns a Map containing all
* configurations authorized by those credentials. The keys of this Map
* are Strings which uniquely identify each configuration.
*
* @param credentials The credentials to use to retrieve authorized
* configurations.
* @return A Map of all configurations authorized by the given credentials,
* or null if the credentials given are not authorized.
* @throws GuacamoleException If an error occurs while retrieving
* configurations.
*/
public abstract Map<String, GuacamoleConfiguration>
getAuthorizedConfigurations(Credentials credentials)
throws GuacamoleException;
/**
* AuthenticatedUser which contains its own predefined set of authorized
* configurations.
*
* @author Michael Jumper
*/
private class SimpleAuthenticatedUser extends AbstractAuthenticatedUser {
/**
* The credentials provided when this AuthenticatedUser was
* authenticated.
*/
private final Credentials credentials;
/**
* The GuacamoleConfigurations that this AuthenticatedUser is
* authorized to use.
*/
private final Map<String, GuacamoleConfiguration> configs;
/**
* Creates a new SimpleAuthenticatedUser associated with the given
* credentials and having access to the given Map of
* GuacamoleConfigurations.
*
* @param credentials
* The credentials provided by the user when they authenticated.
*
* @param configs
* A Map of all GuacamoleConfigurations for which this user has
* access. The keys of this Map are Strings which uniquely identify
* each configuration.
*/
public SimpleAuthenticatedUser(Credentials credentials, Map<String, GuacamoleConfiguration> configs) {
// Store credentials and configurations
this.credentials = credentials;
this.configs = configs;
// Pull username from credentials if it exists
String username = credentials.getUsername();
if (username != null && !username.isEmpty())
setIdentifier(username);
// Otherwise generate a random username
else
setIdentifier(UUID.randomUUID().toString());
}
/**
* Returns a Map containing all GuacamoleConfigurations that this user
* is authorized to use. The keys of this Map are Strings which
* uniquely identify each configuration.
*
* @return
* A Map of all configurations for which this user is authorized.
*/
public Map<String, GuacamoleConfiguration> getAuthorizedConfigurations() {
return configs;
}
@Override
public AuthenticationProvider getAuthenticationProvider() {
return SimpleAuthenticationProvider.this;
}
@Override
public Credentials getCredentials() {
return credentials;
}
}
/**
* Given an arbitrary credentials object, returns a Map containing all
* configurations authorized by those credentials, filtering those
* configurations using a TokenFilter and the standard credential tokens
* (like ${GUAC_USERNAME} and ${GUAC_PASSWORD}). The keys of this Map
* are Strings which uniquely identify each configuration.
*
* @param credentials
* The credentials to use to retrieve authorized configurations.
*
* @return
* A Map of all configurations authorized by the given credentials, or
* null if the credentials given are not authorized.
*
* @throws GuacamoleException
* If an error occurs while retrieving configurations.
*/
private Map<String, GuacamoleConfiguration>
getFilteredAuthorizedConfigurations(Credentials credentials)
throws GuacamoleException {
// Get configurations
Map<String, GuacamoleConfiguration> configs =
getAuthorizedConfigurations(credentials);
// Return as unauthorized if not authorized to retrieve configs
if (configs == null)
return null;
// Build credential TokenFilter
TokenFilter tokenFilter = new TokenFilter();
StandardTokens.addStandardTokens(tokenFilter, credentials);
// Filter each configuration
for (GuacamoleConfiguration config : configs.values())
tokenFilter.filterValues(config.getParameters());
return configs;
}
/**
* Given a user who has already been authenticated, returns a Map
* containing all configurations for which that user is authorized,
* filtering those configurations using a TokenFilter and the standard
* credential tokens (like ${GUAC_USERNAME} and ${GUAC_PASSWORD}). The keys
* of this Map are Strings which uniquely identify each configuration.
*
* @param authenticatedUser
* The user whose authorized configurations are to be retrieved.
*
* @return
* A Map of all configurations authorized for use by the given user, or
* null if the user is not authorized to use any configurations.
*
* @throws GuacamoleException
* If an error occurs while retrieving configurations.
*/
private Map<String, GuacamoleConfiguration>
getFilteredAuthorizedConfigurations(AuthenticatedUser authenticatedUser)
throws GuacamoleException {
// Pull cached configurations, if any
if (authenticatedUser instanceof SimpleAuthenticatedUser && authenticatedUser.getAuthenticationProvider() == this)
return ((SimpleAuthenticatedUser) authenticatedUser).getAuthorizedConfigurations();
// Otherwise, pull using credentials
return getFilteredAuthorizedConfigurations(authenticatedUser.getCredentials());
}
@Override
public AuthenticatedUser authenticateUser(final Credentials credentials)
throws GuacamoleException {
// Get configurations
Map<String, GuacamoleConfiguration> configs =
getFilteredAuthorizedConfigurations(credentials);
// Return as unauthorized if not authorized to retrieve configs
if (configs == null)
return null;
return new SimpleAuthenticatedUser(credentials, configs);
}
@Override
public UserContext getUserContext(AuthenticatedUser authenticatedUser)
throws GuacamoleException {
// Get configurations
Map<String, GuacamoleConfiguration> configs =
getFilteredAuthorizedConfigurations(authenticatedUser);
// Return as unauthorized if not authorized to retrieve configs
if (configs == null)
return null;
// Return user context restricted to authorized configs
return new SimpleUserContext(this, authenticatedUser.getIdentifier(), configs);
}
@Override
public AuthenticatedUser updateAuthenticatedUser(AuthenticatedUser authenticatedUser,
Credentials credentials) throws GuacamoleException {
// Simply return the given user, updating nothing
return authenticatedUser;
}
@Override
public UserContext updateUserContext(UserContext context,
AuthenticatedUser authorizedUser) throws GuacamoleException {
// Simply return the given context, updating nothing
return context;
}
}

146
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleConnection.java Normal file
View File

@@ -0,0 +1,146 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.simple;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.environment.Environment;
import org.apache.guacamole.environment.LocalEnvironment;
import org.apache.guacamole.net.GuacamoleSocket;
import org.apache.guacamole.net.GuacamoleTunnel;
import org.apache.guacamole.net.InetGuacamoleSocket;
import org.apache.guacamole.net.SSLGuacamoleSocket;
import org.apache.guacamole.net.SimpleGuacamoleTunnel;
import org.apache.guacamole.net.auth.AbstractConnection;
import org.apache.guacamole.net.auth.ConnectionRecord;
import org.apache.guacamole.protocol.ConfiguredGuacamoleSocket;
import org.apache.guacamole.protocol.GuacamoleClientInformation;
import org.apache.guacamole.protocol.GuacamoleConfiguration;
/**
* An extremely basic Connection implementation.
*
* @author Michael Jumper
*/
public class SimpleConnection extends AbstractConnection {
/**
* The hostname to use when connecting to guacd if no hostname is provided
* within guacamole.properties.
*/
private static final String DEFAULT_GUACD_HOSTNAME = "localhost";
/**
* The port to use when connecting to guacd if no port is provided within
* guacamole.properties.
*/
private static final int DEFAULT_GUACD_PORT = 4822;
/**
* Backing configuration, containing all sensitive information.
*/
private GuacamoleConfiguration config;
/**
* Creates a completely uninitialized SimpleConnection.
*/
public SimpleConnection() {
}
/**
* Creates a new SimpleConnection having the given identifier and
* GuacamoleConfiguration.
*
* @param name The name to associate with this connection.
* @param identifier The identifier to associate with this connection.
* @param config The configuration describing how to connect to this
* connection.
*/
public SimpleConnection(String name, String identifier,
GuacamoleConfiguration config) {
// Set name
setName(name);
// Set identifier
setIdentifier(identifier);
// Set config
setConfiguration(config);
this.config = config;
}
@Override
public int getActiveConnections() {
return 0;
}
@Override
public Map<String, String> getAttributes() {
return Collections.<String, String>emptyMap();
}
@Override
public void setAttributes(Map<String, String> attributes) {
// Do nothing - there are no attributes
}
@Override
public GuacamoleTunnel connect(GuacamoleClientInformation info)
throws GuacamoleException {
Environment env = new LocalEnvironment();
// Get guacd connection parameters
String hostname = env.getProperty(Environment.GUACD_HOSTNAME, DEFAULT_GUACD_HOSTNAME);
int port = env.getProperty(Environment.GUACD_PORT, DEFAULT_GUACD_PORT);
GuacamoleSocket socket;
// If guacd requires SSL, use it
if (env.getProperty(Environment.GUACD_SSL, false))
socket = new ConfiguredGuacamoleSocket(
new SSLGuacamoleSocket(hostname, port),
config, info
);
// Otherwise, just connect directly via TCP
else
socket = new ConfiguredGuacamoleSocket(
new InetGuacamoleSocket(hostname, port),
config, info
);
return new SimpleGuacamoleTunnel(socket);
}
@Override
public List<ConnectionRecord> getHistory() throws GuacamoleException {
return Collections.<ConnectionRecord>emptyList();
}
}

84
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleConnectionDirectory.java Normal file
View File

@@ -0,0 +1,84 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.simple;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import org.apache.guacamole.net.auth.Connection;
/**
* An extremely simple read-only implementation of a Directory of
* GuacamoleConfigurations which provides access to a pre-defined Map of
* GuacamoleConfigurations.
*
* @author Michael Jumper
*/
public class SimpleConnectionDirectory extends SimpleDirectory<Connection> {
/**
* The Map of Connections to provide access to.
*/
private final Map<String, Connection> connections =
new HashMap<String, Connection>();
/**
* Creates a new SimpleConnectionDirectory which provides access to the
* connections contained within the given Map.
*
* @param connections
* A Collection of all connections that should be present in this
* connection directory.
*/
public SimpleConnectionDirectory(Collection<Connection> connections) {
// Add all given connections
for (Connection connection : connections)
this.connections.put(connection.getIdentifier(), connection);
// Use the connection map to back the underlying directory
super.setObjects(this.connections);
}
/**
* An internal method for modifying the Connections in this Directory.
* Returns the previous connection for the given identifier, if found.
*
* @param connection The connection to add or update the Directory with.
* @return The previous connection for the connection identifier, if found.
*/
public Connection putConnection(Connection connection) {
return connections.put(connection.getIdentifier(), connection);
}
/**
* An internal method for removing a Connection from this Directory.
* @param identifier The identifier of the Connection to remove.
* @return The previous connection for the given identifier, if found.
*/
public Connection removeConnection(String identifier) {
return connections.remove(identifier);
}
}

122
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleConnectionGroup.java Normal file
View File

@@ -0,0 +1,122 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.simple;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.GuacamoleSecurityException;
import org.apache.guacamole.net.GuacamoleTunnel;
import org.apache.guacamole.net.auth.AbstractConnectionGroup;
import org.apache.guacamole.net.auth.ConnectionGroup;
import org.apache.guacamole.protocol.GuacamoleClientInformation;
/**
* An extremely simple read-only implementation of a ConnectionGroup which
* returns the connection and connection group identifiers it was constructed
* with. Load balancing across this connection group is not allowed.
*
* @author James Muehlner
*/
public class SimpleConnectionGroup extends AbstractConnectionGroup {
/**
* The identifiers of all connections in this group.
*/
private final Set<String> connectionIdentifiers;
/**
* The identifiers of all connection groups in this group.
*/
private final Set<String> connectionGroupIdentifiers;
/**
* Creates a new SimpleConnectionGroup having the given name and identifier
* which will expose the given contents.
*
* @param name
* The name to associate with this connection group.
*
* @param identifier
* The identifier to associate with this connection group.
*
* @param connectionIdentifiers
* The connection identifiers to expose when requested.
*
* @param connectionGroupIdentifiers
* The connection group identifiers to expose when requested.
*/
public SimpleConnectionGroup(String name, String identifier,
Collection<String> connectionIdentifiers,
Collection<String> connectionGroupIdentifiers) {
// Set name
setName(name);
// Set identifier
setIdentifier(identifier);
// Set group type
setType(ConnectionGroup.Type.ORGANIZATIONAL);
// Populate contents
this.connectionIdentifiers = new HashSet<String>(connectionIdentifiers);
this.connectionGroupIdentifiers = new HashSet<String>(connectionGroupIdentifiers);
}
@Override
public int getActiveConnections() {
return 0;
}
@Override
public Set<String> getConnectionIdentifiers() {
return connectionIdentifiers;
}
@Override
public Set<String> getConnectionGroupIdentifiers() {
return connectionGroupIdentifiers;
}
@Override
public Map<String, String> getAttributes() {
return Collections.<String, String>emptyMap();
}
@Override
public void setAttributes(Map<String, String> attributes) {
// Do nothing - there are no attributes
}
@Override
public GuacamoleTunnel connect(GuacamoleClientInformation info)
throws GuacamoleException {
throw new GuacamoleSecurityException("Permission denied.");
}
}

87
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleConnectionGroupDirectory.java Normal file
View File

@@ -0,0 +1,87 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.simple;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import org.apache.guacamole.net.auth.ConnectionGroup;
/**
* An extremely simple read-only implementation of a Directory of
* ConnectionGroup which provides which provides access to a pre-defined
* Collection of ConnectionGroups.
*
* @author James Muehlner
*/
public class SimpleConnectionGroupDirectory
extends SimpleDirectory<ConnectionGroup> {
/**
* The Map of ConnectionGroups to provide access to.
*/
private final Map<String, ConnectionGroup> connectionGroups =
new HashMap<String, ConnectionGroup>();
/**
* Creates a new SimpleConnectionGroupDirectory which contains the given
* groups.
*
* @param groups A Collection of all groups that should be present in this
* connection group directory.
*/
public SimpleConnectionGroupDirectory(Collection<ConnectionGroup> groups) {
// Add all given groups
for (ConnectionGroup group : groups)
connectionGroups.put(group.getIdentifier(), group);
// Use the connection group map to back the underlying AbstractDirectory
super.setObjects(connectionGroups);
}
/**
* An internal method for modifying the ConnectionGroups in this Directory.
* Returns the previous connection group for the given identifier, if found.
*
* @param connectionGroup The connection group to add or update the
* Directory with.
* @return The previous connection group for the connection group
* identifier, if found.
*/
public ConnectionGroup putConnectionGroup(ConnectionGroup connectionGroup) {
return connectionGroups.put(connectionGroup.getIdentifier(), connectionGroup);
}
/**
* An internal method for removing a ConnectionGroup from this Directory.
*
* @param identifier The identifier of the ConnectionGroup to remove.
* @return The previous connection group for the given identifier, if found.
*/
public ConnectionGroup removeConnectionGroup(String identifier) {
return connectionGroups.remove(identifier);
}
}

62
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleConnectionRecordSet.java Normal file
View File

@@ -0,0 +1,62 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.simple;
import java.util.Collection;
import java.util.Collections;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.net.auth.ConnectionRecord;
import org.apache.guacamole.net.auth.ConnectionRecordSet;
/**
* An immutable and empty ConnectionRecordSet.
*
* @author Michael Jumper
*/
public class SimpleConnectionRecordSet implements ConnectionRecordSet {
@Override
public Collection<ConnectionRecord> asCollection()
throws GuacamoleException {
return Collections.<ConnectionRecord>emptyList();
}
@Override
public ConnectionRecordSet contains(String value)
throws GuacamoleException {
return this;
}
@Override
public ConnectionRecordSet limit(int limit)
throws GuacamoleException {
return this;
}
@Override
public ConnectionRecordSet sort(SortableProperty property, boolean desc)
throws GuacamoleException {
return this;
}
}

143
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleDirectory.java Normal file
View File

@@ -0,0 +1,143 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.simple;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Map;
import java.util.Set;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.GuacamoleSecurityException;
import org.apache.guacamole.net.auth.Directory;
import org.apache.guacamole.net.auth.Identifiable;
/**
* An extremely simple read-only implementation of a Directory which provides
* access to a pre-defined Map of arbitrary objects. Any changes to the Map
* will affect the available contents of this SimpleDirectory.
*
* @author Michael Jumper
* @param <ObjectType>
* The type of objects stored within this SimpleDirectory.
*/
public class SimpleDirectory<ObjectType extends Identifiable>
implements Directory<ObjectType> {
/**
* The Map of objects to provide access to.
*/
private Map<String, ObjectType> objects = Collections.<String, ObjectType>emptyMap();
/**
* Creates a new empty SimpleDirectory which does not provide access to
* any objects.
*/
public SimpleDirectory() {
}
/**
* Creates a new SimpleDirectory which provides access to the objects
* contained within the given Map.
*
* @param objects
* The Map of objects to provide access to.
*/
public SimpleDirectory(Map<String, ObjectType> objects) {
this.objects = objects;
}
/**
* Sets the Map which backs this SimpleDirectory. Future function calls
* which retrieve objects from this SimpleDirectory will use the provided
* Map.
*
* @param objects
* The Map of objects to provide access to.
*/
protected void setObjects(Map<String, ObjectType> objects) {
this.objects = objects;
}
/**
* Returns the Map which currently backs this SimpleDirectory. Changes to
* this Map will affect future function calls that retrieve objects from
* this SimpleDirectory.
*
* @return
* The Map of objects which currently backs this SimpleDirectory.
*/
protected Map<String, ObjectType> getObjects() {
return objects;
}
@Override
public ObjectType get(String identifier)
throws GuacamoleException {
return objects.get(identifier);
}
@Override
public Collection<ObjectType> getAll(Collection<String> identifiers)
throws GuacamoleException {
// Create collection which has an appropriate initial size
Collection<ObjectType> foundObjects = new ArrayList<ObjectType>(identifiers.size());
// Populate collection with matching objects
for (String identifier : identifiers) {
// Add the object which has the current identifier, if any
ObjectType object = objects.get(identifier);
if (object != null)
foundObjects.add(object);
}
return foundObjects;
}
@Override
public Set<String> getIdentifiers() throws GuacamoleException {
return objects.keySet();
}
@Override
public void add(ObjectType connection)
throws GuacamoleException {
throw new GuacamoleSecurityException("Permission denied.");
}
@Override
public void update(ObjectType connection)
throws GuacamoleException {
throw new GuacamoleSecurityException("Permission denied.");
}
@Override
public void remove(String identifier) throws GuacamoleException {
throw new GuacamoleSecurityException("Permission denied.");
}
}

142
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleObjectPermissionSet.java Normal file
View File

@@ -0,0 +1,142 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.simple;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Set;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.GuacamoleSecurityException;
import org.apache.guacamole.net.auth.permission.ObjectPermission;
import org.apache.guacamole.net.auth.permission.ObjectPermissionSet;
/**
* A read-only implementation of ObjectPermissionSet which uses a backing Set
* of Permissions to determine which permissions are present.
*
* @author Michael Jumper
*/
public class SimpleObjectPermissionSet implements ObjectPermissionSet {
/**
* The set of all permissions currently granted.
*/
private Set<ObjectPermission> permissions = Collections.<ObjectPermission>emptySet();
/**
* Creates a new empty SimpleObjectPermissionSet.
*/
public SimpleObjectPermissionSet() {
}
/**
* Creates a new SimpleObjectPermissionSet which contains the permissions
* within the given Set.
*
* @param permissions
* The Set of permissions this SimpleObjectPermissionSet should
* contain.
*/
public SimpleObjectPermissionSet(Set<ObjectPermission> permissions) {
this.permissions = permissions;
}
/**
* Sets the Set which backs this SimpleObjectPermissionSet. Future function
* calls on this SimpleObjectPermissionSet will use the provided Set.
*
* @param permissions
* The Set of permissions this SimpleObjectPermissionSet should
* contain.
*/
protected void setPermissions(Set<ObjectPermission> permissions) {
this.permissions = permissions;
}
@Override
public Set<ObjectPermission> getPermissions() {
return permissions;
}
@Override
public boolean hasPermission(ObjectPermission.Type permission,
String identifier) throws GuacamoleException {
ObjectPermission objectPermission =
new ObjectPermission(permission, identifier);
return permissions.contains(objectPermission);
}
@Override
public void addPermission(ObjectPermission.Type permission,
String identifier) throws GuacamoleException {
throw new GuacamoleSecurityException("Permission denied.");
}
@Override
public void removePermission(ObjectPermission.Type permission,
String identifier) throws GuacamoleException {
throw new GuacamoleSecurityException("Permission denied.");
}
@Override
public Collection<String> getAccessibleObjects(
Collection<ObjectPermission.Type> permissionTypes,
Collection<String> identifiers) throws GuacamoleException {
Collection<String> accessibleObjects = new ArrayList<String>(permissions.size());
// For each identifier/permission combination
for (String identifier : identifiers) {
for (ObjectPermission.Type permissionType : permissionTypes) {
// Add identifier if at least one requested permission is granted
ObjectPermission permission = new ObjectPermission(permissionType, identifier);
if (permissions.contains(permission)) {
accessibleObjects.add(identifier);
break;
}
}
}
return accessibleObjects;
}
@Override
public void addPermissions(Set<ObjectPermission> permissions)
throws GuacamoleException {
throw new GuacamoleSecurityException("Permission denied.");
}
@Override
public void removePermissions(Set<ObjectPermission> permissions)
throws GuacamoleException {
throw new GuacamoleSecurityException("Permission denied.");
}
}

113
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleSystemPermissionSet.java Normal file
View File

@@ -0,0 +1,113 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.simple;
import java.util.Collections;
import java.util.Set;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.GuacamoleSecurityException;
import org.apache.guacamole.net.auth.permission.SystemPermission;
import org.apache.guacamole.net.auth.permission.SystemPermissionSet;
/**
* A read-only implementation of SystemPermissionSet which uses a backing Set
* of Permissions to determine which permissions are present.
*
* @author Michael Jumper
*/
public class SimpleSystemPermissionSet implements SystemPermissionSet {
/**
* The set of all permissions currently granted.
*/
private Set<SystemPermission> permissions = Collections.<SystemPermission>emptySet();
/**
* Creates a new empty SimpleSystemPermissionSet.
*/
public SimpleSystemPermissionSet() {
}
/**
* Creates a new SimpleSystemPermissionSet which contains the permissions
* within the given Set.
*
* @param permissions
* The Set of permissions this SimpleSystemPermissionSet should
* contain.
*/
public SimpleSystemPermissionSet(Set<SystemPermission> permissions) {
this.permissions = permissions;
}
/**
* Sets the Set which backs this SimpleSystemPermissionSet. Future function
* calls on this SimpleSystemPermissionSet will use the provided Set.
*
* @param permissions
* The Set of permissions this SimpleSystemPermissionSet should
* contain.
*/
protected void setPermissions(Set<SystemPermission> permissions) {
this.permissions = permissions;
}
@Override
public Set<SystemPermission> getPermissions() {
return permissions;
}
@Override
public boolean hasPermission(SystemPermission.Type permission)
throws GuacamoleException {
SystemPermission systemPermission = new SystemPermission(permission);
return permissions.contains(systemPermission);
}
@Override
public void addPermission(SystemPermission.Type permission)
throws GuacamoleException {
throw new GuacamoleSecurityException("Permission denied.");
}
@Override
public void removePermission(SystemPermission.Type permission)
throws GuacamoleException {
throw new GuacamoleSecurityException("Permission denied.");
}
@Override
public void addPermissions(Set<SystemPermission> permissions)
throws GuacamoleException {
throw new GuacamoleSecurityException("Permission denied.");
}
@Override
public void removePermissions(Set<SystemPermission> permissions)
throws GuacamoleException {
throw new GuacamoleSecurityException("Permission denied.");
}
}

201
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleUser.java Normal file
View File

@@ -0,0 +1,201 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.simple;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.net.auth.AbstractUser;
import org.apache.guacamole.net.auth.permission.ObjectPermission;
import org.apache.guacamole.net.auth.permission.ObjectPermissionSet;
import org.apache.guacamole.net.auth.permission.SystemPermissionSet;
/**
* An extremely basic User implementation.
*
* @author Michael Jumper
*/
public class SimpleUser extends AbstractUser {
/**
* All connection permissions granted to this user.
*/
private final Set<ObjectPermission> userPermissions =
new HashSet<ObjectPermission>();
/**
* All connection permissions granted to this user.
*/
private final Set<ObjectPermission> connectionPermissions =
new HashSet<ObjectPermission>();
/**
* All connection group permissions granted to this user.
*/
private final Set<ObjectPermission> connectionGroupPermissions =
new HashSet<ObjectPermission>();
/**
* Creates a completely uninitialized SimpleUser.
*/
public SimpleUser() {
}
/**
* Creates a new SimpleUser having the given username and no permissions.
*
* @param username
* The username to assign to this SimpleUser.
*/
public SimpleUser(String username) {
// Set username
setIdentifier(username);
}
/**
* Adds a new READ permission to the given set of permissions for each of
* the given identifiers.
*
* @param permissions
* The set of permissions to add READ permissions to.
*
* @param identifiers
* The identifiers which should each have a corresponding READ
* permission added to the given set.
*/
private void addReadPermissions(Set<ObjectPermission> permissions,
Collection<String> identifiers) {
// Add a READ permission to the set for each identifier given
for (String identifier : identifiers) {
permissions.add(new ObjectPermission (
ObjectPermission.Type.READ,
identifier
));
}
}
/**
* Creates a new SimpleUser having the given username and READ access to
* the connections and groups having the given identifiers.
*
* @param username
* The username to assign to this SimpleUser.
*
* @param connectionIdentifiers
* The identifiers of all connections this user has READ access to.
*
* @param connectionGroupIdentifiers
* The identifiers of all connection groups this user has READ access
* to.
*/
public SimpleUser(String username,
Collection<String> connectionIdentifiers,
Collection<String> connectionGroupIdentifiers) {
this(username);
// Add permissions
addReadPermissions(connectionPermissions, connectionIdentifiers);
addReadPermissions(connectionGroupPermissions, connectionGroupIdentifiers);
}
/**
* Creates a new SimpleUser having the given username and READ access to
* the users, connections, and groups having the given identifiers.
*
* @param username
* The username to assign to this SimpleUser.
*
* @param userIdentifiers
* The identifiers of all users this user has READ access to.
*
* @param connectionIdentifiers
* The identifiers of all connections this user has READ access to.
*
* @param connectionGroupIdentifiers
* The identifiers of all connection groups this user has READ access
* to.
*/
public SimpleUser(String username,
Collection<String> userIdentifiers,
Collection<String> connectionIdentifiers,
Collection<String> connectionGroupIdentifiers) {
this(username);
// Add permissions
addReadPermissions(userPermissions, userIdentifiers);
addReadPermissions(connectionPermissions, connectionIdentifiers);
addReadPermissions(connectionGroupPermissions, connectionGroupIdentifiers);
}
@Override
public Map<String, String> getAttributes() {
return Collections.<String, String>emptyMap();
}
@Override
public void setAttributes(Map<String, String> attributes) {
// Do nothing - there are no attributes
}
@Override
public SystemPermissionSet getSystemPermissions()
throws GuacamoleException {
return new SimpleSystemPermissionSet();
}
@Override
public ObjectPermissionSet getConnectionPermissions()
throws GuacamoleException {
return new SimpleObjectPermissionSet(connectionPermissions);
}
@Override
public ObjectPermissionSet getConnectionGroupPermissions()
throws GuacamoleException {
return new SimpleObjectPermissionSet(connectionGroupPermissions);
}
@Override
public ObjectPermissionSet getUserPermissions()
throws GuacamoleException {
return new SimpleObjectPermissionSet(userPermissions);
}
@Override
public ObjectPermissionSet getActiveConnectionPermissions()
throws GuacamoleException {
return new SimpleObjectPermissionSet();
}
}

225
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleUserContext.java Normal file
View File

@@ -0,0 +1,225 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.simple;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Map;
import java.util.UUID;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.form.Form;
import org.apache.guacamole.net.auth.ActiveConnection;
import org.apache.guacamole.net.auth.AuthenticationProvider;
import org.apache.guacamole.net.auth.Connection;
import org.apache.guacamole.net.auth.ConnectionGroup;
import org.apache.guacamole.net.auth.ConnectionRecordSet;
import org.apache.guacamole.net.auth.Directory;
import org.apache.guacamole.net.auth.User;
import org.apache.guacamole.net.auth.UserContext;
import org.apache.guacamole.protocol.GuacamoleConfiguration;
/**
* An extremely simple UserContext implementation which provides access to
* a defined and restricted set of GuacamoleConfigurations. Access to
* querying or modifying either users or permissions is denied.
*
* @author Michael Jumper
*/
public class SimpleUserContext implements UserContext {
/**
* The unique identifier of the root connection group.
*/
private static final String ROOT_IDENTIFIER = "ROOT";
/**
* The AuthenticationProvider that created this UserContext.
*/
private final AuthenticationProvider authProvider;
/**
* Reference to the user whose permissions dictate the configurations
* accessible within this UserContext.
*/
private final User self;
/**
* The Directory with access only to the User associated with this
* UserContext.
*/
private final Directory<User> userDirectory;
/**
* The Directory with access only to the root group associated with this
* UserContext.
*/
private final Directory<ConnectionGroup> connectionGroupDirectory;
/**
* The Directory with access to all connections within the root group
* associated with this UserContext.
*/
private final Directory<Connection> connectionDirectory;
/**
* The root connection group.
*/
private final ConnectionGroup rootGroup;
/**
* Creates a new SimpleUserContext which provides access to only those
* configurations within the given Map. The username is assigned
* arbitrarily.
*
* @param authProvider
* The AuthenticationProvider creating this UserContext.
*
* @param configs
* A Map of all configurations for which the user associated with this
* UserContext has read access.
*/
public SimpleUserContext(AuthenticationProvider authProvider,
Map<String, GuacamoleConfiguration> configs) {
this(authProvider, UUID.randomUUID().toString(), configs);
}
/**
* Creates a new SimpleUserContext for the user with the given username
* which provides access to only those configurations within the given Map.
*
* @param authProvider
* The AuthenticationProvider creating this UserContext.
*
* @param username
* The username of the user associated with this UserContext.
*
* @param configs
* A Map of all configurations for which the user associated with
* this UserContext has read access.
*/
public SimpleUserContext(AuthenticationProvider authProvider,
String username, Map<String, GuacamoleConfiguration> configs) {
Collection<String> connectionIdentifiers = new ArrayList<String>(configs.size());
Collection<String> connectionGroupIdentifiers = Collections.singleton(ROOT_IDENTIFIER);
// Produce collection of connections from given configs
Collection<Connection> connections = new ArrayList<Connection>(configs.size());
for (Map.Entry<String, GuacamoleConfiguration> configEntry : configs.entrySet()) {
// Get connection identifier and configuration
String identifier = configEntry.getKey();
GuacamoleConfiguration config = configEntry.getValue();
// Add as simple connection
Connection connection = new SimpleConnection(identifier, identifier, config);
connection.setParentIdentifier(ROOT_IDENTIFIER);
connections.add(connection);
// Add identifier to overall set of identifiers
connectionIdentifiers.add(identifier);
}
// Add root group that contains only the given configurations
this.rootGroup = new SimpleConnectionGroup(
ROOT_IDENTIFIER, ROOT_IDENTIFIER,
connectionIdentifiers, Collections.<String>emptyList()
);
// Build new user from credentials
this.self = new SimpleUser(username, connectionIdentifiers,
connectionGroupIdentifiers);
// Create directories for new user
this.userDirectory = new SimpleUserDirectory(self);
this.connectionDirectory = new SimpleConnectionDirectory(connections);
this.connectionGroupDirectory = new SimpleConnectionGroupDirectory(Collections.singleton(this.rootGroup));
// Associate provided AuthenticationProvider
this.authProvider = authProvider;
}
@Override
public User self() {
return self;
}
@Override
public AuthenticationProvider getAuthenticationProvider() {
return authProvider;
}
@Override
public Directory<User> getUserDirectory()
throws GuacamoleException {
return userDirectory;
}
@Override
public Directory<Connection> getConnectionDirectory()
throws GuacamoleException {
return connectionDirectory;
}
@Override
public Directory<ConnectionGroup> getConnectionGroupDirectory()
throws GuacamoleException {
return connectionGroupDirectory;
}
@Override
public ConnectionGroup getRootConnectionGroup() throws GuacamoleException {
return rootGroup;
}
@Override
public Directory<ActiveConnection> getActiveConnectionDirectory()
throws GuacamoleException {
return new SimpleDirectory<ActiveConnection>();
}
@Override
public ConnectionRecordSet getConnectionHistory()
throws GuacamoleException {
return new SimpleConnectionRecordSet();
}
@Override
public Collection<Form> getUserAttributes() {
return Collections.<Form>emptyList();
}
@Override
public Collection<Form> getConnectionAttributes() {
return Collections.<Form>emptyList();
}
@Override
public Collection<Form> getConnectionGroupAttributes() {
return Collections.<Form>emptyList();
}
}

46
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleUserDirectory.java Normal file
View File

@@ -0,0 +1,46 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.auth.simple;
import java.util.Collections;
import org.apache.guacamole.net.auth.User;
/**
* An extremely simple read-only implementation of a Directory of Users which
* provides access to a single pre-defined User.
*
* @author Michael Jumper
*/
public class SimpleUserDirectory extends SimpleDirectory<User> {
/**
* Creates a new SimpleUserDirectory which provides access to the single
* user provided.
*
* @param user The user to provide access to.
*/
public SimpleUserDirectory(User user) {
super(Collections.singletonMap(user.getIdentifier(), user));
}
}

29
guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/package-info.java Normal file
View File

@@ -0,0 +1,29 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
/**
* Provides a basic AuthenticationProvider base class that can be used to create
* simple AuthenticationProviders in the same way allowed by the old
* authentication API.
*/
package org.apache.guacamole.net.auth.simple;

56
guacamole-ext/src/main/java/org/apache/guacamole/net/event/AuthenticationFailureEvent.java Normal file
View File

@@ -0,0 +1,56 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.event;
import org.apache.guacamole.net.auth.Credentials;
/**
* An event which is triggered whenever a user's credentials fail to be
* authenticated. The credentials that failed to be authenticated are included
* within this event, and can be retrieved using getCredentials().
*
* @author Michael Jumper
*/
public class AuthenticationFailureEvent implements CredentialEvent {
/**
* The credentials which failed authentication.
*/
private Credentials credentials;
/**
* Creates a new AuthenticationFailureEvent which represents the failure
* to authenticate the given credentials.
*
* @param credentials The credentials which failed authentication.
*/
public AuthenticationFailureEvent(Credentials credentials) {
this.credentials = credentials;
}
@Override
public Credentials getCredentials() {
return credentials;
}
}

71
guacamole-ext/src/main/java/org/apache/guacamole/net/event/AuthenticationSuccessEvent.java Normal file
View File

@@ -0,0 +1,71 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.event;
import org.apache.guacamole.net.auth.Credentials;
import org.apache.guacamole.net.auth.UserContext;
/**
* An event which is triggered whenever a user's credentials pass
* authentication. The credentials that passed authentication are included
* within this event, and can be retrieved using getCredentials().
*
* @author Michael Jumper
*/
public class AuthenticationSuccessEvent implements UserEvent, CredentialEvent {
/**
* The UserContext associated with the request that is connecting the
* tunnel, if any.
*/
private UserContext context;
/**
* The credentials which passed authentication.
*/
private Credentials credentials;
/**
* Creates a new AuthenticationSuccessEvent which represents a successful
* authentication attempt with the given credentials.
*
* @param context The UserContext created as a result of successful
* authentication.
* @param credentials The credentials which passed authentication.
*/
public AuthenticationSuccessEvent(UserContext context, Credentials credentials) {
this.context = context;
this.credentials = credentials;
}
@Override
public UserContext getUserContext() {
return context;
}
@Override
public Credentials getCredentials() {
return credentials;
}
}

43
guacamole-ext/src/main/java/org/apache/guacamole/net/event/CredentialEvent.java Normal file
View File

@@ -0,0 +1,43 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.event;
import org.apache.guacamole.net.auth.Credentials;
/**
* Abstract basis for events which may have associated user credentials when
* triggered.
*
* @author Michael Jumper
*/
public interface CredentialEvent {
/**
* Returns the current credentials of the user triggering the event, if any.
*
* @return The current credentials of the user triggering the event, if
* any, or null if no credentials are associated with the event.
*/
Credentials getCredentials();
}

88
guacamole-ext/src/main/java/org/apache/guacamole/net/event/TunnelCloseEvent.java Normal file
View File

@@ -0,0 +1,88 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.event;
import org.apache.guacamole.net.GuacamoleTunnel;
import org.apache.guacamole.net.auth.Credentials;
import org.apache.guacamole.net.auth.UserContext;
/**
* An event which is triggered whenever a tunnel is being closed. The tunnel
* being closed can be accessed through getTunnel(), and the UserContext
* associated with the request which is closing the tunnel can be retrieved
* with getUserContext().
*
* @author Michael Jumper
*/
public class TunnelCloseEvent implements UserEvent, CredentialEvent, TunnelEvent {
/**
* The UserContext associated with the request that is closing the
* tunnel, if any.
*/
private UserContext context;
/**
* The credentials associated with the request that connected the
* tunnel, if any.
*/
private Credentials credentials;
/**
* The tunnel being closed.
*/
private GuacamoleTunnel tunnel;
/**
* Creates a new TunnelCloseEvent which represents the closing of the
* given tunnel via a request associated with the given credentials.
*
* @param context The UserContext associated with the request closing
* the tunnel.
* @param credentials The credentials associated with the request that
* connected the tunnel.
* @param tunnel The tunnel being closed.
*/
public TunnelCloseEvent(UserContext context, Credentials credentials,
GuacamoleTunnel tunnel) {
this.context = context;
this.credentials = credentials;
this.tunnel = tunnel;
}
@Override
public UserContext getUserContext() {
return context;
}
@Override
public Credentials getCredentials() {
return credentials;
}
@Override
public GuacamoleTunnel getTunnel() {
return tunnel;
}
}

88
guacamole-ext/src/main/java/org/apache/guacamole/net/event/TunnelConnectEvent.java Normal file
View File

@@ -0,0 +1,88 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.event;
import org.apache.guacamole.net.GuacamoleTunnel;
import org.apache.guacamole.net.auth.Credentials;
import org.apache.guacamole.net.auth.UserContext;
/**
* An event which is triggered whenever a tunnel is being connected. The tunnel
* being connected can be accessed through getTunnel(), and the UserContext
* associated with the request which is connecting the tunnel can be retrieved
* with getUserContext().
*
* @author Michael Jumper
*/
public class TunnelConnectEvent implements UserEvent, CredentialEvent, TunnelEvent {
/**
* The UserContext associated with the request that is connecting the
* tunnel, if any.
*/
private UserContext context;
/**
* The credentials associated with the request that is connecting the
* tunnel, if any.
*/
private Credentials credentials;
/**
* The tunnel being connected.
*/
private GuacamoleTunnel tunnel;
/**
* Creates a new TunnelConnectEvent which represents the connecting of the
* given tunnel via a request associated with the given credentials.
*
* @param context The UserContext associated with the request connecting
* the tunnel.
* @param credentials The credentials associated with the request connecting
* the tunnel.
* @param tunnel The tunnel being connected.
*/
public TunnelConnectEvent(UserContext context, Credentials credentials,
GuacamoleTunnel tunnel) {
this.context = context;
this.credentials = credentials;
this.tunnel = tunnel;
}
@Override
public UserContext getUserContext() {
return context;
}
@Override
public Credentials getCredentials() {
return credentials;
}
@Override
public GuacamoleTunnel getTunnel() {
return tunnel;
}
}

42
guacamole-ext/src/main/java/org/apache/guacamole/net/event/TunnelEvent.java Normal file
View File

@@ -0,0 +1,42 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.event;
import org.apache.guacamole.net.GuacamoleTunnel;
/**
* Abstract basis for events associated with tunnels.
*
* @author Michael Jumper
*/
public interface TunnelEvent {
/**
* Returns the tunnel associated with this event, if any.
*
* @return The tunnel associated with this event, if any, or null if no
* tunnel is associated with this event.
*/
GuacamoleTunnel getTunnel();
}

43
guacamole-ext/src/main/java/org/apache/guacamole/net/event/UserEvent.java Normal file
View File

@@ -0,0 +1,43 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.event;
import org.apache.guacamole.net.auth.UserContext;
/**
* Abstract basis for events which may have an associated UserContext when
* triggered.
*
* @author Michael Jumper
*/
public interface UserEvent {
/**
* Returns the current UserContext of the user triggering the event, if any.
*
* @return The current UserContext of the user triggering the event, if
* any, or null if no UserContext is associated with the event.
*/
UserContext getUserContext();
}

51
guacamole-ext/src/main/java/org/apache/guacamole/net/event/listener/AuthenticationFailureListener.java Normal file
View File

@@ -0,0 +1,51 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.event.listener;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.net.event.AuthenticationFailureEvent;
/**
* A listener whose authenticationFailed() hook will fire immediately
* after a user's authentication attempt fails. Note that this hook cannot
* be used to cancel the authentication failure.
*
* @author Michael Jumper
*/
public interface AuthenticationFailureListener {
/**
* Event hook which fires immediately after a user's authentication attempt
* fails.
*
* @param e The AuthenticationFailureEvent describing the authentication
* failure that just occurred.
* @throws GuacamoleException If an error occurs while handling the
* authentication failure event. Note that
* throwing an exception will NOT cause the
* authentication failure to be canceled.
*/
void authenticationFailed(AuthenticationFailureEvent e)
throws GuacamoleException;
}

56
guacamole-ext/src/main/java/org/apache/guacamole/net/event/listener/AuthenticationSuccessListener.java Normal file
View File

@@ -0,0 +1,56 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.event.listener;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.net.event.AuthenticationSuccessEvent;
/**
* A listener whose hooks will fire immediately before and after a user's
* authentication attempt succeeds. If a user successfully authenticates,
* the authenticationSucceeded() hook has the opportunity to cancel the
* authentication and force it to fail.
*
* @author Michael Jumper
*/
public interface AuthenticationSuccessListener {
/**
* Event hook which fires immediately after a user's authentication attempt
* succeeds. The return value of this hook dictates whether the
* successful authentication attempt is canceled.
*
* @param e The AuthenticationFailureEvent describing the authentication
* failure that just occurred.
* @return true if the successful authentication attempt should be
* allowed, or false if the attempt should be denied, causing
* the attempt to effectively fail.
* @throws GuacamoleException If an error occurs while handling the
* authentication success event. Throwing an
* exception will also cancel the authentication
* success.
*/
boolean authenticationSucceeded(AuthenticationSuccessEvent e)
throws GuacamoleException;
}

53
guacamole-ext/src/main/java/org/apache/guacamole/net/event/listener/TunnelCloseListener.java Normal file
View File

@@ -0,0 +1,53 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.event.listener;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.net.event.TunnelCloseEvent;
/**
* A listener whose tunnelClosed() hook will fire immediately after an
* existing tunnel is closed.
*
* @author Michael Jumper
*/
public interface TunnelCloseListener {
/**
* Event hook which fires immediately after an existing tunnel is closed.
* The return value of this hook dictates whether the tunnel is allowed to
* be closed.
*
* @param e The TunnelCloseEvent describing the tunnel being closed and
* any associated credentials.
* @return true if the tunnel should be allowed to be closed, or false
* if the attempt should be denied, causing the attempt to
* effectively fail.
* @throws GuacamoleException If an error occurs while handling the
* tunnel close event. Throwing an exception
* will also stop the tunnel from being closed.
*/
boolean tunnelClosed(TunnelCloseEvent e)
throws GuacamoleException;
}

54
guacamole-ext/src/main/java/org/apache/guacamole/net/event/listener/TunnelConnectListener.java Normal file
View File

@@ -0,0 +1,54 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.apache.guacamole.net.event.listener;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.net.event.TunnelConnectEvent;
/**
* A listener whose tunnelConnected() hook will fire immediately after a new
* tunnel is connected.
*
* @author Michael Jumper
*/
public interface TunnelConnectListener {
/**
* Event hook which fires immediately after a new tunnel is connected.
* The return value of this hook dictates whether the tunnel is made visible
* to the session.
*
* @param e The TunnelConnectEvent describing the tunnel being connected and
* any associated credentials.
* @return true if the tunnel should be allowed to be connected, or false
* if the attempt should be denied, causing the attempt to
* effectively fail.
* @throws GuacamoleException If an error occurs while handling the
* tunnel connect event. Throwing an exception
* will also stop the tunnel from being made
* visible to the session.
*/
boolean tunnelConnected(TunnelConnectEvent e)
throws GuacamoleException;
}

31
guacamole-ext/src/main/java/org/apache/guacamole/net/event/listener/package-info.java Normal file
View File

@@ -0,0 +1,31 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
/**
* Provides classes for hooking into various events that take place as
* users log into and use the Guacamole web application. These event
* hooks can be used to take action upon occurrence of an event and,
* in some cases, prevent the web application from allowing the
* event to continue for the user that triggered it.
*/
package org.apache.guacamole.net.event.listener;

32
guacamole-ext/src/main/java/org/apache/guacamole/net/event/package-info.java Normal file
View File

@@ -0,0 +1,32 @@
/*
* Copyright (C) 2013 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
/**
* Provides classes for storing information about events that are
* triggered when users log into and use the Guacamole web application.
* These event classes are most useful when used with hooks implemented
* using listener classes.
*
* @see org.apache.guacamole.net.event.listener
*/
package org.apache.guacamole.net.event;