safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 05:07:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUACAMOLE-990: Guarantee auth banning occurs before all other auth processing.

Browse Source
This commit is contained in:
Michael Jumper
2022-09-12 09:14:12 -07:00
parent 6b03b113a9
commit 719e957be1
6 changed files with 178 additions and 207 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
guacamole/src/main/java/org/apache/guacamole/rest/auth/AuthenticationService.java
View File

@@ -38,6 +38,7 @@ import org.apache.guacamole.net.auth.credentials.GuacamoleCredentialsException;
import org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
import org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
import org.apache.guacamole.net.event.AuthenticationFailureEvent;
import org.apache.guacamole.net.event.AuthenticationRequestReceivedEvent;
import org.apache.guacamole.net.event.AuthenticationSuccessEvent;
import org.apache.guacamole.rest.event.ListenerService;
import org.glassfish.jersey.server.ContainerRequest;
@@ -412,6 +413,9 @@ public class AuthenticationService {
public String authenticate(Credentials credentials, String token)
throws GuacamoleException {
// Fire pre-authentication event before ANY authn/authz occurs at all
listenerService.handleEvent((AuthenticationRequestReceivedEvent) () -> credentials);
// Pull existing session if token provided
GuacamoleSession existingSession;
if (token != null)