From 72c8308b991ea101f5c3a3d0b93f98b67f1e4dc1 Mon Sep 17 00:00:00 2001 From: Nick Couchman Date: Mon, 23 Oct 2017 20:13:17 -0400 Subject: [PATCH] GUACAMOLE-243: Remove referall authentication parameter and just use search credentials. --- .../auth/ldap/ConfigurationService.java | 32 +------------------ .../auth/ldap/LDAPConnectionService.java | 3 +- .../auth/ldap/LDAPGuacamoleProperties.java | 10 ------ 3 files changed, 2 insertions(+), 43 deletions(-) diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ConfigurationService.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ConfigurationService.java index 0b6f9e9e9..b7812369e 100644 --- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ConfigurationService.java +++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ConfigurationService.java @@ -316,6 +316,7 @@ public class ConfigurationService { * The search filter that should be used when querying the * LDAP server for users that are valid in Guacamole, or * "(objectClass=*)" if not specified. + * * @throws GuacamoleException * If guacamole.properties cannot be parsed. */ @@ -326,37 +327,6 @@ public class ConfigurationService { ); } - /** - * Returns the authentication method to use during referral following. - * - * @return - * The authentication method to use during referral following - * as configured in guacamole.properties or as derived from - * other configuration options. - * - * @throws GuacamoleException - * If guacamole.properties cannot be parsed. - */ - public String getReferralAuthentication() throws GuacamoleException { - String confMethod = environment.getProperty( - LDAPGuacamoleProperties.LDAP_REFERRAL_AUTHENTICATION - ); - - if (confMethod == null) - - if (getSearchBindDN() != null && getSearchBindPassword() != null) - return "bind"; - - else - return "anonymous"; - - else if (confMethod.equals("bind") && (getSearchBindDN() == null || getSearchBindPassword() == null)) - throw new GuacamoleException("Referral is set to bind with credentials, but credentials are not configured."); - - return confMethod; - - } - /** * Returns the maximum number of seconds to wait for LDAP operations * diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPConnectionService.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPConnectionService.java index 82e6ca5af..a4cb8bb72 100644 --- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPConnectionService.java +++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPConnectionService.java @@ -123,8 +123,7 @@ public class LDAPConnectionService { // If the referral auth method is set to bind, we set it using the existing // username and password. - String refAuthMethod = confService.getReferralAuthentication(); - if (refAuthMethod != null && refAuthMethod.equals("bind")) + if (userDN != null && !userDN.isEmpty()) ldapConstraints.setReferralHandler(new ReferralAuthHandler(userDN, password)); // Set the maximum number of referrals we follow diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPGuacamoleProperties.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPGuacamoleProperties.java index 7a1dcadf6..63f5d0dfa 100644 --- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPGuacamoleProperties.java +++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPGuacamoleProperties.java @@ -195,16 +195,6 @@ public class LDAPGuacamoleProperties { }; - /** - * Authentication method to use to follow referrals - */ - public static final StringGuacamoleProperty LDAP_REFERRAL_AUTHENTICATION = new StringGuacamoleProperty() { - - @Override - public String getName() { return "ldap-referral-authentication"; } - - }; - /** * Number of seconds to wait for LDAP operations to complete */