From 7f26ba7a52f1d5e60e465116d7bcecac989fcf55 Mon Sep 17 00:00:00 2001
From: Virtually Nick <vnick@apache.org>
Date: Sat, 22 Jun 2019 19:27:52 -0400
Subject: [PATCH] GUACAMOLE-579: Insure that CAS is providing a username.

---
 .../guacamole/auth/cas/ticket/TicketValidationService.java | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java b/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java
index 628b28dcf..ba7ac837c 100644
--- a/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java
+++ b/extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java
@@ -33,6 +33,7 @@ import java.util.Map;
 import java.util.Map.Entry;
 import javax.xml.bind.DatatypeConverter;
 import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleSecurityException;
 import org.apache.guacamole.GuacamoleServerException;
 import org.apache.guacamole.auth.cas.conf.ConfigurationService;
 import org.apache.guacamole.net.auth.Credentials;
@@ -106,8 +107,10 @@ public class TicketValidationService {
 
             // Retrieve username and set the credentials.
             String username = principal.getName();
-            if (username != null)
-                credentials.setUsername(username);
+            if (username == null)
+                throw new GuacamoleSecurityException("No username provided by CAS.");
+            
+            credentials.setUsername(username);
 
             // Retrieve password, attempt decryption, and set credentials.
             Object credObj = ticketAttrs.remove("credential");