safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 13:17:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUAC-1166: Use appropriate socket factory depending on selected encryption method.

Browse Source
This commit is contained in:
Michael Jumper
2015-12-08 13:13:27 -08:00
parent a692253b68
commit 8724ef7de7
1 changed files with 47 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
extensions/guacamole-auth-ldap/src/main/java/org/glyptodon/guacamole/auth/ldap/LDAPConnectionService.java
View File

@@ -25,8 +25,11 @@ package org.glyptodon.guacamole.auth.ldap;
import com.google.inject.Inject; import com.google.inject.Inject;
import com.novell.ldap.LDAPConnection; import com.novell.ldap.LDAPConnection;
import com.novell.ldap.LDAPException; import com.novell.ldap.LDAPException;
import com.novell.ldap.LDAPJSSESecureSocketFactory;
import com.novell.ldap.LDAPJSSEStartTLSFactory;
import java.io.UnsupportedEncodingException; import java.io.UnsupportedEncodingException;
import org.glyptodon.guacamole.GuacamoleException; import org.glyptodon.guacamole.GuacamoleException;
import org.glyptodon.guacamole.GuacamoleUnsupportedException;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
@@ -48,6 +51,48 @@ public class LDAPConnectionService {
@Inject @Inject
private ConfigurationService confService; private ConfigurationService confService;
/**
* Creates a new instance of LDAPConnection, configured as required to use
* whichever encryption method is requested within guacamole.properties.
*
* @return
* A new LDAPConnection instance which has already been configured to
* use the encryption method requested within guacamole.properties.
*
* @throws GuacamoleException
* If an error occurs while parsing guacamole.properties, or if the
* requested encryption method is actually not implemented (a bug).
*/
private LDAPConnection createLDAPConnection() throws GuacamoleException {
// Map encryption method to proper connection and socket factory
EncryptionMethod encryptionMethod = confService.getEncryptionMethod();
switch (encryptionMethod) {
// Unencrypted LDAP connection
case NONE:
logger.debug("Connection to LDAP server without encryption.");
return new LDAPConnection();
// LDAP over SSL (LDAPS)
case SSL:
logger.debug("Connecting to LDAP server using SSL/TLS.");
return new LDAPConnection(new LDAPJSSESecureSocketFactory());
// LDAP + STARTTLS
case STARTTLS:
logger.debug("Connecting to LDAP server using STARTTLS.");
return new LDAPConnection(new LDAPJSSEStartTLSFactory());
// The encryption method, though known, is not actually
// implemented. If encountered, this would be a bug.
default:
throw new GuacamoleUnsupportedException("Unimplemented encryption method: " + encryptionMethod);
}
}
/** /**
* Binds to the LDAP server using the provided user DN and password. * Binds to the LDAP server using the provided user DN and password.
* *
@@ -68,11 +113,11 @@ public class LDAPConnectionService {
public LDAPConnection bindAs(String userDN, String password) public LDAPConnection bindAs(String userDN, String password)
throws GuacamoleException { throws GuacamoleException {
LDAPConnection ldapConnection; // Obtain appropriately-configured LDAPConnection instance
LDAPConnection ldapConnection = createLDAPConnection();
// Connect to LDAP server // Connect to LDAP server
try { try {
ldapConnection = new LDAPConnection();
ldapConnection.connect( ldapConnection.connect(
confService.getServerHostname(), confService.getServerHostname(),
confService.getServerPort() confService.getServerPort()