safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 05:07:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUACAMOLE-5: Merge change allowing for sharing-specific authentication providers.

Browse Source
This commit is contained in:
James Muehlner
2016-07-29 19:07:22 -07:00
parent b1a8a4d85f 06a7ca1b7a
commit 872aac375c
13 changed files with 588 additions and 217 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/AuthenticationProviderService.java → extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/AuthenticationProviderService.java
View File

@@ -17,19 +17,13 @@
* under the License.
*/
package org.apache.guacamole.auth.jdbc.user;
package org.apache.guacamole.auth.jdbc;
import com.google.inject.Inject;
import com.google.inject.Provider;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.auth.jdbc.sharing.ConnectionSharingService;
import org.apache.guacamole.auth.jdbc.sharing.SharedConnectionUser;
import org.apache.guacamole.auth.jdbc.sharing.SharedConnectionUserContext;
import org.apache.guacamole.net.auth.AuthenticatedUser;
import org.apache.guacamole.net.auth.AuthenticationProvider;
import org.apache.guacamole.net.auth.Credentials;
import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
import org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
import org.apache.guacamole.net.auth.UserContext;
/**
* Service which authenticates users based on credentials and provides for
@@ -38,31 +32,7 @@ import org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsExce
*
* @author Michael Jumper
*/
public class AuthenticationProviderService {
/**
* Service for accessing users.
*/
@Inject
private UserService userService;
/**
* Provider for retrieving UserContext instances.
*/
@Inject
private Provider<UserContext> userContextProvider;
/**
* Provider for retrieving SharedConnectionUserContext instances.
*/
@Inject
private Provider<SharedConnectionUserContext> sharedUserContextProvider;
/**
* Service for sharing active connections.
*/
@Inject
private ConnectionSharingService sharingService;
public interface AuthenticationProviderService {
/**
* Authenticates the user having the given credentials, returning a new
@@ -86,24 +56,7 @@ public class AuthenticationProviderService {
* credentials are invalid or expired.
*/
public AuthenticatedUser authenticateUser(AuthenticationProvider authenticationProvider,
Credentials credentials) throws GuacamoleException {
AuthenticatedUser user;
// Check whether user is authenticating with a valid sharing key
user = sharingService.retrieveSharedConnectionUser(authenticationProvider, credentials);
if (user != null)
return user;
// Authenticate user
user = userService.retrieveAuthenticatedUser(authenticationProvider, credentials);
if (user != null)
return user;
// Otherwise, unauthorized
throw new GuacamoleInvalidCredentialsException("Invalid login", CredentialsInfo.USERNAME_PASSWORD);
}
Credentials credentials) throws GuacamoleException;
/**
* Returning a new UserContext instance for the given already-authenticated
@@ -121,26 +74,7 @@ public class AuthenticationProviderService {
* If an error occurs during authentication, or if the given
* credentials are invalid or expired.
*/
public org.apache.guacamole.net.auth.UserContext getUserContext(
AuthenticatedUser authenticatedUser) throws GuacamoleException {
// Produce sharing-specific user context if this is the user of a shared connection
if (authenticatedUser instanceof SharedConnectionUser) {
SharedConnectionUserContext context = sharedUserContextProvider.get();
context.init((SharedConnectionUser) authenticatedUser);
return context;
}
// Retrieve user account for already-authenticated user
ModeledUser user = userService.retrieveUser(authenticatedUser);
if (user == null)
return null;
// Link to user context
UserContext context = userContextProvider.get();
context.init(user.getCurrentUser());
return context;
}
public UserContext getUserContext(AuthenticatedUser authenticatedUser)
throws GuacamoleException;
}

105
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/InjectedAuthenticationProvider.java Normal file
View File

@@ -0,0 +1,105 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.guacamole.auth.jdbc;
import com.google.inject.Injector;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.net.auth.AuthenticationProvider;
import org.apache.guacamole.net.auth.Credentials;
import org.apache.guacamole.net.auth.UserContext;
import org.apache.guacamole.net.auth.AuthenticatedUser;
/**
* Provides a base implementation of an AuthenticationProvider which delegates
* the various function calls to an underlying AuthenticationProviderService
* implementation. As such a service is injectable by Guice, this provides a
* means for Guice to (effectively) apply dependency injection to an
* AuthenticationProvider, even though it is the AuthenticationProvider that
* serves as the entry point.
*
* @author Michael Jumper
*/
public abstract class InjectedAuthenticationProvider implements AuthenticationProvider {
/**
* The AuthenticationProviderService to which all AuthenticationProvider
* calls will be delegated.
*/
private final AuthenticationProviderService authProviderService;
/**
* Creates a new AuthenticationProvider that delegates all calls to an
* underlying AuthenticationProviderService. The behavior of the
* AuthenticationProvider is defined by the given
* AuthenticationProviderService implementation, which will be injected by
* the Guice Injector provided by the given JDBCInjectorProvider.
*
* @param injectorProvider
* A JDBCInjectorProvider instance which provides singleton instances
* of a Guice Injector, pre-configured to set up all injections and
* access to the underlying database via MyBatis.
*
* @param authProviderServiceClass
* The AuthenticationProviderService implementation which defines the
* behavior of this AuthenticationProvider.
*
* @throws GuacamoleException
* If the Injector cannot be created due to an error.
*/
public InjectedAuthenticationProvider(JDBCInjectorProvider injectorProvider,
Class<? extends AuthenticationProviderService> authProviderServiceClass)
throws GuacamoleException {
Injector injector = injectorProvider.get();
authProviderService = injector.getInstance(authProviderServiceClass);
}
@Override
public AuthenticatedUser authenticateUser(Credentials credentials)
throws GuacamoleException {
return authProviderService.authenticateUser(this, credentials);
}
@Override
public AuthenticatedUser updateAuthenticatedUser(AuthenticatedUser authenticatedUser,
Credentials credentials) throws GuacamoleException {
// No need to update authenticated users
return authenticatedUser;
}
@Override
public UserContext getUserContext(AuthenticatedUser authenticatedUser)
throws GuacamoleException {
return authProviderService.getUserContext(authenticatedUser);
}
@Override
public UserContext updateUserContext(UserContext context,
AuthenticatedUser authenticatedUser) throws GuacamoleException {
// No need to update the context
return context;
}
}

85
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java Normal file
View File

@@ -0,0 +1,85 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.guacamole.auth.jdbc;
import com.google.inject.Inject;
import com.google.inject.Provider;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.auth.jdbc.user.ModeledUser;
import org.apache.guacamole.auth.jdbc.user.UserContext;
import org.apache.guacamole.auth.jdbc.user.UserService;
import org.apache.guacamole.net.auth.AuthenticatedUser;
import org.apache.guacamole.net.auth.AuthenticationProvider;
import org.apache.guacamole.net.auth.Credentials;
import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
import org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
/**
* AuthenticationProviderService implementation which authenticates users with
* a username/password pair, producing new UserContext objects which are backed
* by an underlying, arbitrary database.
*
* @author Michael Jumper
*/
public class JDBCAuthenticationProviderService implements AuthenticationProviderService {
/**
* Service for accessing users.
*/
@Inject
private UserService userService;
/**
* Provider for retrieving UserContext instances.
*/
@Inject
private Provider<UserContext> userContextProvider;
@Override
public AuthenticatedUser authenticateUser(AuthenticationProvider authenticationProvider,
Credentials credentials) throws GuacamoleException {
// Authenticate user
AuthenticatedUser user = userService.retrieveAuthenticatedUser(authenticationProvider, credentials);
if (user != null)
return user;
// Otherwise, unauthorized
throw new GuacamoleInvalidCredentialsException("Invalid login", CredentialsInfo.USERNAME_PASSWORD);
}
@Override
public org.apache.guacamole.net.auth.UserContext getUserContext(
AuthenticatedUser authenticatedUser) throws GuacamoleException {
// Retrieve user account for already-authenticated user
ModeledUser user = userService.retrieveUser(authenticatedUser);
if (user == null)
return null;
// Link to user context
UserContext context = userContextProvider.get();
context.init(user.getCurrentUser());
return context;
}
}

90
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCInjectorProvider.java Normal file
View File

@@ -0,0 +1,90 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.guacamole.auth.jdbc;
import com.google.inject.Injector;
import java.util.concurrent.atomic.AtomicReference;
import org.apache.guacamole.GuacamoleException;
/**
* A caching provider of singleton Guice Injector instances. The first call to
* get() will return a new instance of the Guice Injector, while all subsequent
* calls will return that same instance. It is up to implementations of this
* class to define how the Guice Injector will be created through defining the
* create() function.
*
* IMPORTANT: Because the Injector returned by get() is cached statically, only
* ONE implementation of this class may be used within any individual
* classloader. Within the context of the JDBC extension, as long as each built
* extension only provides one subclass of this class, things should work
* properly, as each extension is given its own classloader by Guacamole.
*
* @author Michael Jumper
*/
public abstract class JDBCInjectorProvider {
/**
* An AtomicReference wrapping the cached Guice Injector. If the Injector
* has not yet been created, null will be wrapped instead.
*/
private static final AtomicReference<Injector> injector = new AtomicReference<Injector>(null);
/**
* Creates a new instance of the Guice Injector which should be used
* across the entire JDBC authentication extension. This function will
* generally only be called once, but multiple invocations are possible if
* get() is invoked several times concurrently prior to the Injector being
* cached.
*
* @return
* @throws GuacamoleException
*/
protected abstract Injector create() throws GuacamoleException;
/**
* Returns a common, singleton instance of a Guice Injector, configured for
* the injections required by the JDBC authentication extension. The result
* of the first call to this function will be cached statically within this
* class, and will be returned for all subsequent calls.
*
* @return
* A singleton instance of the Guice Injector used across the entire
* JDBC authentication extension.
*
* @throws GuacamoleException
* If the Injector cannot be created due to an error.
*/
public Injector get() throws GuacamoleException {
// Return existing Injector if already created
Injector value = injector.get();
if (value != null)
return value;
// Explicitly create and store new Injector only if necessary
injector.compareAndSet(null, create());
// Consistently return the same Injector, even if two create operations
// happen concurrently
return injector.get();
}
}

84
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SharedAuthenticationProviderService.java Normal file
View File

@@ -0,0 +1,84 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.guacamole.auth.jdbc.sharing;
import com.google.inject.Inject;
import com.google.inject.Provider;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.auth.jdbc.AuthenticationProviderService;
import org.apache.guacamole.net.auth.AuthenticatedUser;
import org.apache.guacamole.net.auth.AuthenticationProvider;
import org.apache.guacamole.net.auth.Credentials;
import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
import org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
/**
* Service which authenticates users based on share keys and provides for the
* creation of corresponding. The created UserContext objects are restricted to
* the connections associated with those share keys via a common
* ConnectionSharingService.
*
* @author Michael Jumper
*/
public class SharedAuthenticationProviderService implements AuthenticationProviderService {
/**
* Provider for retrieving SharedConnectionUserContext instances.
*/
@Inject
private Provider<SharedConnectionUserContext> sharedUserContextProvider;
/**
* Service for sharing active connections.
*/
@Inject
private ConnectionSharingService sharingService;
@Override
public AuthenticatedUser authenticateUser(AuthenticationProvider authenticationProvider,
Credentials credentials) throws GuacamoleException {
// Check whether user is authenticating with a valid sharing key
AuthenticatedUser user = sharingService.retrieveSharedConnectionUser(authenticationProvider, credentials);
if (user != null)
return user;
// Otherwise, unauthorized
throw new GuacamoleInvalidCredentialsException("Invalid login", CredentialsInfo.USERNAME_PASSWORD);
}
@Override
public org.apache.guacamole.net.auth.UserContext getUserContext(
AuthenticatedUser authenticatedUser) throws GuacamoleException {
// Produce sharing-specific user context if this is the user of a shared connection
if (authenticatedUser instanceof SharedConnectionUser) {
SharedConnectionUserContext context = sharedUserContextProvider.get();
context.init((SharedConnectionUser) authenticatedUser);
return context;
}
// No shared connections otherwise
return null;
}
}

72
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/java/org/apache/guacamole/auth/mysql/MySQLAuthenticationProvider.java
View File

@@ -19,15 +19,9 @@
package org.apache.guacamole.auth.mysql;
import com.google.inject.Guice;
import com.google.inject.Injector;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.net.auth.AuthenticationProvider;
import org.apache.guacamole.net.auth.Credentials;
import org.apache.guacamole.net.auth.UserContext;
import org.apache.guacamole.auth.jdbc.JDBCAuthenticationProviderModule;
import org.apache.guacamole.auth.jdbc.user.AuthenticationProviderService;
import org.apache.guacamole.net.auth.AuthenticatedUser;
import org.apache.guacamole.auth.jdbc.InjectedAuthenticationProvider;
import org.apache.guacamole.auth.jdbc.JDBCAuthenticationProviderService;
/**
* Provides a MySQL based implementation of the AuthenticationProvider
@@ -36,13 +30,7 @@ import org.apache.guacamole.net.auth.AuthenticatedUser;
* @author James Muehlner
* @author Michael Jumper
*/
public class MySQLAuthenticationProvider implements AuthenticationProvider {
/**
* Injector which will manage the object graph of this authentication
* provider.
*/
private final Injector injector;
public class MySQLAuthenticationProvider extends InjectedAuthenticationProvider {
/**
* Creates a new MySQLAuthenticationProvider that reads and writes
@@ -54,21 +42,7 @@ public class MySQLAuthenticationProvider implements AuthenticationProvider {
* a property.
*/
public MySQLAuthenticationProvider() throws GuacamoleException {
// Get local environment
MySQLEnvironment environment = new MySQLEnvironment();
// Set up Guice injector.
injector = Guice.createInjector(
// Configure MySQL-specific authentication
new MySQLAuthenticationProviderModule(environment),
// Configure JDBC authentication core
new JDBCAuthenticationProviderModule(environment)
);
super(new MySQLInjectorProvider(), JDBCAuthenticationProviderService.class);
}
@Override
@@ -76,42 +50,4 @@ public class MySQLAuthenticationProvider implements AuthenticationProvider {
return "mysql";
}
@Override
public AuthenticatedUser authenticateUser(Credentials credentials)
throws GuacamoleException {
// Create AuthenticatedUser based on credentials, if valid
AuthenticationProviderService authProviderService = injector.getInstance(AuthenticationProviderService.class);
return authProviderService.authenticateUser(this, credentials);
}
@Override
public AuthenticatedUser updateAuthenticatedUser(AuthenticatedUser authenticatedUser,
Credentials credentials) throws GuacamoleException {
// No need to update authenticated users
return authenticatedUser;
}
@Override
public UserContext getUserContext(AuthenticatedUser authenticatedUser)
throws GuacamoleException {
// Create UserContext based on credentials, if valid
AuthenticationProviderService authProviderService = injector.getInstance(AuthenticationProviderService.class);
return authProviderService.getUserContext(authenticatedUser);
}
@Override
public UserContext updateUserContext(UserContext context,
AuthenticatedUser authenticatedUser) throws GuacamoleException {
// No need to update the context
return context;
}
}

51
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/java/org/apache/guacamole/auth/mysql/MySQLInjectorProvider.java Normal file
View File

@@ -0,0 +1,51 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.guacamole.auth.mysql;
import com.google.inject.Guice;
import com.google.inject.Injector;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.auth.jdbc.JDBCAuthenticationProviderModule;
import org.apache.guacamole.auth.jdbc.JDBCInjectorProvider;
/**
* JDBCInjectorProvider implementation which configures Guice injections for
* connecting to a MySQL database based on MySQL-specific options provided via
* guacamole.properties.
*
* @author Michael Jumper
*/
public class MySQLInjectorProvider extends JDBCInjectorProvider {
@Override
protected Injector create() throws GuacamoleException {
// Get local environment
MySQLEnvironment environment = new MySQLEnvironment();
// Set up Guice injector
return Guice.createInjector(
new JDBCAuthenticationProviderModule(environment),
new MySQLAuthenticationProviderModule(environment)
);
}
}

52
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/java/org/apache/guacamole/auth/mysql/MySQLSharedAuthenticationProvider.java Normal file
View File

@@ -0,0 +1,52 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.guacamole.auth.mysql;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.auth.jdbc.InjectedAuthenticationProvider;
import org.apache.guacamole.auth.jdbc.sharing.SharedAuthenticationProviderService;
/**
* Provides a implementation of AuthenticationProvider which interacts with the
* MySQL AuthenticationProvider, accepting share keys as credentials and
* providing access to the shared connections.
*
* @author Michael Jumper
*/
public class MySQLSharedAuthenticationProvider extends InjectedAuthenticationProvider {
/**
* Creates a new MySQLSharedAuthenticationProvider that provides access to
* shared connections exposed by the MySQLAuthenticationProvider.
*
* @throws GuacamoleException
* If a required property is missing, or an error occurs while parsing
* a property.
*/
public MySQLSharedAuthenticationProvider() throws GuacamoleException {
super(new MySQLInjectorProvider(), SharedAuthenticationProviderService.class);
}
@Override
public String getIdentifier() {
return "mysql-shared";
}
}

3
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/guac-manifest.json
View File

@@ -6,7 +6,8 @@
"namespace" : "guac-mysql",
"authProviders" : [
"org.apache.guacamole.auth.mysql.MySQLAuthenticationProvider"
"org.apache.guacamole.auth.mysql.MySQLAuthenticationProvider",
"org.apache.guacamole.auth.mysql.MySQLSharedAuthenticationProvider"
],
"translations" : [

79
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/java/org/apache/guacamole/auth/postgresql/PostgreSQLAuthenticationProvider.java
View File

@@ -19,17 +19,9 @@
package org.apache.guacamole.auth.postgresql;
import com.google.inject.Guice;
import com.google.inject.Injector;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.net.auth.AuthenticationProvider;
import org.apache.guacamole.net.auth.Credentials;
import org.apache.guacamole.net.auth.UserContext;
import org.apache.guacamole.auth.jdbc.JDBCAuthenticationProviderModule;
import org.apache.guacamole.auth.jdbc.user.AuthenticationProviderService;
import org.apache.guacamole.net.auth.AuthenticatedUser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.apache.guacamole.auth.jdbc.InjectedAuthenticationProvider;
import org.apache.guacamole.auth.jdbc.JDBCAuthenticationProviderService;
/**
* Provides a PostgreSQL-based implementation of the AuthenticationProvider
@@ -38,18 +30,7 @@ import org.slf4j.LoggerFactory;
* @author James Muehlner
* @author Michael Jumper
*/
public class PostgreSQLAuthenticationProvider implements AuthenticationProvider {
/**
* Logger for this class.
*/
private static final Logger logger = LoggerFactory.getLogger(PostgreSQLAuthenticationProvider.class);
/**
* Injector which will manage the object graph of this authentication
* provider.
*/
private final Injector injector;
public class PostgreSQLAuthenticationProvider extends InjectedAuthenticationProvider {
/**
* Creates a new PostgreSQLAuthenticationProvider that reads and writes
@@ -61,21 +42,7 @@ public class PostgreSQLAuthenticationProvider implements AuthenticationProvider
* a property.
*/
public PostgreSQLAuthenticationProvider() throws GuacamoleException {
// Get local environment
PostgreSQLEnvironment environment = new PostgreSQLEnvironment();
// Set up Guice injector.
injector = Guice.createInjector(
// Configure PostgreSQL-specific authentication
new PostgreSQLAuthenticationProviderModule(environment),
// Configure JDBC authentication core
new JDBCAuthenticationProviderModule(environment)
);
super(new PostgreSQLInjectorProvider(), JDBCAuthenticationProviderService.class);
}
@Override
@@ -83,42 +50,4 @@ public class PostgreSQLAuthenticationProvider implements AuthenticationProvider
return "postgresql";
}
@Override
public AuthenticatedUser authenticateUser(Credentials credentials)
throws GuacamoleException {
// Create AuthenticatedUser based on credentials, if valid
AuthenticationProviderService authProviderService = injector.getInstance(AuthenticationProviderService.class);
return authProviderService.authenticateUser(this, credentials);
}
@Override
public AuthenticatedUser updateAuthenticatedUser(AuthenticatedUser authenticatedUser,
Credentials credentials) throws GuacamoleException {
// No need to update authenticated users
return authenticatedUser;
}
@Override
public UserContext getUserContext(AuthenticatedUser authenticatedUser)
throws GuacamoleException {
// Create UserContext based on credentials, if valid
AuthenticationProviderService authProviderService = injector.getInstance(AuthenticationProviderService.class);
return authProviderService.getUserContext(authenticatedUser);
}
@Override
public UserContext updateUserContext(UserContext context,
AuthenticatedUser authenticatedUser) throws GuacamoleException {
// No need to update the context
return context;
}
}

51
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/java/org/apache/guacamole/auth/postgresql/PostgreSQLInjectorProvider.java Normal file
View File

@@ -0,0 +1,51 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.guacamole.auth.postgresql;
import com.google.inject.Guice;
import com.google.inject.Injector;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.auth.jdbc.JDBCAuthenticationProviderModule;
import org.apache.guacamole.auth.jdbc.JDBCInjectorProvider;
/**
* JDBCInjectorProvider implementation which configures Guice injections for
* connecting to a PostgreSQL database based on PostgreSQL-specific options
* provided via guacamole.properties.
*
* @author Michael Jumper
*/
public class PostgreSQLInjectorProvider extends JDBCInjectorProvider {
@Override
protected Injector create() throws GuacamoleException {
// Get local environment
PostgreSQLEnvironment environment = new PostgreSQLEnvironment();
// Set up Guice injector
return Guice.createInjector(
new JDBCAuthenticationProviderModule(environment),
new PostgreSQLAuthenticationProviderModule(environment)
);
}
}

52
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/java/org/apache/guacamole/auth/postgresql/PostgreSQLSharedAuthenticationProvider.java Normal file
View File

@@ -0,0 +1,52 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.guacamole.auth.postgresql;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.auth.jdbc.InjectedAuthenticationProvider;
import org.apache.guacamole.auth.jdbc.sharing.SharedAuthenticationProviderService;
/**
* Provides a implementation of AuthenticationProvider which interacts with the
* PostgreSQL AuthenticationProvider, accepting share keys as credentials and
* providing access to the shared connections.
*
* @author Michael Jumper
*/
public class PostgreSQLSharedAuthenticationProvider extends InjectedAuthenticationProvider {
/**
* Creates a new PostgreSQLSharedAuthenticationProvider that provides access
* to shared connections exposed by the PostgreSQLAuthenticationProvider.
*
* @throws GuacamoleException
* If a required property is missing, or an error occurs while parsing
* a property.
*/
public PostgreSQLSharedAuthenticationProvider() throws GuacamoleException {
super(new PostgreSQLInjectorProvider(), SharedAuthenticationProviderService.class);
}
@Override
public String getIdentifier() {
return "postgresql-shared";
}
}

3
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/guac-manifest.json
View File

@@ -6,7 +6,8 @@
"namespace" : "guac-postgresql",
"authProviders" : [
"org.apache.guacamole.auth.postgresql.PostgreSQLAuthenticationProvider"
"org.apache.guacamole.auth.postgresql.PostgreSQLAuthenticationProvider",
"org.apache.guacamole.auth.postgresql.PostgreSQLSharedAuthenticationProvider"
],
"translations" : [