From 958eedb76bf3a3b8d2590717a5d9c9815b80f963 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Mon, 28 Jan 2013 12:41:52 -0800 Subject: [PATCH] Migrate authentication to new API, bump version. --- guacamole/pom.xml | 4 +- .../net/basic/AuthenticatingHttpServlet.java | 72 +++++++++++-------- .../basic/BasicGuacamoleTunnelServlet.java | 16 ++++- .../guacamole/net/basic/BasicLogin.java | 5 +- .../net/basic/ConfigurationList.java | 27 ++++++- 5 files changed, 84 insertions(+), 40 deletions(-) diff --git a/guacamole/pom.xml b/guacamole/pom.xml index 48cb185c3..3acfeb650 100644 --- a/guacamole/pom.xml +++ b/guacamole/pom.xml @@ -5,7 +5,7 @@ net.sourceforge.guacamole guacamole war - 0.7.1 + 0.8.0 guacamole http://guac-dev.org/ @@ -88,7 +88,7 @@ net.sourceforge.guacamole guacamole-ext - 0.7.0 + 0.8.0 diff --git a/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/AuthenticatingHttpServlet.java b/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/AuthenticatingHttpServlet.java index c46e16172..eed5eb523 100644 --- a/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/AuthenticatingHttpServlet.java +++ b/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/AuthenticatingHttpServlet.java @@ -21,7 +21,6 @@ package net.sourceforge.guacamole.net.basic; import java.io.IOException; import java.util.Collection; -import java.util.Map; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; @@ -30,6 +29,7 @@ import javax.servlet.http.HttpSession; import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.net.auth.AuthenticationProvider; import net.sourceforge.guacamole.net.auth.Credentials; +import net.sourceforge.guacamole.net.auth.UserContext; import net.sourceforge.guacamole.net.basic.event.SessionListenerCollection; import net.sourceforge.guacamole.net.basic.properties.BasicGuacamoleProperties; import net.sourceforge.guacamole.net.event.AuthenticationFailureEvent; @@ -37,7 +37,6 @@ import net.sourceforge.guacamole.net.event.AuthenticationSuccessEvent; import net.sourceforge.guacamole.net.event.listener.AuthenticationFailureListener; import net.sourceforge.guacamole.net.event.listener.AuthenticationSuccessListener; import net.sourceforge.guacamole.properties.GuacamoleProperties; -import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -46,12 +45,12 @@ import org.slf4j.LoggerFactory; * is only called if the HTTP request is authenticated, or the current * HTTP session has already been authenticated. * - * Authorized configurations are retrieved using the authentication provider - * defined in guacamole.properties. The authentication provider has access - * to the request and session, in addition to any submitted username and - * password, in order to authenticate the user. + * The user context is retrieved using the authentication provider defined in + * guacamole.properties. The authentication provider has access to the request + * and session, in addition to any submitted username and password, in order + * to authenticate the user. * - * All authorized configurations will be stored in the current HttpSession. + * The user context will be stored in the current HttpSession. * * Success and failure are logged. * @@ -62,9 +61,9 @@ public abstract class AuthenticatingHttpServlet extends HttpServlet { private Logger logger = LoggerFactory.getLogger(AuthenticatingHttpServlet.class); /** - * The session attribute holding the map of configurations. + * The session attribute holding the current UserContext. */ - private static final String CONFIGURATIONS_ATTRIBUTE = "GUAC_CONFIGS"; + private static final String CONTEXT_ATTRIBUTE = "GUAC_CONTEXT"; /** * The session attribute holding the credentials authorizing this session. @@ -175,13 +174,13 @@ public abstract class AuthenticatingHttpServlet extends HttpServlet { } /** - * Returns the configurations associated with the given session. + * Returns the UserContext associated with the given session. * - * @param session The session to retrieve configurations from. - * @return The configurations associated with the given session. + * @param session The session to retrieve UserContext from. + * @return The UserContext associated with the given session. */ - protected Map getConfigurations(HttpSession session) { - return (Map) session.getAttribute(CONFIGURATIONS_ATTRIBUTE); + protected UserContext getUserContext(HttpSession session) { + return (UserContext) session.getAttribute(CONTEXT_ATTRIBUTE); } @Override @@ -190,12 +189,12 @@ public abstract class AuthenticatingHttpServlet extends HttpServlet { HttpSession httpSession = request.getSession(true); - // Try to get configs from session - Map configs = getConfigurations(httpSession); + // Try to get user context from session + UserContext context = getUserContext(httpSession); - // If no configs, try to authenticate the user to get the configs using + // If no context, try to authenticate the user to get the context using // this request. - if (configs == null) { + if (context == null) { SessionListenerCollection listeners; try { @@ -218,17 +217,17 @@ public abstract class AuthenticatingHttpServlet extends HttpServlet { credentials.setUsername(username); credentials.setPassword(password); - // Get authorized configs + // Get authorized context try { - configs = authProvider.getAuthorizedConfigurations(credentials); + context = authProvider.getUserContext(credentials); } /******** HANDLE FAILED AUTHENTICATION ********/ - // If error retrieving configs, fail authentication, notify listeners + // If error retrieving context, fail authentication, notify listeners catch (GuacamoleException e) { - logger.error("Error retrieving configuration(s) for user \"{}\".", + logger.error("Error retrieving context for user \"{}\".", credentials.getUsername(), e); notifyFailed(listeners, credentials); @@ -236,8 +235,8 @@ public abstract class AuthenticatingHttpServlet extends HttpServlet { return; } - // If no configs, fail authentication, notify listeners - if (configs == null) { + // If no context, fail authentication, notify listeners + if (context == null) { logger.warn("Authentication attempt from {} for user \"{}\" failed.", request.getRemoteAddr(), credentials.getUsername()); @@ -272,20 +271,35 @@ public abstract class AuthenticatingHttpServlet extends HttpServlet { } - // Associate configs and credentials with session - httpSession.setAttribute(CONFIGURATIONS_ATTRIBUTE, configs); - httpSession.setAttribute(CREDENTIALS_ATTRIBUTE, credentials); + // Associate context and credentials with session + httpSession.setAttribute(CONTEXT_ATTRIBUTE, context); + httpSession.setAttribute(CREDENTIALS_ATTRIBUTE, credentials); } // Allow servlet to run now that authentication has been validated - authenticatedService(configs, request, response); + authenticatedService(context, request, response); } + /** + * Function called after the credentials given in the request (if any) + * are authenticated. If the current session is not associated with + * valid credentials, this function will not be called. + * + * @param context The current UserContext. + * @param request The HttpServletRequest being serviced. + * @param response An HttpServletResponse which controls the HTTP response + * of this servlet. + * + * @throws ServletException If an error occurs that interferes with the + * normal operation of this servlet. + * @throws IOException If an error occurs that prevents this servlet from + * communicating. + */ protected abstract void authenticatedService( - Map configs, + UserContext context, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException; diff --git a/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/BasicGuacamoleTunnelServlet.java b/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/BasicGuacamoleTunnelServlet.java index 8dd18224c..cf38e5598 100644 --- a/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/BasicGuacamoleTunnelServlet.java +++ b/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/BasicGuacamoleTunnelServlet.java @@ -32,6 +32,8 @@ import net.sourceforge.guacamole.net.GuacamoleSocket; import net.sourceforge.guacamole.net.GuacamoleTunnel; import net.sourceforge.guacamole.net.InetGuacamoleSocket; import net.sourceforge.guacamole.net.auth.Credentials; +import net.sourceforge.guacamole.net.auth.GuacamoleConfigurationDirectory; +import net.sourceforge.guacamole.net.auth.UserContext; import net.sourceforge.guacamole.net.basic.event.SessionListenerCollection; import net.sourceforge.guacamole.net.event.TunnelCloseEvent; import net.sourceforge.guacamole.net.event.TunnelConnectEvent; @@ -57,7 +59,7 @@ public class BasicGuacamoleTunnelServlet extends AuthenticatingHttpServlet { @Override protected void authenticatedService( - Map configs, + UserContext context, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { @@ -169,8 +171,16 @@ public class BasicGuacamoleTunnelServlet extends AuthenticatingHttpServlet { // Get credentials final Credentials credentials = getCredentials(httpSession); - // Get authorized configs - Map configs = getConfigurations(httpSession); + // Get context + UserContext context = getUserContext(httpSession); + + // Get configuration directory + GuacamoleConfigurationDirectory directory = + context.getGuacamoleConfigurationDirectory(); + + // Attempt to get configurations from directory + Map configs = + directory.getConfigurations(); // If no configs/credentials in session, not authorized if (credentials == null || configs == null) diff --git a/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/BasicLogin.java b/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/BasicLogin.java index 9ee86085b..cb2d1bfc6 100644 --- a/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/BasicLogin.java +++ b/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/BasicLogin.java @@ -19,10 +19,9 @@ package net.sourceforge.guacamole.net.basic; */ import java.io.IOException; -import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; +import net.sourceforge.guacamole.net.auth.UserContext; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -38,7 +37,7 @@ public class BasicLogin extends AuthenticatingHttpServlet { @Override protected void authenticatedService( - Map configs, + UserContext context, HttpServletRequest request, HttpServletResponse response) throws IOException { logger.info("Login was successful."); diff --git a/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/ConfigurationList.java b/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/ConfigurationList.java index ac1807d91..2a7bf8a7c 100644 --- a/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/ConfigurationList.java +++ b/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/ConfigurationList.java @@ -21,11 +21,15 @@ package net.sourceforge.guacamole.net.basic; import java.io.IOException; import java.util.Map; import java.util.Map.Entry; +import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.xml.stream.XMLOutputFactory; import javax.xml.stream.XMLStreamException; import javax.xml.stream.XMLStreamWriter; +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.net.auth.GuacamoleConfigurationDirectory; +import net.sourceforge.guacamole.net.auth.UserContext; import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; /** @@ -38,16 +42,33 @@ public class ConfigurationList extends AuthenticatingHttpServlet { @Override protected void authenticatedService( - Map configs, + UserContext context, HttpServletRequest request, HttpServletResponse response) - throws IOException { + throws IOException, ServletException { // Do not cache response.setHeader("Cache-Control", "no-cache"); - // Write XML + // Write XML content type response.setHeader("Content-Type", "text/xml"); + // Attempt to get configurations + Map configs; + try { + + // Get configuration directory + GuacamoleConfigurationDirectory directory = + context.getGuacamoleConfigurationDirectory(); + + // Get configurations + configs = directory.getConfigurations(); + + } + catch (GuacamoleException e) { + throw new ServletException("Unable to retrieve configurations.", e); + } + + // Write actual XML try { XMLOutputFactory outputFactory = XMLOutputFactory.newInstance();