From c7bb1cb50c6dae7efd8f85f39ef5320d787a6696 Mon Sep 17 00:00:00 2001
From: James Muehlner <james.muehlner@guac-dev.org>
Date: Thu, 25 Aug 2022 00:03:18 +0000
Subject: [PATCH] GUACAMOLE-1661: Parse config only once when iterating
 records.

---
 .../guacamole/vault/ksm/secret/KsmClient.java   | 17 ++++++++---------
 1 file changed, 8 insertions(+), 9 deletions(-)

diff --git a/extensions/guacamole-vault/modules/guacamole-vault-ksm/src/main/java/org/apache/guacamole/vault/ksm/secret/KsmClient.java b/extensions/guacamole-vault/modules/guacamole-vault-ksm/src/main/java/org/apache/guacamole/vault/ksm/secret/KsmClient.java
index fd339dac5..6e0bdf177 100644
--- a/extensions/guacamole-vault/modules/guacamole-vault-ksm/src/main/java/org/apache/guacamole/vault/ksm/secret/KsmClient.java
+++ b/extensions/guacamole-vault/modules/guacamole-vault-ksm/src/main/java/org/apache/guacamole/vault/ksm/secret/KsmClient.java
@@ -277,13 +277,13 @@ public class KsmClient {
             cachedAmbiguousDomains.clear();
             cachedRecordsByDomain.clear();
 
+            // Parse configuration
+            final boolean shouldSplitUsernames = confService.getSplitWindowsUsernames();
+            final boolean shouldMatchByDomain = confService.getMatchUserRecordsByDomain();
+
             // Store all records, sorting each into host-based, login-based,
             // and domain-based buckets
-            Iterator<KeeperRecord> recordIterator = records.iterator();
-            while(recordIterator.hasNext()) {
-
-                // Go through records one at a time
-                KeeperRecord record = recordIterator.next();
+            records.forEach(record -> {
 
                 // Store based on UID ...
                 cachedRecordsByUid.put(record.getRecordUid(), record);
@@ -300,8 +300,7 @@ public class KsmClient {
                 String username = recordService.getUsername(record);
 
                 // If we have a username, and there isn't already a domain explicitly defined
-                if (username != null && domain == null
-                        && confService.getSplitWindowsUsernames()) {
+                if (username != null && domain == null && shouldSplitUsernames) {
 
                     // Attempt to split out the domain of the username
                     WindowsUsername usernameAndDomain = (
@@ -319,7 +318,7 @@ public class KsmClient {
                 // If domain matching is not enabled for user records,
                 // explicitly set all domains to null to allow matching
                 // on username only
-                if (!confService.getMatchUserRecordsByDomain())
+                if (!shouldMatchByDomain)
                     domain = null;
 
                 // Store based on login ONLY if no hostname (will otherwise
@@ -328,7 +327,7 @@ public class KsmClient {
                 if (hostname == null)
                     addRecordForLogin(record, username, domain);
 
-            }
+            });
 
             // Cache has been refreshed
             this.cacheTimestamp = System.currentTimeMillis();