safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 13:17:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUACAMOLE-996: Add support for configuring group filter.

Browse Source
This commit is contained in:
Edgardo Rodriguez
2020-04-04 18:31:30 -03:00
committed by Michael Jumper
parent 5d05442057
commit cb61fc8312
3 changed files with 35 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/ConfigurationService.java
View File

@@ -25,6 +25,7 @@ import java.util.List;
import org.apache.directory.api.ldap.model.filter.ExprNode; import org.apache.directory.api.ldap.model.filter.ExprNode;
import org.apache.directory.api.ldap.model.filter.PresenceNode; import org.apache.directory.api.ldap.model.filter.PresenceNode;
import org.apache.directory.api.ldap.model.message.AliasDerefMode; import org.apache.directory.api.ldap.model.message.AliasDerefMode;
import org.apache.directory.api.ldap.model.filter.EqualityNode;
import org.apache.directory.api.ldap.model.name.Dn; import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.guacamole.GuacamoleException; import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.environment.Environment; import org.apache.guacamole.environment.Environment;
@@ -321,6 +322,26 @@ public class ConfigurationService {
); );
} }
/**
* Returns the search filter that should be used when querying the
* LDAP server for Guacamole groups. If no filter is specified,
* a default of "(objectClass=group)" is returned.
*
* @return
* The search filter that should be used when querying the
* LDAP server for groups that are valid in Guacamole, or
* "(objectClass=group)" if not specified.
*
* @throws GuacamoleException
* If guacamole.properties cannot be parsed.
*/
public ExprNode getGroupSearchFilter() throws GuacamoleException {
return environment.getProperty(
LDAPGuacamoleProperties.LDAP_GROUP_SEARCH_FILTER,
new EqualityNode("objectClass","group")
);
}
/** /**
* Returns the maximum number of seconds to wait for LDAP operations. * Returns the maximum number of seconds to wait for LDAP operations.
* *

11
extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/LDAPGuacamoleProperties.java
View File

@@ -210,6 +210,17 @@ public class LDAPGuacamoleProperties {
}; };
/**
* A search filter to apply to group LDAP queries.
*/
public static final LdapFilterGuacamoleProperty LDAP_GROUP_SEARCH_FILTER =
new LdapFilterGuacamoleProperty() {
@Override
public String getName() { return "ldap-group-search-filter"; }
};
/** /**
* Whether or not we should follow referrals. * Whether or not we should follow referrals.
*/ */

6
extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/group/UserGroupService.java
View File

@@ -87,9 +87,9 @@ public class UserGroupService {
if (confService.getConfigurationBaseDN() != null) if (confService.getConfigurationBaseDN() != null)
return new NotNode(new EqualityNode("objectClass","guacConfigGroup")); return new NotNode(new EqualityNode("objectClass","guacConfigGroup"));
// Read any object as a group if LDAP is not being used for connection // Read objects from LDAP with filter defined by "ldap-group-search-filter"
// storage (guacConfigGroup) // as a group if LDAP is not being used for connection storage (guacConfigGroup)
return new PresenceNode("objectClass"); return confService.getGroupSearchFilter();
} }