GUACAMOLE-540: Move remote address processing to Credentials class for consistency.

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/ModeledUserContext.java

@@ -137,7 +137,7 @@ public class ModeledUserContext extends RestrictedObject
         userRecord = new ActivityRecordModel();
         userRecord.setUsername(currentUser.getIdentifier());
         userRecord.setStartDate(new Date());
-        userRecord.setRemoteHost(currentUser.getCredentials().getRemoteHostname());
+        userRecord.setRemoteHost(currentUser.getCredentials().getRemoteAddress());
 
         // Insert record representing login
         userRecordMapper.insert(userRecord);

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/RemoteAuthenticatedUser.java

@@ -19,9 +19,6 @@
 
 package org.apache.guacamole.auth.jdbc.user;
 
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-import javax.servlet.http.HttpServletRequest;
 import org.apache.guacamole.net.auth.AuthenticatedUser;
 import org.apache.guacamole.net.auth.AuthenticationProvider;
 import org.apache.guacamole.net.auth.Credentials;
@@ -45,60 +42,7 @@ public abstract class RemoteAuthenticatedUser implements AuthenticatedUser {
      * The host from which this user authenticated.
      */
     private final String remoteHost;
-
-    /**
-     * Regular expression which matches any IPv4 address.
-     */
-    private static final String IPV4_ADDRESS_REGEX = "([0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})";
-
-    /**
-     * Regular expression which matches any IPv6 address.
-     */
-    private static final String IPV6_ADDRESS_REGEX = "([0-9a-fA-F]*(:[0-9a-fA-F]*){0,7})";
-
-    /**
-     * Regular expression which matches any IP address, regardless of version.
-     */
-    private static final String IP_ADDRESS_REGEX = "(" + IPV4_ADDRESS_REGEX + "|" + IPV6_ADDRESS_REGEX + ")";
-
-    /**
-     * Pattern which matches valid values of the de-facto standard
-     * "X-Forwarded-For" header.
-     */
-    private static final Pattern X_FORWARDED_FOR = Pattern.compile("^" + IP_ADDRESS_REGEX + "(, " + IP_ADDRESS_REGEX + ")*$");
-
-    /**
-     * Derives the remote host of the authenticating user from the given
-     * credentials object. The remote host is derived from X-Forwarded-For
-     * in addition to the actual source IP of the request, and thus is not
-     * trusted. The derived remote host is really only useful for logging,
-     * unless the server is configured such that X-Forwarded-For is guaranteed
-     * to be trustworthy.
-     *
-     * @param credentials
-     *     The credentials to derive the remote host from.
-     *
-     * @return
-     *     The remote host from which the user with the given credentials is
-     *     authenticating.
-     */
-    private static String getRemoteHost(Credentials credentials) {
-
-        HttpServletRequest request = credentials.getRequest();
-
-        // Use X-Forwarded-For, if present and valid
-        String header = request.getHeader("X-Forwarded-For");
-        if (header != null) {
-            Matcher matcher = X_FORWARDED_FOR.matcher(header);
-            if (matcher.matches())
-                return matcher.group(1);
-        }
-
-        // If header absent or invalid, just use source IP
-        return request.getRemoteAddr();
-
-    }
-    
+ 
     /**
      * Creates a new RemoteAuthenticatedUser, deriving the associated remote
      * host from the given credentials.
@@ -113,7 +57,7 @@ public abstract class RemoteAuthenticatedUser implements AuthenticatedUser {
             Credentials credentials) {
         this.authenticationProvider = authenticationProvider;
         this.credentials = credentials;
-        this.remoteHost = getRemoteHost(credentials);
+        this.remoteHost = credentials.getRemoteAddress();
     }
 
     @Override