GUACAMOLE-244: Implement custom property type to handle alias dereferencing configuration.

extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ConfigurationService.java

@@ -238,38 +238,18 @@ public class ConfigurationService {
      * dereference them.
      *
      * @return
-     *     An integer value that maps to the JLDAP constants
-     *     for dereferencing - 0 is DEREF_NEVER, 1 is DEREF_SEARCHING,
-     *     2 is DEREF_FINDING, and 3 is DEREF_ALWAYS - as configured
-     *     in guacamole.properties.
+     *     The behavior for handling dereferencing of aliases
+     *     as configured in guacamole.properties.
      *
      * @throws GuacamoleException
      *     If guacamole.properties cannot be parsed.
      */
-    public int getDereferenceAliases() throws GuacamoleException {
-        String derefAliases = environment.getProperty(
+    public DereferenceAliases getDereferenceAliases() throws GuacamoleException {
+        return environment.getProperty(
             LDAPGuacamoleProperties.LDAP_DEREFERENCE_ALIASES,
-            "never"
+            DereferenceAliases.NEVER
         );
 
-        if (derefAliases.equals("always"))
-            return 3;
-
-        else if (derefAliases.equals("finding"))
-            return 2;
-
-        else if (derefAliases.equals("searching"))
-            return 1;
-
-        else if (derefAliases.equals("never"))
-            return 0;
-        
-        else {
-            logger.error("Invalid value given for ldap-dereference-aliases.");
-            logger.debug("Received {} but expected one of the following: always, finding, searching, never.", derefAliases);
-            throw new GuacamoleException("Invalid valid for ldap-dereference-aliases.");
-        }
-
     }
 
     /**
@@ -292,7 +272,7 @@ public class ConfigurationService {
         LDAPSearchConstraints constraints = new LDAPSearchConstraints();
 
         constraints.setMaxResults(getMaxResults());
-        constraints.setDereference(getDereferenceAliases());
+        constraints.setDereference(getDereferenceAliases().DEREF_VALUE);
 
         return constraints;
 

extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/DereferenceAliases.java

@@ -0,0 +1,71 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.ldap;
+
+/**
+ * Acceptable values for configuring the dereferencing of aliases in
+ * talking to LDAP servers.
+ */
+public enum DereferenceAliases {
+
+    /**
+     * Never dereference aliases.  This is the default.
+     */
+    NEVER(0),
+
+    /**
+     * Aliases are dereferenced below the base object, but not to locate
+     * the base object itself.  So, if the base object is itself an alias
+     * the search will not complete.
+     */
+    SEARCHING(1),
+
+    /**
+     * Aliases are only dereferenced to locate the base object, but not
+     * after that.  So, a search against a base object that is an alias will
+     * find any subordinates of the real object the aliase references, but
+     * further aliases in the search will not be dereferenced.
+     */
+    FINDING(2),
+
+    /**
+     * Aliases will always be dereferenced, both to locate the base object
+     * and when handling results returned by the search.
+     */
+    ALWAYS(3);
+
+    /**
+     * The integer value that the enum represents, which is used in
+     * configuring the JLDAP library.
+     */
+    public final int DEREF_VALUE;
+
+    /**
+     * Initializes the dereference aliases object with the integer
+     * value the setting maps to per the JLDAP implementation.
+     *
+     * @param derefValue
+     *     The value associated with this dereference setting
+     */
+    private DereferenceAliases(int derefValue) {
+        this.DEREF_VALUE = derefValue;
+    }
+
+}

extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/DereferenceAliasesProperty.java

@@ -0,0 +1,61 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.ldap;
+
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleServerException;
+import org.apache.guacamole.properties.GuacamoleProperty;
+
+/**
+ * A GuacamoleProperty with a value of DereferenceAliases. The possible strings
+ * "never", "searching", "finding", and "always" are mapped to their values as a
+ * DereferenceAliases enum.  Anything else results in a parse error.
+ */
+public abstract class DereferenceAliasesProperty implements GuacamoleProperty<DereferenceAliases> {
+
+    @Override
+    public DereferenceAliases parseValue(String value) throws GuacamoleException {
+
+        // No value provided, so return null.
+        if (value == null)
+            return null;
+
+        // Never dereference aliases
+        if (value.equals("never"))
+            return DereferenceAliases.NEVER;
+
+        // Dereference aliases during search operations, but not at base
+        if (value.equals("searching"))
+            return DereferenceAliases.SEARCHING;
+
+        // Dereference aliases to locate base, but not during searches
+        if (value.equals("finding"))
+            return DereferenceAliases.FINDING;
+
+        // Always dereference aliases
+        if (value.equals("always"))
+            return DereferenceAliases.ALWAYS;
+
+        // Anything else is invalid and results in an error
+        throw new GuacamoleServerException("Dereference aliases must be one of \"never\", \"searching\", \"finding\", or \"always\".");
+
+    }
+
+}

extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPGuacamoleProperties.java

@@ -156,7 +156,7 @@ public class LDAPGuacamoleProperties {
     /**
      * The behavior of alias dereferencing for the LDAP connections.
      */
-    public static final StringGuacamoleProperty LDAP_DEREFERENCE_ALIASES = new StringGuacamoleProperty() {
+    public static final DereferenceAliasesProperty LDAP_DEREFERENCE_ALIASES = new DereferenceAliasesProperty() {
 
         @Override
         public String getName() { return "ldap-dereference-aliases"; }