mirror of
https://github.com/gyurix1968/guacamole-client.git
synced 2025-09-06 13:17:41 +00:00
GUACAMOLE-1239: Remove per-extension configuration for case-sensitivity, retaining only global configuration.
This commit is contained in:
Virtually Nick
@@ -53,26 +53,5 @@ public class ConfigurationService {
|
||||
"REMOTE_USER"
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns true if the usernames provided to the header authentication
|
||||
* module should be treated as case-sensitive, or false if usernames
|
||||
* should be treated as case-insensitive. This will default to the global
|
||||
* Guacamole configuration for case-sensitivity, which defaults to true, but
|
||||
* can be overridden for this extension, if desired.
|
||||
*
|
||||
* @return
|
||||
* true if usernames should be treated as case-sensitive, otherwise
|
||||
* false.
|
||||
*
|
||||
* @throws GuacamoleException
|
||||
* If guacamole.properties cannot be parsed.
|
||||
*/
|
||||
public boolean getCaseSensitiveUsernames() throws GuacamoleException {
|
||||
return environment.getProperty(
|
||||
HTTPHeaderGuacamoleProperties.HTTP_AUTH_CASE_SENSITIVE_USERNAMES,
|
||||
environment.getCaseSensitiveUsernames()
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -19,7 +19,6 @@
|
||||
|
||||
package org.apache.guacamole.auth.header;
|
||||
|
||||
import org.apache.guacamole.properties.BooleanGuacamoleProperty;
|
||||
import org.apache.guacamole.properties.StringGuacamoleProperty;
|
||||
|
||||
|
||||
@@ -44,17 +43,5 @@ public class HTTPHeaderGuacamoleProperties {
|
||||
public String getName() { return "http-auth-header"; }
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* A property used to configure whether or not usernames within the header
|
||||
* module should be treated as case-sensitive.
|
||||
*/
|
||||
public static final BooleanGuacamoleProperty HTTP_AUTH_CASE_SENSITIVE_USERNAMES =
|
||||
new BooleanGuacamoleProperty() {
|
||||
|
||||
@Override
|
||||
public String getName() { return "http-auth-case-sensitive-usernames"; }
|
||||
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
@@ -20,13 +20,9 @@
|
||||
package org.apache.guacamole.auth.header.user;
|
||||
|
||||
import com.google.inject.Inject;
|
||||
import org.apache.guacamole.GuacamoleException;
|
||||
import org.apache.guacamole.auth.header.ConfigurationService;
|
||||
import org.apache.guacamole.net.auth.AbstractAuthenticatedUser;
|
||||
import org.apache.guacamole.net.auth.AuthenticationProvider;
|
||||
import org.apache.guacamole.net.auth.Credentials;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
/**
|
||||
* An HTTP header implementation of AuthenticatedUser, associating a
|
||||
@@ -34,11 +30,6 @@ import org.slf4j.LoggerFactory;
|
||||
* provider.
|
||||
*/
|
||||
public class AuthenticatedUser extends AbstractAuthenticatedUser {
|
||||
|
||||
/**
|
||||
* Logger for this class.
|
||||
*/
|
||||
private static final Logger LOGGER = LoggerFactory.getLogger(AuthenticatedUser.class);
|
||||
|
||||
/**
|
||||
* Reference to the authentication provider associated with this
|
||||
@@ -46,12 +37,6 @@ public class AuthenticatedUser extends AbstractAuthenticatedUser {
|
||||
*/
|
||||
@Inject
|
||||
private AuthenticationProvider authProvider;
|
||||
|
||||
/**
|
||||
* Service for retrieving header configuration information.
|
||||
*/
|
||||
@Inject
|
||||
private ConfigurationService confService;
|
||||
|
||||
/**
|
||||
* The credentials provided when this user was authenticated.
|
||||
@@ -72,19 +57,6 @@ public class AuthenticatedUser extends AbstractAuthenticatedUser {
|
||||
this.credentials = credentials;
|
||||
setIdentifier(username.toLowerCase());
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isCaseSensitive() {
|
||||
try {
|
||||
return confService.getCaseSensitiveUsernames();
|
||||
}
|
||||
catch (GuacamoleException e) {
|
||||
LOGGER.error("Error when trying to retrieve header configuration: {}."
|
||||
+ " Usernames comparison will be case-sensitive.", e);
|
||||
LOGGER.debug("Exception caught when retrieving header configuration.", e);
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public AuthenticationProvider getAuthenticationProvider() {
|
||||
|
||||
@@ -442,16 +442,5 @@ public class MySQLEnvironment extends JDBCEnvironment {
|
||||
true
|
||||
);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean getCaseSensitiveUsernames() throws GuacamoleException {
|
||||
|
||||
// Return the configured value for the property, or the global value.
|
||||
return getProperty(
|
||||
MySQLGuacamoleProperties.MYSQL_CASE_SENSITIVE_USERNAMES,
|
||||
super.getCaseSensitiveUsernames()
|
||||
);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -303,18 +303,4 @@ public class MySQLGuacamoleProperties {
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* A property used to configure whether or not usernames within the MySQL
|
||||
* JDBC module should be treated as case-sensitive. Be aware that MySQL's
|
||||
* default database collations do not do case-sensitive comparisons, so in
|
||||
* many cases they will effectively be case-insensitive.
|
||||
*/
|
||||
public static final BooleanGuacamoleProperty MYSQL_CASE_SENSITIVE_USERNAMES =
|
||||
new BooleanGuacamoleProperty() {
|
||||
|
||||
@Override
|
||||
public String getName() { return "mysql-case-sensitive-usernames"; }
|
||||
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
@@ -22,8 +22,6 @@ package org.apache.guacamole.auth.postgresql.conf;
|
||||
import java.io.File;
|
||||
import org.apache.guacamole.GuacamoleException;
|
||||
import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.apache.guacamole.auth.jdbc.security.PasswordPolicy;
|
||||
import org.apache.ibatis.session.SqlSession;
|
||||
|
||||
@@ -33,11 +31,6 @@ import org.apache.ibatis.session.SqlSession;
|
||||
*/
|
||||
public class PostgreSQLEnvironment extends JDBCEnvironment {
|
||||
|
||||
/**
|
||||
* Logger for this class.
|
||||
*/
|
||||
private static final Logger logger = LoggerFactory.getLogger(PostgreSQLEnvironment.class);
|
||||
|
||||
/**
|
||||
* The default host to connect to, if POSTGRESQL_HOSTNAME is not specified.
|
||||
*/
|
||||
@@ -398,20 +391,5 @@ public class PostgreSQLEnvironment extends JDBCEnvironment {
|
||||
PostgreSQLGuacamoleProperties.POSTGRESQL_ENFORCE_ACCESS_WINDOWS_FOR_ACTIVE_SESSIONS,
|
||||
true);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean getCaseSensitiveUsernames() throws GuacamoleException {
|
||||
|
||||
// By default, PostgreSQL does perform case-sensitive string comparisons.
|
||||
// Even though usernames are generally not case-sensitive across
|
||||
// most authenticaiton systems, we've elected to maintain case-
|
||||
// sensitivity in this module in order to avoid surprising anyone who
|
||||
// may be relying upon it.
|
||||
return getProperty(
|
||||
PostgreSQLGuacamoleProperties.POSTGRESQL_CASE_SENSITIVE_USERNAMES,
|
||||
super.getCaseSensitiveUsernames()
|
||||
);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -328,19 +328,5 @@ public class SQLServerEnvironment extends JDBCEnvironment {
|
||||
SQLServerGuacamoleProperties.SQLSERVER_TRUST_ALL_SERVER_CERTIFICATES,
|
||||
false);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean getCaseSensitiveUsernames() throws GuacamoleException {
|
||||
|
||||
// Get the configured or default value of the property.
|
||||
boolean caseSensitiveUsernames = getProperty(
|
||||
SQLServerGuacamoleProperties.SQLSERVER_CASE_SENSITIVE_USERNAMES,
|
||||
super.getCaseSensitiveUsernames()
|
||||
);
|
||||
|
||||
// Return as configured
|
||||
return caseSensitiveUsernames;
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -257,20 +257,5 @@ public class SQLServerGuacamoleProperties {
|
||||
public String getName() { return "sqlserver-trust-all-server-certificates"; }
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* A property used to configure whether or not usernames within the SQL
|
||||
* Server JDBC module should be treated as case-sensitive. While Guacamole
|
||||
* will treat usernames as case-sensitive by default, SQL Server's default
|
||||
* database collations do not do case-sensitive string comparisons, so in
|
||||
* many cases this will effectively result in case-insensitive usernames.
|
||||
*/
|
||||
public static final BooleanGuacamoleProperty SQLSERVER_CASE_SENSITIVE_USERNAMES =
|
||||
new BooleanGuacamoleProperty() {
|
||||
|
||||
@Override
|
||||
public String getName() { return "sqlserver-case-sensitive-usernames" ; }
|
||||
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
@@ -24,7 +24,6 @@ import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import org.apache.guacamole.GuacamoleException;
|
||||
import org.apache.guacamole.environment.Environment;
|
||||
import org.apache.guacamole.properties.BooleanGuacamoleProperty;
|
||||
import org.apache.guacamole.properties.ByteArrayProperty;
|
||||
import org.apache.guacamole.properties.StringGuacamoleProperty;
|
||||
|
||||
@@ -39,20 +38,6 @@ public class ConfigurationService {
|
||||
*/
|
||||
@Inject
|
||||
private Environment environment;
|
||||
|
||||
/**
|
||||
* A property used to configure whether or not usernames within the JSON
|
||||
* module should be treated as case-sensitive.
|
||||
*/
|
||||
private static final BooleanGuacamoleProperty JSON_CASE_SENSITIVE_USERNAMES =
|
||||
new BooleanGuacamoleProperty() {
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "json-case-sensitive-usernames";
|
||||
}
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* The encryption key to use for all decryption and signature verification.
|
||||
@@ -79,25 +64,6 @@ public class ConfigurationService {
|
||||
}
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* Returns true if the usernames provided to the JSON authentication
|
||||
* module should be treated as case-sensitive, or false if usernames
|
||||
* should be treated as case-insensitive. The default will be taken from
|
||||
* the global Guacamole configuration, which defaults to true, but
|
||||
* can be overridden for this extension.
|
||||
*
|
||||
* @return
|
||||
* true if usernames should be treated as case-sensitive, otherwise
|
||||
* false.
|
||||
*
|
||||
* @throws GuacamoleException
|
||||
* If guacamole.properties cannot be parsed.
|
||||
*/
|
||||
public boolean getCaseSensitiveUsernames() throws GuacamoleException {
|
||||
return environment.getProperty(JSON_CASE_SENSITIVE_USERNAMES,
|
||||
environment.getCaseSensitiveUsernames());
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the symmetric key which will be used to encrypt and sign all
|
||||
|
||||
@@ -20,8 +20,6 @@
|
||||
package org.apache.guacamole.auth.json.user;
|
||||
|
||||
import com.google.inject.Inject;
|
||||
import org.apache.guacamole.GuacamoleException;
|
||||
import org.apache.guacamole.auth.json.ConfigurationService;
|
||||
import org.apache.guacamole.net.auth.AbstractAuthenticatedUser;
|
||||
import org.apache.guacamole.net.auth.AuthenticationProvider;
|
||||
import org.apache.guacamole.net.auth.Credentials;
|
||||
@@ -46,13 +44,6 @@ public class AuthenticatedUser extends AbstractAuthenticatedUser {
|
||||
*/
|
||||
@Inject
|
||||
private AuthenticationProvider authProvider;
|
||||
|
||||
/**
|
||||
* Reference to the configuration service associated with this
|
||||
* authentication provider.
|
||||
*/
|
||||
@Inject
|
||||
private ConfigurationService confService;
|
||||
|
||||
/**
|
||||
* The credentials provided when this user was authenticated.
|
||||
@@ -82,19 +73,6 @@ public class AuthenticatedUser extends AbstractAuthenticatedUser {
|
||||
this.userData = userData;
|
||||
setIdentifier(userData.getUsername());
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isCaseSensitive() {
|
||||
try {
|
||||
return confService.getCaseSensitiveUsernames();
|
||||
}
|
||||
catch (GuacamoleException e) {
|
||||
LOGGER.error("Error when attempting to get the JSON configuration: {}. "
|
||||
+ "Username comparisons will be case-sensitive.", e.getMessage());
|
||||
LOGGER.debug("Exception caught while retrieving JSON configuration.", e);
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public AuthenticationProvider getAuthenticationProvider() {
|
||||
|
||||
@@ -223,10 +223,5 @@ public class ConnectedLDAPConfiguration implements LDAPConfiguration, AutoClosea
|
||||
public MemberAttributeType getMemberAttributeType() throws GuacamoleException {
|
||||
return config.getMemberAttributeType();
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean getCaseSensitiveUsernames() throws GuacamoleException {
|
||||
return config.getCaseSensitiveUsernames();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -19,7 +19,6 @@
|
||||
|
||||
package org.apache.guacamole.auth.ldap.conf;
|
||||
|
||||
import com.google.inject.Inject;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import org.apache.directory.api.ldap.model.filter.ExprNode;
|
||||
@@ -28,7 +27,6 @@ import org.apache.directory.api.ldap.model.message.AliasDerefMode;
|
||||
import org.apache.directory.api.ldap.model.name.Dn;
|
||||
import org.apache.guacamole.GuacamoleException;
|
||||
import org.apache.guacamole.GuacamoleServerException;
|
||||
import org.apache.guacamole.environment.Environment;
|
||||
|
||||
/**
|
||||
* LDAPConfiguration implementation that returns the default values for all
|
||||
@@ -36,12 +34,6 @@ import org.apache.guacamole.environment.Environment;
|
||||
* required (such as {@link #getUserBaseDN()}), an exception is thrown.
|
||||
*/
|
||||
public class DefaultLDAPConfiguration implements LDAPConfiguration {
|
||||
|
||||
/**
|
||||
* The environment in which Guacamole is running.
|
||||
*/
|
||||
@Inject
|
||||
private Environment environment;
|
||||
|
||||
@Override
|
||||
public String appliesTo(String username) {
|
||||
@@ -158,10 +150,5 @@ public class DefaultLDAPConfiguration implements LDAPConfiguration {
|
||||
throws GuacamoleException {
|
||||
return MemberAttributeType.DN;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean getCaseSensitiveUsernames() throws GuacamoleException {
|
||||
return environment.getCaseSensitiveUsernames();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -233,19 +233,5 @@ public class EnvironmentLDAPConfiguration implements LDAPConfiguration {
|
||||
DEFAULT.getMemberAttributeType()
|
||||
);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean getCaseSensitiveUsernames() throws GuacamoleException {
|
||||
|
||||
// Most LDAP directories do not factor in case when comparing usernames,
|
||||
// however, in order to avoid surprising anyone who may rely on this
|
||||
// behavior in Guacamole, this is currently defaulted the overall
|
||||
// Guacamole configuration (default of true), but can be over-ridden
|
||||
// for the LDAP extension specifically, if desired.
|
||||
return environment.getProperty(
|
||||
LDAPGuacamoleProperties.LDAP_CASE_SENSITIVE_USERNAMES,
|
||||
environment.getCaseSensitiveUsernames()
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -446,11 +446,5 @@ public class JacksonLDAPConfiguration implements LDAPConfiguration {
|
||||
return withDefault(LDAPGuacamoleProperties.LDAP_MEMBER_ATTRIBUTE_TYPE,
|
||||
memberAttributeType, defaultConfig::getMemberAttributeType);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean getCaseSensitiveUsernames() throws GuacamoleException {
|
||||
return withDefault(LDAPGuacamoleProperties.LDAP_CASE_SENSITIVE_USERNAMES,
|
||||
caseSensitiveUsernames, defaultConfig::getCaseSensitiveUsernames);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -333,21 +333,5 @@ public interface LDAPConfiguration {
|
||||
* retrieved.
|
||||
*/
|
||||
MemberAttributeType getMemberAttributeType() throws GuacamoleException;
|
||||
|
||||
/**
|
||||
* Returns true if the usernames provided to the LDAP authentication
|
||||
* module should be treated as case-sensitive, or false if usernames
|
||||
* should be treated as case-insensitive. The default is true, usernames
|
||||
* will be case-sensitive in keeping with the past behavior of Guacamole
|
||||
* prior to the addition of this option.
|
||||
*
|
||||
* @return
|
||||
* true if usernames should be treated as case-sensitive, otherwise
|
||||
* false.
|
||||
*
|
||||
* @throws GuacamoleException
|
||||
* If guacamole.properties cannot be parsed.
|
||||
*/
|
||||
boolean getCaseSensitiveUsernames() throws GuacamoleException;
|
||||
|
||||
}
|
||||
|
||||
@@ -306,17 +306,5 @@ public class LDAPGuacamoleProperties {
|
||||
public String getName() { return "ldap-member-attribute-type"; }
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* A property used to configure whether or not usernames within the LDAP
|
||||
* module should be treated as case-sensitive.
|
||||
*/
|
||||
public static final BooleanGuacamoleProperty LDAP_CASE_SENSITIVE_USERNAMES =
|
||||
new BooleanGuacamoleProperty() {
|
||||
|
||||
@Override
|
||||
public String getName() { return "ldap-case-sensitive-usernames"; }
|
||||
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
@@ -29,8 +29,6 @@ import org.apache.guacamole.auth.ldap.ConnectedLDAPConfiguration;
|
||||
import org.apache.guacamole.net.auth.AbstractAuthenticatedUser;
|
||||
import org.apache.guacamole.net.auth.AuthenticationProvider;
|
||||
import org.apache.guacamole.net.auth.Credentials;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
/**
|
||||
* An LDAP-specific implementation of AuthenticatedUser, associating a
|
||||
@@ -38,11 +36,6 @@ import org.slf4j.LoggerFactory;
|
||||
*/
|
||||
public class LDAPAuthenticatedUser extends AbstractAuthenticatedUser {
|
||||
|
||||
/**
|
||||
* The logger for this class.
|
||||
*/
|
||||
private static final Logger LOGGER = LoggerFactory.getLogger(LDAPAuthenticatedUser.class);
|
||||
|
||||
/**
|
||||
* Reference to the authentication provider associated with this
|
||||
* authenticated user.
|
||||
@@ -143,23 +136,6 @@ public class LDAPAuthenticatedUser extends AbstractAuthenticatedUser {
|
||||
return config;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isCaseSensitive() {
|
||||
try {
|
||||
return config.getCaseSensitiveUsernames();
|
||||
}
|
||||
catch (GuacamoleException e) {
|
||||
// LDAP authentication is almost universally case-insensitive,
|
||||
// however, we're maintaining case-sensitivity within Guacamole
|
||||
// at the moment in order to avoid surprising anyone with this change.
|
||||
// Case-sensitivity can be disabled as a configuration option.
|
||||
LOGGER.error("Error retrieving configuration for username case-sensitivity: {}. "
|
||||
+ "Username comparisons will be done case-sensitively.", e.getMessage());
|
||||
LOGGER.debug("Caught exception when retrieving case-sensitivity configuration.", e);
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public AuthenticationProvider getAuthenticationProvider() {
|
||||
return authProvider;
|
||||
|
||||
@@ -362,26 +362,5 @@ public class ConfigurationService {
|
||||
throw new GuacamoleServerException("Unknown host specified for NAS IP.", e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns true if the usernames provided to the RADIUS authentication
|
||||
* module should be treated as case-sensitive, or false if usernames
|
||||
* should be treated as case-insensitive. The default value is read from
|
||||
* Guacamole's global configuration, which defaults to true, but can be
|
||||
* overridden for the RADIUS extension, if desired.
|
||||
*
|
||||
* @return
|
||||
* true if usernames should be treated as case-sensitive, otherwise
|
||||
* false.
|
||||
*
|
||||
* @throws GuacamoleException
|
||||
* If guacamole.properties cannot be parsed.
|
||||
*/
|
||||
public boolean getCaseSensitiveUsernames() throws GuacamoleException {
|
||||
return environment.getProperty(
|
||||
RadiusGuacamoleProperties.RADIUS_CASE_SENSITIVE_USERNAMES,
|
||||
environment.getCaseSensitiveUsernames()
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -204,18 +204,5 @@ public class RadiusGuacamoleProperties {
|
||||
public String getName() { return "radius-nas-ip"; }
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* A property used to configure whether or not usernames within the RADIUS
|
||||
* module should be treated as case-sensitive.
|
||||
*/
|
||||
public static final BooleanGuacamoleProperty RADIUS_CASE_SENSITIVE_USERNAMES =
|
||||
new BooleanGuacamoleProperty() {
|
||||
|
||||
@Override
|
||||
public String getName() { return "radius-case-sensitive-usernames"; }
|
||||
|
||||
};
|
||||
|
||||
|
||||
}
|
||||
|
||||
@@ -63,7 +63,7 @@ public class AuthenticatedUser extends AbstractAuthenticatedUser {
|
||||
*/
|
||||
public void init(Credentials credentials) {
|
||||
this.credentials = credentials;
|
||||
setIdentifier(credentials.getUsername().toLowerCase());
|
||||
setIdentifier(credentials.getUsername());
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -75,18 +75,5 @@ public class AuthenticatedUser extends AbstractAuthenticatedUser {
|
||||
public Credentials getCredentials() {
|
||||
return credentials;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isCaseSensitive() {
|
||||
try {
|
||||
return confService.getCaseSensitiveUsernames();
|
||||
}
|
||||
catch (GuacamoleException e) {
|
||||
LOGGER.error("Error retrieving configuration for username case sensiivity. "
|
||||
+ "Usernames will be processed as case-sensitive.");
|
||||
LOGGER.debug("Exception caught while retrieving RADIUS configuration.", e);
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -23,13 +23,9 @@ import com.google.inject.Inject;
|
||||
import java.util.Collections;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import org.apache.guacamole.GuacamoleException;
|
||||
import org.apache.guacamole.environment.Environment;
|
||||
import org.apache.guacamole.net.auth.AbstractAuthenticatedUser;
|
||||
import org.apache.guacamole.net.auth.AuthenticationProvider;
|
||||
import org.apache.guacamole.net.auth.Credentials;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
/**
|
||||
* An AuthenticatedUser whose identity has been supplied by an arbitrary SSO
|
||||
@@ -38,11 +34,6 @@ import org.slf4j.LoggerFactory;
|
||||
* by that user.
|
||||
*/
|
||||
public class SSOAuthenticatedUser extends AbstractAuthenticatedUser {
|
||||
|
||||
/**
|
||||
* Logger for this class.
|
||||
*/
|
||||
private static final Logger LOGGER = LoggerFactory.getLogger(SSOAuthenticatedUser.class);
|
||||
|
||||
/**
|
||||
* Reference to the authentication provider associated with this
|
||||
@@ -50,12 +41,6 @@ public class SSOAuthenticatedUser extends AbstractAuthenticatedUser {
|
||||
*/
|
||||
@Inject
|
||||
private AuthenticationProvider authProvider;
|
||||
|
||||
/**
|
||||
* The environment in which this instance of Guacamole is running.
|
||||
*/
|
||||
@Inject
|
||||
private Environment environment;
|
||||
|
||||
/**
|
||||
* The credentials provided when this user was authenticated.
|
||||
@@ -127,22 +112,5 @@ public class SSOAuthenticatedUser extends AbstractAuthenticatedUser {
|
||||
public Set<String> getEffectiveUserGroups() {
|
||||
return effectiveGroups;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isCaseSensitive() {
|
||||
try {
|
||||
return environment.getCaseSensitiveUsernames();
|
||||
}
|
||||
catch (GuacamoleException e) {
|
||||
// Most SSO systems do not consider usernames to be case-sensitive;
|
||||
// however, in order to avoid any surprises created by the introduction
|
||||
// of case-sensitivity, we've opted to continue to evaluate these
|
||||
// usernames in a case-sensitive manner by default.
|
||||
LOGGER.error("Error occurred when trying to retrieve case-sensitivity configuration: {}. "
|
||||
+ "Usernames comparisons will be done in a case-sensitive manner.", e.getMessage());
|
||||
LOGGER.debug("Exception caught when trying to access the case-sensitivity property.", e);
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -19,7 +19,6 @@
|
||||
|
||||
package org.apache.guacamole.auth.cas.conf;
|
||||
|
||||
import org.apache.guacamole.GuacamoleException;
|
||||
import org.apache.guacamole.environment.DelegatingEnvironment;
|
||||
import org.apache.guacamole.environment.LocalEnvironment;
|
||||
|
||||
@@ -37,17 +36,4 @@ public class CASEnvironment extends DelegatingEnvironment {
|
||||
super(LocalEnvironment.getInstance());
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean getCaseSensitiveUsernames() throws GuacamoleException {
|
||||
|
||||
// While most SSO systems do not consider usernames case-sensitive,
|
||||
// this defaults to the global Guacamole configuration, which defaults
|
||||
// to true, in order to avoid surprising or breaking environments that
|
||||
// may rely on this behavior. This can be overridden for the entire
|
||||
// Guacamole instance or for this extension.
|
||||
return getProperty(CASGuacamoleProperties.CAS_CASE_SENSITIVE_USERNAMES,
|
||||
super.getCaseSensitiveUsernames());
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -20,7 +20,6 @@
|
||||
package org.apache.guacamole.auth.cas.conf;
|
||||
|
||||
import org.apache.guacamole.auth.cas.group.GroupFormat;
|
||||
import org.apache.guacamole.properties.BooleanGuacamoleProperty;
|
||||
import org.apache.guacamole.properties.EnumGuacamoleProperty;
|
||||
import org.apache.guacamole.properties.URIGuacamoleProperty;
|
||||
import org.apache.guacamole.properties.StringGuacamoleProperty;
|
||||
@@ -118,17 +117,5 @@ public class CASGuacamoleProperties {
|
||||
public String getName() { return "cas-group-ldap-attribute"; }
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* A property used to configure whether or not usernames within the CAS SSO
|
||||
* module should be treated as case-sensitive.
|
||||
*/
|
||||
public static final BooleanGuacamoleProperty CAS_CASE_SENSITIVE_USERNAMES =
|
||||
new BooleanGuacamoleProperty() {
|
||||
|
||||
@Override
|
||||
public String getName() { return "cas-case-sensitive-usernames"; }
|
||||
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
@@ -26,7 +26,6 @@ import java.util.Collections;
|
||||
import java.util.List;
|
||||
import org.apache.guacamole.GuacamoleException;
|
||||
import org.apache.guacamole.environment.Environment;
|
||||
import org.apache.guacamole.properties.BooleanGuacamoleProperty;
|
||||
import org.apache.guacamole.properties.IntegerGuacamoleProperty;
|
||||
import org.apache.guacamole.properties.StringGuacamoleProperty;
|
||||
import org.apache.guacamole.properties.URIGuacamoleProperty;
|
||||
@@ -220,18 +219,6 @@ public class ConfigurationService {
|
||||
public String getName() { return "openid-redirect-uri"; }
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* A property used to configure whether or not usernames within the OpenID
|
||||
* SSO module should be treated as case-sensitive.
|
||||
*/
|
||||
public static final BooleanGuacamoleProperty OPENID_CASE_SENSITIVE_USERNAMES =
|
||||
new BooleanGuacamoleProperty() {
|
||||
|
||||
@Override
|
||||
public String getName() { return "openid-case-sensitive-usernames"; }
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* The Guacamole server environment.
|
||||
|
||||
@@ -19,7 +19,6 @@
|
||||
|
||||
package org.apache.guacamole.auth.openid.conf;
|
||||
|
||||
import org.apache.guacamole.GuacamoleException;
|
||||
import org.apache.guacamole.environment.DelegatingEnvironment;
|
||||
import org.apache.guacamole.environment.LocalEnvironment;
|
||||
|
||||
@@ -37,17 +36,4 @@ public class OpenIDEnvironment extends DelegatingEnvironment {
|
||||
super(LocalEnvironment.getInstance());
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean getCaseSensitiveUsernames() throws GuacamoleException {
|
||||
|
||||
// While most SSO systems do not consider usernames case-sensitive,
|
||||
// this defaults to the global Guacamole configuration, which defaults
|
||||
// to true, in order to avoid surprising or breaking environments that
|
||||
// may rely on this behavior. This can be overridden for the entire
|
||||
// Guacamole instance or for this extension.
|
||||
return getProperty(ConfigurationService.OPENID_CASE_SENSITIVE_USERNAMES,
|
||||
super.getCaseSensitiveUsernames());
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -189,18 +189,6 @@ public class ConfigurationService {
|
||||
public String getName() { return "saml-private-key-path"; }
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* A property used to configure whether or not usernames within the SAML SSO
|
||||
* module should be treated as case-sensitive.
|
||||
*/
|
||||
public static final BooleanGuacamoleProperty SAML_CASE_SENSITIVE_USERNAMES =
|
||||
new BooleanGuacamoleProperty() {
|
||||
|
||||
@Override
|
||||
public String getName() { return "saml-case-sensitive-usernames"; }
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* The Guacamole server environment.
|
||||
|
||||
@@ -19,7 +19,6 @@
|
||||
|
||||
package org.apache.guacamole.auth.saml.conf;
|
||||
|
||||
import org.apache.guacamole.GuacamoleException;
|
||||
import org.apache.guacamole.environment.DelegatingEnvironment;
|
||||
import org.apache.guacamole.environment.LocalEnvironment;
|
||||
|
||||
@@ -37,17 +36,4 @@ public class SAMLEnvironment extends DelegatingEnvironment {
|
||||
super(LocalEnvironment.getInstance());
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean getCaseSensitiveUsernames() throws GuacamoleException {
|
||||
|
||||
// While most SSO systems do not consider usernames case-sensitive,
|
||||
// this defaults to the global Guacamole configuration, which defaults
|
||||
// to true, in order to avoid surprising or breaking environments that
|
||||
// may rely on this behavior. This can be overridden for the entire
|
||||
// Guacamole instance or for this extension.
|
||||
return getProperty(ConfigurationService.SAML_CASE_SENSITIVE_USERNAMES,
|
||||
super.getCaseSensitiveUsernames());
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -187,18 +187,6 @@ public class ConfigurationService {
|
||||
public String getName() { return "ssl-max-domain-validity"; }
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* A property used to configure whether or not usernames within the SSL SSO
|
||||
* module should be treated as case-sensitive.
|
||||
*/
|
||||
public static final BooleanGuacamoleProperty SSL_CASE_SENSITIVE_USERNAMES =
|
||||
new BooleanGuacamoleProperty() {
|
||||
|
||||
@Override
|
||||
public String getName() { return "ssl-case-sensitive-usernames"; }
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* The Guacamole server environment.
|
||||
|
||||
@@ -37,17 +37,4 @@ public class SSLEnvironment extends DelegatingEnvironment {
|
||||
super(LocalEnvironment.getInstance());
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean getCaseSensitiveUsernames() throws GuacamoleException {
|
||||
|
||||
// While most SSO systems do not consider usernames case-sensitive,
|
||||
// this defaults to the global Guacamole configuration, which defaults
|
||||
// to true, in order to avoid surprising or breaking environments that
|
||||
// may rely on this behavior. This can be overridden for the entire
|
||||
// Guacamole instance or for this extension.
|
||||
return getProperty(ConfigurationService.SSL_CASE_SENSITIVE_USERNAMES,
|
||||
super.getCaseSensitiveUsernames());
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user