safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 13:17:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Simplify authentication code.

Browse Source
This commit is contained in:
Michael Jumper
2013-08-07 15:11:06 -07:00
parent c325f443a5
commit e7911bc63a
1 changed files with 28 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
guacamole/src/main/java/net/sourceforge/guacamole/net/basic/AuthenticatingHttpServlet.java
View File

@@ -157,17 +157,6 @@ public abstract class AuthenticatingHttpServlet extends HttpServlet {
}
/**
* Sends a predefined, generic error message to the user, along with a
* "403 - Forbidden" HTTP status code in the response.
*
* @param response The response to send the error within.
* @throws IOException If an error occurs while sending the error.
*/
private void failAuthentication(HttpServletResponse response) throws IOException {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
}
/**
* Sends an error on the given HTTP response with the given integer error
* code.
@@ -226,36 +215,20 @@ public abstract class AuthenticatingHttpServlet extends HttpServlet {
HttpSession httpSession = request.getSession(true);
SessionListenerCollection listeners;
try {
listeners = new SessionListenerCollection(httpSession);
}
catch (GuacamoleException e) {
logger.error("Failed to retrieve listeners. Authentication canceled.", e);
failAuthentication(response);
return;
}
// Build credentials object
Credentials credentials = new Credentials();
credentials.setSession(httpSession);
credentials.setRequest(request);
// Try to get user context from session
UserContext context = getUserContext(httpSession);
try {
SessionListenerCollection listeners = new SessionListenerCollection(httpSession);
// If no cached context, attempt to get new context
UserContext context = getUserContext(httpSession);
if (context == null) {
try {
context = authProvider.getUserContext(credentials);
}
// Log any authentication errors
catch (GuacamoleException e) {
logger.error("Error retrieving context for user \"{}\".",
credentials.getUsername(), e);
}
// If successful, log success and notify listeners
if (context != null) {
@@ -264,38 +237,18 @@ public abstract class AuthenticatingHttpServlet extends HttpServlet {
logger.info("User \"{}\" successfully authenticated from {}.",
context.self().getUsername(), request.getRemoteAddr());
// Notify any listeners of success, cancel if requested
try {
if (!notifySuccess(listeners, context, credentials)) {
logger.info("Successful authentication canceled by hook.");
context = null;
}
}
// Cancel authentication success if hook throws exception
catch (GuacamoleException e) {
logger.error("Successful authentication canceled by error in hook.", e);
context = null;
}
} // end if auth success
} // end if no cached context
}
// Otherwise, update existing context
else {
try {
else
context = authProvider.updateUserContext(context, credentials);
}
// If error updating context, fail authentication, notify listeners
catch (GuacamoleException e) {
logger.error("Error updating context for user \"{}\".",
context.self().getUsername(), e);
}
} // end if cached context
// If no context, fail authentication, notify listeners
if (context == null) {
@@ -303,15 +256,14 @@ public abstract class AuthenticatingHttpServlet extends HttpServlet {
request.getRemoteAddr(), credentials.getUsername());
notifyFailed(listeners, credentials);
failAuthentication(response);
sendError(response, HttpServletResponse.SC_FORBIDDEN,
"Permission denied.");
return;
}
// Associate context and credentials with session
// Associate (possibly updated) context with session
httpSession.setAttribute(CONTEXT_ATTRIBUTE, context);
try {
// Allow servlet to run now that authentication has been validated
authenticatedService(context, request, response);