diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/AuthenticationProviderService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/AuthenticationProviderService.java index 625006bbc..915c41722 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/AuthenticationProviderService.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/AuthenticationProviderService.java @@ -81,4 +81,36 @@ public interface AuthenticationProviderService { public UserContext getUserContext(AuthenticationProvider authenticationProvider, AuthenticatedUser authenticatedUser) throws GuacamoleException; + /** + * Returns an updated UserContext instance for the given + * already-authenticated user. If no changes need be made to the + * UserContext, the original UserContext will be returned. + * + * @param authenticationProvider + * The AuthenticationProvider on behalf of which the UserContext is + * being updated. + * + * @param context + * The UserContext to update. + * + * @param authenticatedUser + * The AuthenticatedUser associated with the UserContext being updated. + * + * @param credentials + * The credentials most recently submitted by the user. These + * credentials are not guaranteed to be the same as the credentials + * already associated with the AuthenticatedUser. + * + * @return + * A new UserContext instance for the user identified by the given + * credentials. + * + * @throws GuacamoleException + * If an error occurs during authentication, or if the given + * credentials are invalid or expired. + */ + public UserContext updateUserContext(AuthenticationProvider authenticationProvider, + UserContext context, AuthenticatedUser authenticatedUser, + Credentials credentials) throws GuacamoleException; + } diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/InjectedAuthenticationProvider.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/InjectedAuthenticationProvider.java index 92dc09874..08defc22e 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/InjectedAuthenticationProvider.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/InjectedAuthenticationProvider.java @@ -97,10 +97,8 @@ public abstract class InjectedAuthenticationProvider implements AuthenticationPr public UserContext updateUserContext(UserContext context, AuthenticatedUser authenticatedUser, Credentials credentials) throws GuacamoleException { - - // No need to update the context - return context; - + return authProviderService.updateUserContext(this, context, + authenticatedUser, credentials); } } diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java index a362e81fa..20e2f0969 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java @@ -28,6 +28,7 @@ import org.apache.guacamole.auth.jdbc.user.UserService; import org.apache.guacamole.net.auth.AuthenticatedUser; import org.apache.guacamole.net.auth.AuthenticationProvider; import org.apache.guacamole.net.auth.Credentials; +import org.apache.guacamole.net.auth.UserContext; import org.apache.guacamole.net.auth.credentials.CredentialsInfo; import org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException; @@ -82,4 +83,14 @@ public class JDBCAuthenticationProviderService implements AuthenticationProvider } + @Override + public UserContext updateUserContext(AuthenticationProvider authenticationProvider, + UserContext context, AuthenticatedUser authenticatedUser, + Credentials credentials) throws GuacamoleException { + + // No need to update the context + return context; + + } + } diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/ConnectionSharingService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/ConnectionSharingService.java index 4c5877fc5..45951ec1e 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/ConnectionSharingService.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/ConnectionSharingService.java @@ -129,6 +129,29 @@ public class ConnectionSharingService { } + /** + * Returns the share key contained within the given credentials. If there is + * no such share key, null is returned. + * + * @param credentials + * The credentials from which the share key should be retrieved. + * + * @return + * The share key contained within the given credentials, or null if + * the credentials do not contain a share key. + */ + public String getShareKey(Credentials credentials) { + + // Pull associated HTTP request + HttpServletRequest request = credentials.getRequest(); + if (request == null) + return null; + + // Retrieve the share key from the request + return request.getParameter(SHARE_KEY_NAME); + + } + /** * Returns a SharedAuthenticatedUser if the given credentials contain a * valid share key. The returned user will be associated with the single @@ -151,18 +174,9 @@ public class ConnectionSharingService { public SharedAuthenticatedUser retrieveSharedConnectionUser( AuthenticationProvider authProvider, Credentials credentials) { - // Pull associated HTTP request - HttpServletRequest request = credentials.getRequest(); - if (request == null) - return null; - - // Retrieve the share key from the request - String shareKey = request.getParameter(ConnectionSharingService.SHARE_KEY_NAME); - if (shareKey == null) - return null; - // Validate the share key - if (connectionMap.get(shareKey) == null) + String shareKey = getShareKey(credentials); + if (shareKey == null || connectionMap.get(shareKey) == null) return null; // Return temporary in-memory user diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SharedAuthenticationProviderService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SharedAuthenticationProviderService.java index ddcd92901..086b4324c 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SharedAuthenticationProviderService.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SharedAuthenticationProviderService.java @@ -28,6 +28,7 @@ import org.apache.guacamole.auth.jdbc.sharing.user.SharedUserContext; import org.apache.guacamole.net.auth.AuthenticatedUser; import org.apache.guacamole.net.auth.AuthenticationProvider; import org.apache.guacamole.net.auth.Credentials; +import org.apache.guacamole.net.auth.UserContext; import org.apache.guacamole.net.auth.credentials.CredentialsInfo; import org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException; @@ -94,4 +95,20 @@ public class SharedAuthenticationProviderService implements AuthenticationProvid } + @Override + public UserContext updateUserContext(AuthenticationProvider authenticationProvider, + UserContext context, AuthenticatedUser authenticatedUser, + Credentials credentials) throws GuacamoleException { + + // Retrieve the share key from the request + String shareKey = sharingService.getShareKey(credentials); + + // Update the user context with the share key, if given + if (shareKey != null) + ((SharedUserContext) context).registerShareKey(shareKey); + + return context; + + } + }