From b574a33cfd565fc962f691e8a28dace50f24fa36 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 17 Aug 2011 09:42:40 -0700 Subject: [PATCH 01/95] Initial commit --- guacamole-ext/.gitignore | 2 + guacamole-ext/COPYING | 661 ++++++++++++++++++ guacamole-ext/pom.xml | 54 ++ .../net/auth/AuthenticationProvider.java | 12 + .../guacamole/net/auth/UsernamePassword.java | 24 + 5 files changed, 753 insertions(+) create mode 100644 guacamole-ext/.gitignore create mode 100644 guacamole-ext/COPYING create mode 100644 guacamole-ext/pom.xml create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UsernamePassword.java diff --git a/guacamole-ext/.gitignore b/guacamole-ext/.gitignore new file mode 100644 index 000000000..42f4a1a64 --- /dev/null +++ b/guacamole-ext/.gitignore @@ -0,0 +1,2 @@ +target/ +*~ diff --git a/guacamole-ext/COPYING b/guacamole-ext/COPYING new file mode 100644 index 000000000..dba13ed2d --- /dev/null +++ b/guacamole-ext/COPYING @@ -0,0 +1,661 @@ + GNU AFFERO GENERAL PUBLIC LICENSE + Version 3, 19 November 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU Affero General Public License is a free, copyleft license for +software and other kinds of works, specifically designed to ensure +cooperation with the community in the case of network server software. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +our General Public Licenses are intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + Developers that use our General Public Licenses protect your rights +with two steps: (1) assert copyright on the software, and (2) offer +you this License which gives you legal permission to copy, distribute +and/or modify the software. + + A secondary benefit of defending all users' freedom is that +improvements made in alternate versions of the program, if they +receive widespread use, become available for other developers to +incorporate. Many developers of free software are heartened and +encouraged by the resulting cooperation. However, in the case of +software used on network servers, this result may fail to come about. +The GNU General Public License permits making a modified version and +letting the public access it on a server without ever releasing its +source code to the public. + + The GNU Affero General Public License is designed specifically to +ensure that, in such cases, the modified source code becomes available +to the community. It requires the operator of a network server to +provide the source code of the modified version running there to the +users of that server. Therefore, public use of a modified version, on +a publicly accessible server, gives the public access to the source +code of the modified version. + + An older license, called the Affero General Public License and +published by Affero, was designed to accomplish similar goals. This is +a different license, not a version of the Affero GPL, but Affero has +released a new version of the Affero GPL which permits relicensing under +this license. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU Affero General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Remote Network Interaction; Use with the GNU General Public License. + + Notwithstanding any other provision of this License, if you modify the +Program, your modified version must prominently offer all users +interacting with it remotely through a computer network (if your version +supports such interaction) an opportunity to receive the Corresponding +Source of your version by providing access to the Corresponding Source +from a network server at no charge, through some standard or customary +means of facilitating copying of software. This Corresponding Source +shall include the Corresponding Source for any work covered by version 3 +of the GNU General Public License that is incorporated pursuant to the +following paragraph. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the work with which it is combined will remain governed by version +3 of the GNU General Public License. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU Affero General Public License from time to time. Such new versions +will be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU Affero General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU Affero General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU Affero General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see . + +Also add information on how to contact you by electronic and paper mail. + + If your software can interact with users remotely through a computer +network, you should also make sure that it provides a way for users to +get its source. For example, if your program is a web application, its +interface could display a "Source" link that leads users to an archive +of the code. There are many ways you could offer source, and different +solutions will be better for different programs; see section 13 for the +specific requirements. + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU AGPL, see +. diff --git a/guacamole-ext/pom.xml b/guacamole-ext/pom.xml new file mode 100644 index 000000000..6b50248da --- /dev/null +++ b/guacamole-ext/pom.xml @@ -0,0 +1,54 @@ + + + 4.0.0 + net.sourceforge.guacamole + guacamole-common-auth + jar + 0.5.0 + guacamole-common-auth + http://guacamole.sourceforge.net/ + + + UTF-8 + + + + + + + + org.apache.maven.plugins + maven-compiler-plugin + + 1.6 + 1.6 + + + + + + + + + + + net.sourceforge.guacamole + guacamole-common + 0.4.0 + compile + + + + + + + + + guac-dev + http://guac-dev.org/repo + + + + + diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java new file mode 100644 index 000000000..ce197a9af --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java @@ -0,0 +1,12 @@ + +package net.sourceforge.guacamole.net.auth; + +import java.util.Map; +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; + +public interface AuthenticationProvider { + + public Map getAuthorizedConfigurations(CredentialType credentials) throws GuacamoleException; + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UsernamePassword.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UsernamePassword.java new file mode 100644 index 000000000..0322bb20c --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UsernamePassword.java @@ -0,0 +1,24 @@ +package net.sourceforge.guacamole.net.auth; + +public class UsernamePassword { + + private String username; + private String password; + + public String getPassword() { + return password; + } + + public void setPassword(String password) { + this.password = password; + } + + public String getUsername() { + return username; + } + + public void setUsername(String username) { + this.username = username; + } + +} From aae7c8674f77b9f9372f60c76fcd40c6dce9409e Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Fri, 4 Nov 2011 15:20:22 -0700 Subject: [PATCH 02/95] Bumped versions to 0.5.0. --- guacamole-ext/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/guacamole-ext/pom.xml b/guacamole-ext/pom.xml index 6b50248da..730f9fad9 100644 --- a/guacamole-ext/pom.xml +++ b/guacamole-ext/pom.xml @@ -35,7 +35,7 @@ net.sourceforge.guacamole guacamole-common - 0.4.0 + 0.5.0 compile From 4e33e1c9a7774168e0446c648dd8e1c71143e56d Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sun, 18 Dec 2011 14:56:49 -0800 Subject: [PATCH 03/95] Added changelog --- guacamole-ext/ChangeLog | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 guacamole-ext/ChangeLog diff --git a/guacamole-ext/ChangeLog b/guacamole-ext/ChangeLog new file mode 100644 index 000000000..2a7c11190 --- /dev/null +++ b/guacamole-ext/ChangeLog @@ -0,0 +1,4 @@ +2011-12-11 Michael Jumper + + * Initial release + From 6cd150a2a03de53229ca4f20fa7b912cdeb5ab44 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sun, 18 Dec 2011 14:57:05 -0800 Subject: [PATCH 04/95] Added README --- guacamole-ext/README | 79 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 79 insertions(+) create mode 100644 guacamole-ext/README diff --git a/guacamole-ext/README b/guacamole-ext/README new file mode 100644 index 000000000..3bb3cefaa --- /dev/null +++ b/guacamole-ext/README @@ -0,0 +1,79 @@ + +------------------------------------------------------------ + About this README +------------------------------------------------------------ + +This README is intended to provide quick and to-the-point documentation for +technical users intending to compile parts of Guacamole themselves. + +Distribution-specific packages are available from the files section of the main +project page: + + http://sourceforge.net/projects/guacamole/files/ + +Distribution-specific documentation is provided on the Guacamole wiki: + + http://guac-dev.org/ + + +------------------------------------------------------------ + What is guacamole-common-auth? +------------------------------------------------------------ + +guacamole-common-auth is a Java library used by the Guacamole web +application to allow its built-in authentication to be extended or +modified and reused. + +guacamole-common-auth provides an interface for retrieving a set of +authorized connection configurations for a given set of arbitrary +credentials. Classes implementing this interface can be referenced in +guacamole.properties to allow different authentication mechanisms +(such as LDAP) to be used. + + +------------------------------------------------------------ + Compiling and installing guacamole-common-auth +------------------------------------------------------------ + +guacamole-common-auth is built using Maven. Building guacamole-common-auth +compiles all classes and packages them into a redistributable .jar file. This +.jar file can be easily included in other Maven-based projects (like Guacamole). + +Note that prebuilt versions of guacamole-common-auth are available from the +main guac-dev.org Maven repository which is referenced in all Maven +projects in Guacamole. Unless you want to make changes to guacamole-common-auth +or you want to use a newer, unreleased version (such as the unstable branch), +you do not need to build this manually. You can let Maven download it for +you when you build Guacamole. + +1) Run mvn package + + $ mvn package + + Maven will download any needed dependencies for building the .jar file. + Once all dependencies have been downloaded, the .jar file will be + created in the target/ subdirectory of the current directory. + +2) Run mvn install + + $ mvn install + + DO NOT RUN THIS AS ROOT! + + Maven will install guacamole-common-auth to your user's local Maven + repository where it can be used in future builds. It will not install + into a system-wide repository and does not require root privileges. + + Once installed, building other Maven projects that depend on + guacamole-common-auth (such as Guacamole) will be possible. + + +------------------------------------------------------------ + Reporting problems +------------------------------------------------------------ + +Please report any bugs encountered by opening a new ticket at the Trac system +hosted at: + + http://guac-dev.org/trac/ + From e6818a551fdb5b5d4d6658bf85c1e46b1350e758 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sun, 18 Dec 2011 20:15:28 -0800 Subject: [PATCH 05/95] Added JavaDoc. --- .../net/auth/AuthenticationProvider.java | 60 +++++++++++++++- .../guacamole/net/auth/UsernamePassword.java | 70 +++++++++++++++++++ 2 files changed, 129 insertions(+), 1 deletion(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java index ce197a9af..847a76b52 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java @@ -1,12 +1,70 @@ package net.sourceforge.guacamole.net.auth; +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-common. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + import java.util.Map; import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; +/** + * Provides means of retrieving a set of named GuacamoleConfigurations for a + * given arbitrary credentials object. + * + * @author Michael Jumper + * @param The type to use as credentials for determining which + * configurations are authorized. + */ public interface AuthenticationProvider { - public Map getAuthorizedConfigurations(CredentialType credentials) throws GuacamoleException; + /** + * Given an arbitrary credentials object, returns a Map containing all + * configurations authorized by those credentials. The keys of this Map + * are Strings which uniquely identify each configuration. + * + * @param credentials The credentials to use to retrieve authorized + * configurations. + * @return A Map of all configurations authorized by the given credentials. + * @throws GuacamoleException If an error occurs while retrieving + * configurations, or the credentials given + * are invalid. + */ + public Map + getAuthorizedConfigurations(CredentialType credentials) + throws GuacamoleException; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UsernamePassword.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UsernamePassword.java index 0322bb20c..b5eceeace 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UsernamePassword.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UsernamePassword.java @@ -1,22 +1,92 @@ package net.sourceforge.guacamole.net.auth; +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-common. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +/** + * Simple class containing username and password Strings. This class can be + * used along with AuthenticationProvider to provide username/password + * authentication. + * + * @author Michael Jumper + */ public class UsernamePassword { + /** + * An arbitrary username. + */ private String username; + + /** + * An arbitrary password. + */ private String password; + /** + * Returns the password associated with this username/password pair. + * @return The password associated with this username/password pair, or + * null if no password has been set. + */ public String getPassword() { return password; } + /** + * Sets the password associated with this username/password pair. + * @param password The password to associate with this username/password + * pair. + */ public void setPassword(String password) { this.password = password; } + /** + * Returns the username associated with this username/password pair. + * @return The username associated with this username/password pair, or + * null if no username has been set. + */ public String getUsername() { return username; } + /** + * Sets the username associated with this username/password pair. + * @param username The username to associate with this username/password + * pair. + */ public void setUsername(String username) { this.username = username; } From 76b6f2af0555d7d62e833d9c853763f95180254e Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sun, 18 Dec 2011 21:32:46 -0800 Subject: [PATCH 06/95] Relicensed, fixed comments. --- guacamole-ext/COPYING | 661 ------------------ guacamole-ext/LICENSE | 470 +++++++++++++ .../net/auth/AuthenticationProvider.java | 2 +- .../guacamole/net/auth/UsernamePassword.java | 2 +- 4 files changed, 472 insertions(+), 663 deletions(-) delete mode 100644 guacamole-ext/COPYING create mode 100644 guacamole-ext/LICENSE diff --git a/guacamole-ext/COPYING b/guacamole-ext/COPYING deleted file mode 100644 index dba13ed2d..000000000 --- a/guacamole-ext/COPYING +++ /dev/null @@ -1,661 +0,0 @@ - GNU AFFERO GENERAL PUBLIC LICENSE - Version 3, 19 November 2007 - - Copyright (C) 2007 Free Software Foundation, Inc. - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The GNU Affero General Public License is a free, copyleft license for -software and other kinds of works, specifically designed to ensure -cooperation with the community in the case of network server software. - - The licenses for most software and other practical works are designed -to take away your freedom to share and change the works. By contrast, -our General Public Licenses are intended to guarantee your freedom to -share and change all versions of a program--to make sure it remains free -software for all its users. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -them if you wish), that you receive source code or can get it if you -want it, that you can change the software or use pieces of it in new -free programs, and that you know you can do these things. - - Developers that use our General Public Licenses protect your rights -with two steps: (1) assert copyright on the software, and (2) offer -you this License which gives you legal permission to copy, distribute -and/or modify the software. - - A secondary benefit of defending all users' freedom is that -improvements made in alternate versions of the program, if they -receive widespread use, become available for other developers to -incorporate. Many developers of free software are heartened and -encouraged by the resulting cooperation. However, in the case of -software used on network servers, this result may fail to come about. -The GNU General Public License permits making a modified version and -letting the public access it on a server without ever releasing its -source code to the public. - - The GNU Affero General Public License is designed specifically to -ensure that, in such cases, the modified source code becomes available -to the community. It requires the operator of a network server to -provide the source code of the modified version running there to the -users of that server. Therefore, public use of a modified version, on -a publicly accessible server, gives the public access to the source -code of the modified version. - - An older license, called the Affero General Public License and -published by Affero, was designed to accomplish similar goals. This is -a different license, not a version of the Affero GPL, but Affero has -released a new version of the Affero GPL which permits relicensing under -this license. - - The precise terms and conditions for copying, distribution and -modification follow. - - TERMS AND CONDITIONS - - 0. Definitions. - - "This License" refers to version 3 of the GNU Affero General Public License. - - "Copyright" also means copyright-like laws that apply to other kinds of -works, such as semiconductor masks. - - "The Program" refers to any copyrightable work licensed under this -License. Each licensee is addressed as "you". "Licensees" and -"recipients" may be individuals or organizations. - - To "modify" a work means to copy from or adapt all or part of the work -in a fashion requiring copyright permission, other than the making of an -exact copy. The resulting work is called a "modified version" of the -earlier work or a work "based on" the earlier work. - - A "covered work" means either the unmodified Program or a work based -on the Program. - - To "propagate" a work means to do anything with it that, without -permission, would make you directly or secondarily liable for -infringement under applicable copyright law, except executing it on a -computer or modifying a private copy. Propagation includes copying, -distribution (with or without modification), making available to the -public, and in some countries other activities as well. - - To "convey" a work means any kind of propagation that enables other -parties to make or receive copies. Mere interaction with a user through -a computer network, with no transfer of a copy, is not conveying. - - An interactive user interface displays "Appropriate Legal Notices" -to the extent that it includes a convenient and prominently visible -feature that (1) displays an appropriate copyright notice, and (2) -tells the user that there is no warranty for the work (except to the -extent that warranties are provided), that licensees may convey the -work under this License, and how to view a copy of this License. If -the interface presents a list of user commands or options, such as a -menu, a prominent item in the list meets this criterion. - - 1. Source Code. - - The "source code" for a work means the preferred form of the work -for making modifications to it. "Object code" means any non-source -form of a work. - - A "Standard Interface" means an interface that either is an official -standard defined by a recognized standards body, or, in the case of -interfaces specified for a particular programming language, one that -is widely used among developers working in that language. - - The "System Libraries" of an executable work include anything, other -than the work as a whole, that (a) is included in the normal form of -packaging a Major Component, but which is not part of that Major -Component, and (b) serves only to enable use of the work with that -Major Component, or to implement a Standard Interface for which an -implementation is available to the public in source code form. A -"Major Component", in this context, means a major essential component -(kernel, window system, and so on) of the specific operating system -(if any) on which the executable work runs, or a compiler used to -produce the work, or an object code interpreter used to run it. - - The "Corresponding Source" for a work in object code form means all -the source code needed to generate, install, and (for an executable -work) run the object code and to modify the work, including scripts to -control those activities. However, it does not include the work's -System Libraries, or general-purpose tools or generally available free -programs which are used unmodified in performing those activities but -which are not part of the work. For example, Corresponding Source -includes interface definition files associated with source files for -the work, and the source code for shared libraries and dynamically -linked subprograms that the work is specifically designed to require, -such as by intimate data communication or control flow between those -subprograms and other parts of the work. - - The Corresponding Source need not include anything that users -can regenerate automatically from other parts of the Corresponding -Source. - - The Corresponding Source for a work in source code form is that -same work. - - 2. Basic Permissions. - - All rights granted under this License are granted for the term of -copyright on the Program, and are irrevocable provided the stated -conditions are met. This License explicitly affirms your unlimited -permission to run the unmodified Program. The output from running a -covered work is covered by this License only if the output, given its -content, constitutes a covered work. This License acknowledges your -rights of fair use or other equivalent, as provided by copyright law. - - You may make, run and propagate covered works that you do not -convey, without conditions so long as your license otherwise remains -in force. You may convey covered works to others for the sole purpose -of having them make modifications exclusively for you, or provide you -with facilities for running those works, provided that you comply with -the terms of this License in conveying all material for which you do -not control copyright. Those thus making or running the covered works -for you must do so exclusively on your behalf, under your direction -and control, on terms that prohibit them from making any copies of -your copyrighted material outside their relationship with you. - - Conveying under any other circumstances is permitted solely under -the conditions stated below. Sublicensing is not allowed; section 10 -makes it unnecessary. - - 3. Protecting Users' Legal Rights From Anti-Circumvention Law. - - No covered work shall be deemed part of an effective technological -measure under any applicable law fulfilling obligations under article -11 of the WIPO copyright treaty adopted on 20 December 1996, or -similar laws prohibiting or restricting circumvention of such -measures. - - When you convey a covered work, you waive any legal power to forbid -circumvention of technological measures to the extent such circumvention -is effected by exercising rights under this License with respect to -the covered work, and you disclaim any intention to limit operation or -modification of the work as a means of enforcing, against the work's -users, your or third parties' legal rights to forbid circumvention of -technological measures. - - 4. Conveying Verbatim Copies. - - You may convey verbatim copies of the Program's source code as you -receive it, in any medium, provided that you conspicuously and -appropriately publish on each copy an appropriate copyright notice; -keep intact all notices stating that this License and any -non-permissive terms added in accord with section 7 apply to the code; -keep intact all notices of the absence of any warranty; and give all -recipients a copy of this License along with the Program. - - You may charge any price or no price for each copy that you convey, -and you may offer support or warranty protection for a fee. - - 5. Conveying Modified Source Versions. - - You may convey a work based on the Program, or the modifications to -produce it from the Program, in the form of source code under the -terms of section 4, provided that you also meet all of these conditions: - - a) The work must carry prominent notices stating that you modified - it, and giving a relevant date. - - b) The work must carry prominent notices stating that it is - released under this License and any conditions added under section - 7. This requirement modifies the requirement in section 4 to - "keep intact all notices". - - c) You must license the entire work, as a whole, under this - License to anyone who comes into possession of a copy. This - License will therefore apply, along with any applicable section 7 - additional terms, to the whole of the work, and all its parts, - regardless of how they are packaged. This License gives no - permission to license the work in any other way, but it does not - invalidate such permission if you have separately received it. - - d) If the work has interactive user interfaces, each must display - Appropriate Legal Notices; however, if the Program has interactive - interfaces that do not display Appropriate Legal Notices, your - work need not make them do so. - - A compilation of a covered work with other separate and independent -works, which are not by their nature extensions of the covered work, -and which are not combined with it such as to form a larger program, -in or on a volume of a storage or distribution medium, is called an -"aggregate" if the compilation and its resulting copyright are not -used to limit the access or legal rights of the compilation's users -beyond what the individual works permit. Inclusion of a covered work -in an aggregate does not cause this License to apply to the other -parts of the aggregate. - - 6. Conveying Non-Source Forms. - - You may convey a covered work in object code form under the terms -of sections 4 and 5, provided that you also convey the -machine-readable Corresponding Source under the terms of this License, -in one of these ways: - - a) Convey the object code in, or embodied in, a physical product - (including a physical distribution medium), accompanied by the - Corresponding Source fixed on a durable physical medium - customarily used for software interchange. - - b) Convey the object code in, or embodied in, a physical product - (including a physical distribution medium), accompanied by a - written offer, valid for at least three years and valid for as - long as you offer spare parts or customer support for that product - model, to give anyone who possesses the object code either (1) a - copy of the Corresponding Source for all the software in the - product that is covered by this License, on a durable physical - medium customarily used for software interchange, for a price no - more than your reasonable cost of physically performing this - conveying of source, or (2) access to copy the - Corresponding Source from a network server at no charge. - - c) Convey individual copies of the object code with a copy of the - written offer to provide the Corresponding Source. This - alternative is allowed only occasionally and noncommercially, and - only if you received the object code with such an offer, in accord - with subsection 6b. - - d) Convey the object code by offering access from a designated - place (gratis or for a charge), and offer equivalent access to the - Corresponding Source in the same way through the same place at no - further charge. You need not require recipients to copy the - Corresponding Source along with the object code. If the place to - copy the object code is a network server, the Corresponding Source - may be on a different server (operated by you or a third party) - that supports equivalent copying facilities, provided you maintain - clear directions next to the object code saying where to find the - Corresponding Source. Regardless of what server hosts the - Corresponding Source, you remain obligated to ensure that it is - available for as long as needed to satisfy these requirements. - - e) Convey the object code using peer-to-peer transmission, provided - you inform other peers where the object code and Corresponding - Source of the work are being offered to the general public at no - charge under subsection 6d. - - A separable portion of the object code, whose source code is excluded -from the Corresponding Source as a System Library, need not be -included in conveying the object code work. - - A "User Product" is either (1) a "consumer product", which means any -tangible personal property which is normally used for personal, family, -or household purposes, or (2) anything designed or sold for incorporation -into a dwelling. In determining whether a product is a consumer product, -doubtful cases shall be resolved in favor of coverage. For a particular -product received by a particular user, "normally used" refers to a -typical or common use of that class of product, regardless of the status -of the particular user or of the way in which the particular user -actually uses, or expects or is expected to use, the product. A product -is a consumer product regardless of whether the product has substantial -commercial, industrial or non-consumer uses, unless such uses represent -the only significant mode of use of the product. - - "Installation Information" for a User Product means any methods, -procedures, authorization keys, or other information required to install -and execute modified versions of a covered work in that User Product from -a modified version of its Corresponding Source. The information must -suffice to ensure that the continued functioning of the modified object -code is in no case prevented or interfered with solely because -modification has been made. - - If you convey an object code work under this section in, or with, or -specifically for use in, a User Product, and the conveying occurs as -part of a transaction in which the right of possession and use of the -User Product is transferred to the recipient in perpetuity or for a -fixed term (regardless of how the transaction is characterized), the -Corresponding Source conveyed under this section must be accompanied -by the Installation Information. But this requirement does not apply -if neither you nor any third party retains the ability to install -modified object code on the User Product (for example, the work has -been installed in ROM). - - The requirement to provide Installation Information does not include a -requirement to continue to provide support service, warranty, or updates -for a work that has been modified or installed by the recipient, or for -the User Product in which it has been modified or installed. Access to a -network may be denied when the modification itself materially and -adversely affects the operation of the network or violates the rules and -protocols for communication across the network. - - Corresponding Source conveyed, and Installation Information provided, -in accord with this section must be in a format that is publicly -documented (and with an implementation available to the public in -source code form), and must require no special password or key for -unpacking, reading or copying. - - 7. Additional Terms. - - "Additional permissions" are terms that supplement the terms of this -License by making exceptions from one or more of its conditions. -Additional permissions that are applicable to the entire Program shall -be treated as though they were included in this License, to the extent -that they are valid under applicable law. If additional permissions -apply only to part of the Program, that part may be used separately -under those permissions, but the entire Program remains governed by -this License without regard to the additional permissions. - - When you convey a copy of a covered work, you may at your option -remove any additional permissions from that copy, or from any part of -it. (Additional permissions may be written to require their own -removal in certain cases when you modify the work.) You may place -additional permissions on material, added by you to a covered work, -for which you have or can give appropriate copyright permission. - - Notwithstanding any other provision of this License, for material you -add to a covered work, you may (if authorized by the copyright holders of -that material) supplement the terms of this License with terms: - - a) Disclaiming warranty or limiting liability differently from the - terms of sections 15 and 16 of this License; or - - b) Requiring preservation of specified reasonable legal notices or - author attributions in that material or in the Appropriate Legal - Notices displayed by works containing it; or - - c) Prohibiting misrepresentation of the origin of that material, or - requiring that modified versions of such material be marked in - reasonable ways as different from the original version; or - - d) Limiting the use for publicity purposes of names of licensors or - authors of the material; or - - e) Declining to grant rights under trademark law for use of some - trade names, trademarks, or service marks; or - - f) Requiring indemnification of licensors and authors of that - material by anyone who conveys the material (or modified versions of - it) with contractual assumptions of liability to the recipient, for - any liability that these contractual assumptions directly impose on - those licensors and authors. - - All other non-permissive additional terms are considered "further -restrictions" within the meaning of section 10. If the Program as you -received it, or any part of it, contains a notice stating that it is -governed by this License along with a term that is a further -restriction, you may remove that term. If a license document contains -a further restriction but permits relicensing or conveying under this -License, you may add to a covered work material governed by the terms -of that license document, provided that the further restriction does -not survive such relicensing or conveying. - - If you add terms to a covered work in accord with this section, you -must place, in the relevant source files, a statement of the -additional terms that apply to those files, or a notice indicating -where to find the applicable terms. - - Additional terms, permissive or non-permissive, may be stated in the -form of a separately written license, or stated as exceptions; -the above requirements apply either way. - - 8. Termination. - - You may not propagate or modify a covered work except as expressly -provided under this License. Any attempt otherwise to propagate or -modify it is void, and will automatically terminate your rights under -this License (including any patent licenses granted under the third -paragraph of section 11). - - However, if you cease all violation of this License, then your -license from a particular copyright holder is reinstated (a) -provisionally, unless and until the copyright holder explicitly and -finally terminates your license, and (b) permanently, if the copyright -holder fails to notify you of the violation by some reasonable means -prior to 60 days after the cessation. - - Moreover, your license from a particular copyright holder is -reinstated permanently if the copyright holder notifies you of the -violation by some reasonable means, this is the first time you have -received notice of violation of this License (for any work) from that -copyright holder, and you cure the violation prior to 30 days after -your receipt of the notice. - - Termination of your rights under this section does not terminate the -licenses of parties who have received copies or rights from you under -this License. If your rights have been terminated and not permanently -reinstated, you do not qualify to receive new licenses for the same -material under section 10. - - 9. Acceptance Not Required for Having Copies. - - You are not required to accept this License in order to receive or -run a copy of the Program. Ancillary propagation of a covered work -occurring solely as a consequence of using peer-to-peer transmission -to receive a copy likewise does not require acceptance. However, -nothing other than this License grants you permission to propagate or -modify any covered work. These actions infringe copyright if you do -not accept this License. Therefore, by modifying or propagating a -covered work, you indicate your acceptance of this License to do so. - - 10. Automatic Licensing of Downstream Recipients. - - Each time you convey a covered work, the recipient automatically -receives a license from the original licensors, to run, modify and -propagate that work, subject to this License. You are not responsible -for enforcing compliance by third parties with this License. - - An "entity transaction" is a transaction transferring control of an -organization, or substantially all assets of one, or subdividing an -organization, or merging organizations. If propagation of a covered -work results from an entity transaction, each party to that -transaction who receives a copy of the work also receives whatever -licenses to the work the party's predecessor in interest had or could -give under the previous paragraph, plus a right to possession of the -Corresponding Source of the work from the predecessor in interest, if -the predecessor has it or can get it with reasonable efforts. - - You may not impose any further restrictions on the exercise of the -rights granted or affirmed under this License. For example, you may -not impose a license fee, royalty, or other charge for exercise of -rights granted under this License, and you may not initiate litigation -(including a cross-claim or counterclaim in a lawsuit) alleging that -any patent claim is infringed by making, using, selling, offering for -sale, or importing the Program or any portion of it. - - 11. Patents. - - A "contributor" is a copyright holder who authorizes use under this -License of the Program or a work on which the Program is based. The -work thus licensed is called the contributor's "contributor version". - - A contributor's "essential patent claims" are all patent claims -owned or controlled by the contributor, whether already acquired or -hereafter acquired, that would be infringed by some manner, permitted -by this License, of making, using, or selling its contributor version, -but do not include claims that would be infringed only as a -consequence of further modification of the contributor version. For -purposes of this definition, "control" includes the right to grant -patent sublicenses in a manner consistent with the requirements of -this License. - - Each contributor grants you a non-exclusive, worldwide, royalty-free -patent license under the contributor's essential patent claims, to -make, use, sell, offer for sale, import and otherwise run, modify and -propagate the contents of its contributor version. - - In the following three paragraphs, a "patent license" is any express -agreement or commitment, however denominated, not to enforce a patent -(such as an express permission to practice a patent or covenant not to -sue for patent infringement). To "grant" such a patent license to a -party means to make such an agreement or commitment not to enforce a -patent against the party. - - If you convey a covered work, knowingly relying on a patent license, -and the Corresponding Source of the work is not available for anyone -to copy, free of charge and under the terms of this License, through a -publicly available network server or other readily accessible means, -then you must either (1) cause the Corresponding Source to be so -available, or (2) arrange to deprive yourself of the benefit of the -patent license for this particular work, or (3) arrange, in a manner -consistent with the requirements of this License, to extend the patent -license to downstream recipients. "Knowingly relying" means you have -actual knowledge that, but for the patent license, your conveying the -covered work in a country, or your recipient's use of the covered work -in a country, would infringe one or more identifiable patents in that -country that you have reason to believe are valid. - - If, pursuant to or in connection with a single transaction or -arrangement, you convey, or propagate by procuring conveyance of, a -covered work, and grant a patent license to some of the parties -receiving the covered work authorizing them to use, propagate, modify -or convey a specific copy of the covered work, then the patent license -you grant is automatically extended to all recipients of the covered -work and works based on it. - - A patent license is "discriminatory" if it does not include within -the scope of its coverage, prohibits the exercise of, or is -conditioned on the non-exercise of one or more of the rights that are -specifically granted under this License. You may not convey a covered -work if you are a party to an arrangement with a third party that is -in the business of distributing software, under which you make payment -to the third party based on the extent of your activity of conveying -the work, and under which the third party grants, to any of the -parties who would receive the covered work from you, a discriminatory -patent license (a) in connection with copies of the covered work -conveyed by you (or copies made from those copies), or (b) primarily -for and in connection with specific products or compilations that -contain the covered work, unless you entered into that arrangement, -or that patent license was granted, prior to 28 March 2007. - - Nothing in this License shall be construed as excluding or limiting -any implied license or other defenses to infringement that may -otherwise be available to you under applicable patent law. - - 12. No Surrender of Others' Freedom. - - If conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot convey a -covered work so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you may -not convey it at all. For example, if you agree to terms that obligate you -to collect a royalty for further conveying from those to whom you convey -the Program, the only way you could satisfy both those terms and this -License would be to refrain entirely from conveying the Program. - - 13. Remote Network Interaction; Use with the GNU General Public License. - - Notwithstanding any other provision of this License, if you modify the -Program, your modified version must prominently offer all users -interacting with it remotely through a computer network (if your version -supports such interaction) an opportunity to receive the Corresponding -Source of your version by providing access to the Corresponding Source -from a network server at no charge, through some standard or customary -means of facilitating copying of software. This Corresponding Source -shall include the Corresponding Source for any work covered by version 3 -of the GNU General Public License that is incorporated pursuant to the -following paragraph. - - Notwithstanding any other provision of this License, you have -permission to link or combine any covered work with a work licensed -under version 3 of the GNU General Public License into a single -combined work, and to convey the resulting work. The terms of this -License will continue to apply to the part which is the covered work, -but the work with which it is combined will remain governed by version -3 of the GNU General Public License. - - 14. Revised Versions of this License. - - The Free Software Foundation may publish revised and/or new versions of -the GNU Affero General Public License from time to time. Such new versions -will be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - - Each version is given a distinguishing version number. If the -Program specifies that a certain numbered version of the GNU Affero General -Public License "or any later version" applies to it, you have the -option of following the terms and conditions either of that numbered -version or of any later version published by the Free Software -Foundation. If the Program does not specify a version number of the -GNU Affero General Public License, you may choose any version ever published -by the Free Software Foundation. - - If the Program specifies that a proxy can decide which future -versions of the GNU Affero General Public License can be used, that proxy's -public statement of acceptance of a version permanently authorizes you -to choose that version for the Program. - - Later license versions may give you additional or different -permissions. However, no additional obligations are imposed on any -author or copyright holder as a result of your choosing to follow a -later version. - - 15. Disclaimer of Warranty. - - THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY -APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT -HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY -OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, -THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM -IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF -ALL NECESSARY SERVICING, REPAIR OR CORRECTION. - - 16. Limitation of Liability. - - IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS -THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY -GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE -USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF -DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD -PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), -EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF -SUCH DAMAGES. - - 17. Interpretation of Sections 15 and 16. - - If the disclaimer of warranty and limitation of liability provided -above cannot be given local legal effect according to their terms, -reviewing courts shall apply local law that most closely approximates -an absolute waiver of all civil liability in connection with the -Program, unless a warranty or assumption of liability accompanies a -copy of the Program in return for a fee. - - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -state the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - - Copyright (C) - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU Affero General Public License as published by - the Free Software Foundation, either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Affero General Public License for more details. - - You should have received a copy of the GNU Affero General Public License - along with this program. If not, see . - -Also add information on how to contact you by electronic and paper mail. - - If your software can interact with users remotely through a computer -network, you should also make sure that it provides a way for users to -get its source. For example, if your program is a web application, its -interface could display a "Source" link that leads users to an archive -of the code. There are many ways you could offer source, and different -solutions will be better for different programs; see section 13 for the -specific requirements. - - You should also get your employer (if you work as a programmer) or school, -if any, to sign a "copyright disclaimer" for the program, if necessary. -For more information on this, and how to apply and follow the GNU AGPL, see -. diff --git a/guacamole-ext/LICENSE b/guacamole-ext/LICENSE new file mode 100644 index 000000000..7714141d1 --- /dev/null +++ b/guacamole-ext/LICENSE @@ -0,0 +1,470 @@ + MOZILLA PUBLIC LICENSE + Version 1.1 + + --------------- + +1. Definitions. + + 1.0.1. "Commercial Use" means distribution or otherwise making the + Covered Code available to a third party. + + 1.1. "Contributor" means each entity that creates or contributes to + the creation of Modifications. + + 1.2. "Contributor Version" means the combination of the Original + Code, prior Modifications used by a Contributor, and the Modifications + made by that particular Contributor. + + 1.3. "Covered Code" means the Original Code or Modifications or the + combination of the Original Code and Modifications, in each case + including portions thereof. + + 1.4. "Electronic Distribution Mechanism" means a mechanism generally + accepted in the software development community for the electronic + transfer of data. + + 1.5. "Executable" means Covered Code in any form other than Source + Code. + + 1.6. "Initial Developer" means the individual or entity identified + as the Initial Developer in the Source Code notice required by Exhibit + A. + + 1.7. "Larger Work" means a work which combines Covered Code or + portions thereof with code not governed by the terms of this License. + + 1.8. "License" means this document. + + 1.8.1. "Licensable" means having the right to grant, to the maximum + extent possible, whether at the time of the initial grant or + subsequently acquired, any and all of the rights conveyed herein. + + 1.9. "Modifications" means any addition to or deletion from the + substance or structure of either the Original Code or any previous + Modifications. When Covered Code is released as a series of files, a + Modification is: + A. Any addition to or deletion from the contents of a file + containing Original Code or previous Modifications. + + B. Any new file that contains any part of the Original Code or + previous Modifications. + + 1.10. "Original Code" means Source Code of computer software code + which is described in the Source Code notice required by Exhibit A as + Original Code, and which, at the time of its release under this + License is not already Covered Code governed by this License. + + 1.10.1. "Patent Claims" means any patent claim(s), now owned or + hereafter acquired, including without limitation, method, process, + and apparatus claims, in any patent Licensable by grantor. + + 1.11. "Source Code" means the preferred form of the Covered Code for + making modifications to it, including all modules it contains, plus + any associated interface definition files, scripts used to control + compilation and installation of an Executable, or source code + differential comparisons against either the Original Code or another + well known, available Covered Code of the Contributor's choice. The + Source Code can be in a compressed or archival form, provided the + appropriate decompression or de-archiving software is widely available + for no charge. + + 1.12. "You" (or "Your") means an individual or a legal entity + exercising rights under, and complying with all of the terms of, this + License or a future version of this License issued under Section 6.1. + For legal entities, "You" includes any entity which controls, is + controlled by, or is under common control with You. For purposes of + this definition, "control" means (a) the power, direct or indirect, + to cause the direction or management of such entity, whether by + contract or otherwise, or (b) ownership of more than fifty percent + (50%) of the outstanding shares or beneficial ownership of such + entity. + +2. Source Code License. + + 2.1. The Initial Developer Grant. + The Initial Developer hereby grants You a world-wide, royalty-free, + non-exclusive license, subject to third party intellectual property + claims: + (a) under intellectual property rights (other than patent or + trademark) Licensable by Initial Developer to use, reproduce, + modify, display, perform, sublicense and distribute the Original + Code (or portions thereof) with or without Modifications, and/or + as part of a Larger Work; and + + (b) under Patents Claims infringed by the making, using or + selling of Original Code, to make, have made, use, practice, + sell, and offer for sale, and/or otherwise dispose of the + Original Code (or portions thereof). + + (c) the licenses granted in this Section 2.1(a) and (b) are + effective on the date Initial Developer first distributes + Original Code under the terms of this License. + + (d) Notwithstanding Section 2.1(b) above, no patent license is + granted: 1) for code that You delete from the Original Code; 2) + separate from the Original Code; or 3) for infringements caused + by: i) the modification of the Original Code or ii) the + combination of the Original Code with other software or devices. + + 2.2. Contributor Grant. + Subject to third party intellectual property claims, each Contributor + hereby grants You a world-wide, royalty-free, non-exclusive license + + (a) under intellectual property rights (other than patent or + trademark) Licensable by Contributor, to use, reproduce, modify, + display, perform, sublicense and distribute the Modifications + created by such Contributor (or portions thereof) either on an + unmodified basis, with other Modifications, as Covered Code + and/or as part of a Larger Work; and + + (b) under Patent Claims infringed by the making, using, or + selling of Modifications made by that Contributor either alone + and/or in combination with its Contributor Version (or portions + of such combination), to make, use, sell, offer for sale, have + made, and/or otherwise dispose of: 1) Modifications made by that + Contributor (or portions thereof); and 2) the combination of + Modifications made by that Contributor with its Contributor + Version (or portions of such combination). + + (c) the licenses granted in Sections 2.2(a) and 2.2(b) are + effective on the date Contributor first makes Commercial Use of + the Covered Code. + + (d) Notwithstanding Section 2.2(b) above, no patent license is + granted: 1) for any code that Contributor has deleted from the + Contributor Version; 2) separate from the Contributor Version; + 3) for infringements caused by: i) third party modifications of + Contributor Version or ii) the combination of Modifications made + by that Contributor with other software (except as part of the + Contributor Version) or other devices; or 4) under Patent Claims + infringed by Covered Code in the absence of Modifications made by + that Contributor. + +3. Distribution Obligations. + + 3.1. Application of License. + The Modifications which You create or to which You contribute are + governed by the terms of this License, including without limitation + Section 2.2. The Source Code version of Covered Code may be + distributed only under the terms of this License or a future version + of this License released under Section 6.1, and You must include a + copy of this License with every copy of the Source Code You + distribute. You may not offer or impose any terms on any Source Code + version that alters or restricts the applicable version of this + License or the recipients' rights hereunder. However, You may include + an additional document offering the additional rights described in + Section 3.5. + + 3.2. Availability of Source Code. + Any Modification which You create or to which You contribute must be + made available in Source Code form under the terms of this License + either on the same media as an Executable version or via an accepted + Electronic Distribution Mechanism to anyone to whom you made an + Executable version available; and if made available via Electronic + Distribution Mechanism, must remain available for at least twelve (12) + months after the date it initially became available, or at least six + (6) months after a subsequent version of that particular Modification + has been made available to such recipients. You are responsible for + ensuring that the Source Code version remains available even if the + Electronic Distribution Mechanism is maintained by a third party. + + 3.3. Description of Modifications. + You must cause all Covered Code to which You contribute to contain a + file documenting the changes You made to create that Covered Code and + the date of any change. You must include a prominent statement that + the Modification is derived, directly or indirectly, from Original + Code provided by the Initial Developer and including the name of the + Initial Developer in (a) the Source Code, and (b) in any notice in an + Executable version or related documentation in which You describe the + origin or ownership of the Covered Code. + + 3.4. Intellectual Property Matters + (a) Third Party Claims. + If Contributor has knowledge that a license under a third party's + intellectual property rights is required to exercise the rights + granted by such Contributor under Sections 2.1 or 2.2, + Contributor must include a text file with the Source Code + distribution titled "LEGAL" which describes the claim and the + party making the claim in sufficient detail that a recipient will + know whom to contact. If Contributor obtains such knowledge after + the Modification is made available as described in Section 3.2, + Contributor shall promptly modify the LEGAL file in all copies + Contributor makes available thereafter and shall take other steps + (such as notifying appropriate mailing lists or newsgroups) + reasonably calculated to inform those who received the Covered + Code that new knowledge has been obtained. + + (b) Contributor APIs. + If Contributor's Modifications include an application programming + interface and Contributor has knowledge of patent licenses which + are reasonably necessary to implement that API, Contributor must + also include this information in the LEGAL file. + + (c) Representations. + Contributor represents that, except as disclosed pursuant to + Section 3.4(a) above, Contributor believes that Contributor's + Modifications are Contributor's original creation(s) and/or + Contributor has sufficient rights to grant the rights conveyed by + this License. + + 3.5. Required Notices. + You must duplicate the notice in Exhibit A in each file of the Source + Code. If it is not possible to put such notice in a particular Source + Code file due to its structure, then You must include such notice in a + location (such as a relevant directory) where a user would be likely + to look for such a notice. If You created one or more Modification(s) + You may add your name as a Contributor to the notice described in + Exhibit A. You must also duplicate this License in any documentation + for the Source Code where You describe recipients' rights or ownership + rights relating to Covered Code. You may choose to offer, and to + charge a fee for, warranty, support, indemnity or liability + obligations to one or more recipients of Covered Code. However, You + may do so only on Your own behalf, and not on behalf of the Initial + Developer or any Contributor. You must make it absolutely clear than + any such warranty, support, indemnity or liability obligation is + offered by You alone, and You hereby agree to indemnify the Initial + Developer and every Contributor for any liability incurred by the + Initial Developer or such Contributor as a result of warranty, + support, indemnity or liability terms You offer. + + 3.6. Distribution of Executable Versions. + You may distribute Covered Code in Executable form only if the + requirements of Section 3.1-3.5 have been met for that Covered Code, + and if You include a notice stating that the Source Code version of + the Covered Code is available under the terms of this License, + including a description of how and where You have fulfilled the + obligations of Section 3.2. The notice must be conspicuously included + in any notice in an Executable version, related documentation or + collateral in which You describe recipients' rights relating to the + Covered Code. You may distribute the Executable version of Covered + Code or ownership rights under a license of Your choice, which may + contain terms different from this License, provided that You are in + compliance with the terms of this License and that the license for the + Executable version does not attempt to limit or alter the recipient's + rights in the Source Code version from the rights set forth in this + License. If You distribute the Executable version under a different + license You must make it absolutely clear that any terms which differ + from this License are offered by You alone, not by the Initial + Developer or any Contributor. You hereby agree to indemnify the + Initial Developer and every Contributor for any liability incurred by + the Initial Developer or such Contributor as a result of any such + terms You offer. + + 3.7. Larger Works. + You may create a Larger Work by combining Covered Code with other code + not governed by the terms of this License and distribute the Larger + Work as a single product. In such a case, You must make sure the + requirements of this License are fulfilled for the Covered Code. + +4. Inability to Comply Due to Statute or Regulation. + + If it is impossible for You to comply with any of the terms of this + License with respect to some or all of the Covered Code due to + statute, judicial order, or regulation then You must: (a) comply with + the terms of this License to the maximum extent possible; and (b) + describe the limitations and the code they affect. Such description + must be included in the LEGAL file described in Section 3.4 and must + be included with all distributions of the Source Code. Except to the + extent prohibited by statute or regulation, such description must be + sufficiently detailed for a recipient of ordinary skill to be able to + understand it. + +5. Application of this License. + + This License applies to code to which the Initial Developer has + attached the notice in Exhibit A and to related Covered Code. + +6. Versions of the License. + + 6.1. New Versions. + Netscape Communications Corporation ("Netscape") may publish revised + and/or new versions of the License from time to time. Each version + will be given a distinguishing version number. + + 6.2. Effect of New Versions. + Once Covered Code has been published under a particular version of the + License, You may always continue to use it under the terms of that + version. You may also choose to use such Covered Code under the terms + of any subsequent version of the License published by Netscape. No one + other than Netscape has the right to modify the terms applicable to + Covered Code created under this License. + + 6.3. Derivative Works. + If You create or use a modified version of this License (which you may + only do in order to apply it to code which is not already Covered Code + governed by this License), You must (a) rename Your license so that + the phrases "Mozilla", "MOZILLAPL", "MOZPL", "Netscape", + "MPL", "NPL" or any confusingly similar phrase do not appear in your + license (except to note that your license differs from this License) + and (b) otherwise make it clear that Your version of the license + contains terms which differ from the Mozilla Public License and + Netscape Public License. (Filling in the name of the Initial + Developer, Original Code or Contributor in the notice described in + Exhibit A shall not of themselves be deemed to be modifications of + this License.) + +7. DISCLAIMER OF WARRANTY. + + COVERED CODE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, + WITHOUT LIMITATION, WARRANTIES THAT THE COVERED CODE IS FREE OF + DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. + THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED CODE + IS WITH YOU. SHOULD ANY COVERED CODE PROVE DEFECTIVE IN ANY RESPECT, + YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE + COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER + OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF + ANY COVERED CODE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. + +8. TERMINATION. + + 8.1. This License and the rights granted hereunder will terminate + automatically if You fail to comply with terms herein and fail to cure + such breach within 30 days of becoming aware of the breach. All + sublicenses to the Covered Code which are properly granted shall + survive any termination of this License. Provisions which, by their + nature, must remain in effect beyond the termination of this License + shall survive. + + 8.2. If You initiate litigation by asserting a patent infringement + claim (excluding declatory judgment actions) against Initial Developer + or a Contributor (the Initial Developer or Contributor against whom + You file such action is referred to as "Participant") alleging that: + + (a) such Participant's Contributor Version directly or indirectly + infringes any patent, then any and all rights granted by such + Participant to You under Sections 2.1 and/or 2.2 of this License + shall, upon 60 days notice from Participant terminate prospectively, + unless if within 60 days after receipt of notice You either: (i) + agree in writing to pay Participant a mutually agreeable reasonable + royalty for Your past and future use of Modifications made by such + Participant, or (ii) withdraw Your litigation claim with respect to + the Contributor Version against such Participant. If within 60 days + of notice, a reasonable royalty and payment arrangement are not + mutually agreed upon in writing by the parties or the litigation claim + is not withdrawn, the rights granted by Participant to You under + Sections 2.1 and/or 2.2 automatically terminate at the expiration of + the 60 day notice period specified above. + + (b) any software, hardware, or device, other than such Participant's + Contributor Version, directly or indirectly infringes any patent, then + any rights granted to You by such Participant under Sections 2.1(b) + and 2.2(b) are revoked effective as of the date You first made, used, + sold, distributed, or had made, Modifications made by that + Participant. + + 8.3. If You assert a patent infringement claim against Participant + alleging that such Participant's Contributor Version directly or + indirectly infringes any patent where such claim is resolved (such as + by license or settlement) prior to the initiation of patent + infringement litigation, then the reasonable value of the licenses + granted by such Participant under Sections 2.1 or 2.2 shall be taken + into account in determining the amount or value of any payment or + license. + + 8.4. In the event of termination under Sections 8.1 or 8.2 above, + all end user license agreements (excluding distributors and resellers) + which have been validly granted by You or any distributor hereunder + prior to termination shall survive termination. + +9. LIMITATION OF LIABILITY. + + UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT + (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL + DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED CODE, + OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR + ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY + CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, + WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER + COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN + INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF + LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY + RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW + PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE + EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO + THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. + +10. U.S. GOVERNMENT END USERS. + + The Covered Code is a "commercial item," as that term is defined in + 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer + software" and "commercial computer software documentation," as such + terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 + C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), + all U.S. Government End Users acquire Covered Code with only those + rights set forth herein. + +11. MISCELLANEOUS. + + This License represents the complete agreement concerning subject + matter hereof. If any provision of this License is held to be + unenforceable, such provision shall be reformed only to the extent + necessary to make it enforceable. This License shall be governed by + California law provisions (except to the extent applicable law, if + any, provides otherwise), excluding its conflict-of-law provisions. + With respect to disputes in which at least one party is a citizen of, + or an entity chartered or registered to do business in the United + States of America, any litigation relating to this License shall be + subject to the jurisdiction of the Federal Courts of the Northern + District of California, with venue lying in Santa Clara County, + California, with the losing party responsible for costs, including + without limitation, court costs and reasonable attorneys' fees and + expenses. The application of the United Nations Convention on + Contracts for the International Sale of Goods is expressly excluded. + Any law or regulation which provides that the language of a contract + shall be construed against the drafter shall not apply to this + License. + +12. RESPONSIBILITY FOR CLAIMS. + + As between Initial Developer and the Contributors, each party is + responsible for claims and damages arising, directly or indirectly, + out of its utilization of rights under this License and You agree to + work with Initial Developer and Contributors to distribute such + responsibility on an equitable basis. Nothing herein is intended or + shall be deemed to constitute any admission of liability. + +13. MULTIPLE-LICENSED CODE. + + Initial Developer may designate portions of the Covered Code as + "Multiple-Licensed". "Multiple-Licensed" means that the Initial + Developer permits you to utilize portions of the Covered Code under + Your choice of the NPL or the alternative licenses, if any, specified + by the Initial Developer in the file described in Exhibit A. + +EXHIBIT A -Mozilla Public License. + + ``The contents of this file are subject to the Mozilla Public License + Version 1.1 (the "License"); you may not use this file except in + compliance with the License. You may obtain a copy of the License at + http://www.mozilla.org/MPL/ + + Software distributed under the License is distributed on an "AS IS" + basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the + License for the specific language governing rights and limitations + under the License. + + The Original Code is ______________________________________. + + The Initial Developer of the Original Code is ________________________. + Portions created by ______________________ are Copyright (C) ______ + _______________________. All Rights Reserved. + + Contributor(s): ______________________________________. + + Alternatively, the contents of this file may be used under the terms + of the _____ license (the "[___] License"), in which case the + provisions of [______] License are applicable instead of those + above. If you wish to allow use of your version of this file only + under the terms of the [____] License and not to allow others to use + your version of this file under the MPL, indicate your decision by + deleting the provisions above and replace them with the notice and + other provisions required by the [___] License. If you do not delete + the provisions above, a recipient may use your version of this file + under either the MPL or the [___] License." + + [NOTE: The text of this Exhibit A may differ slightly from the text of + the notices in the Source Code files of the Original Code. You should + use the text of this Exhibit A rather than the text found in the + Original Code Source Code for Your Modifications.] + diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java index 847a76b52..42249f7b3 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java @@ -14,7 +14,7 @@ package net.sourceforge.guacamole.net.auth; * for the specific language governing rights and limitations under the * License. * - * The Original Code is guacamole-common. + * The Original Code is guacamole-common-auth. * * The Initial Developer of the Original Code is * Michael Jumper. diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UsernamePassword.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UsernamePassword.java index b5eceeace..76d6e7ecd 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UsernamePassword.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UsernamePassword.java @@ -13,7 +13,7 @@ package net.sourceforge.guacamole.net.auth; * for the specific language governing rights and limitations under the * License. * - * The Original Code is guacamole-common. + * The Original Code is guacamole-common-auth. * * The Initial Developer of the Original Code is * Michael Jumper. From 6ff00e28eae7343ebd79cbff112d575e0589b492 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 21 Dec 2011 00:11:18 -0800 Subject: [PATCH 07/95] Update docs to reflect null return value. --- .../guacamole/net/auth/AuthenticationProvider.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java index 42249f7b3..b938a90a2 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java @@ -58,10 +58,10 @@ public interface AuthenticationProvider { * * @param credentials The credentials to use to retrieve authorized * configurations. - * @return A Map of all configurations authorized by the given credentials. + * @return A Map of all configurations authorized by the given credentials, + * or null if the credentials given are not authorized. * @throws GuacamoleException If an error occurs while retrieving - * configurations, or the credentials given - * are invalid. + * configurations. */ public Map getAuthorizedConfigurations(CredentialType credentials) From 451a09873d36eb9eae0f3af32227c25ef182a913 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 15 Mar 2012 15:53:13 -0700 Subject: [PATCH 08/95] Bumping version to 0.6.0. --- guacamole-ext/pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/guacamole-ext/pom.xml b/guacamole-ext/pom.xml index 730f9fad9..1d8bd9e92 100644 --- a/guacamole-ext/pom.xml +++ b/guacamole-ext/pom.xml @@ -5,7 +5,7 @@ net.sourceforge.guacamole guacamole-common-auth jar - 0.5.0 + 0.6.0 guacamole-common-auth http://guacamole.sourceforge.net/ @@ -35,7 +35,7 @@ net.sourceforge.guacamole guacamole-common - 0.5.0 + 0.6.0 compile From 697c4601dac77174d6ac4e11934b654847b19087 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 22 Mar 2012 22:44:02 -0700 Subject: [PATCH 09/95] Use truly generic HTTP-based credentials object, rename project to guacamole-auth (truly, this is a basic framework for extending Guacamole, a single webapp, NOT part of guacamole-common, which is the basis of the Guacamole webapp and potentially others). --- guacamole-ext/pom.xml | 12 +++++-- .../net/auth/AuthenticationProvider.java | 8 ++--- ...UsernamePassword.java => Credentials.java} | 31 ++++++++++++++++++- 3 files changed, 43 insertions(+), 8 deletions(-) rename guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/{UsernamePassword.java => Credentials.java} (82%) diff --git a/guacamole-ext/pom.xml b/guacamole-ext/pom.xml index 1d8bd9e92..d100206c2 100644 --- a/guacamole-ext/pom.xml +++ b/guacamole-ext/pom.xml @@ -3,10 +3,10 @@ 4.0.0 net.sourceforge.guacamole - guacamole-common-auth + guacamole-auth jar 0.6.0 - guacamole-common-auth + guacamole-auth http://guacamole.sourceforge.net/ @@ -31,6 +31,14 @@ + + + javax.servlet + servlet-api + 2.5 + provided + + net.sourceforge.guacamole diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java index b938a90a2..f3ea77320 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java @@ -43,13 +43,11 @@ import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; /** * Provides means of retrieving a set of named GuacamoleConfigurations for a - * given arbitrary credentials object. + * given Credentials object. * * @author Michael Jumper - * @param The type to use as credentials for determining which - * configurations are authorized. */ -public interface AuthenticationProvider { +public interface AuthenticationProvider { /** * Given an arbitrary credentials object, returns a Map containing all @@ -64,7 +62,7 @@ public interface AuthenticationProvider { * configurations. */ public Map - getAuthorizedConfigurations(CredentialType credentials) + getAuthorizedConfigurations(Credentials credentials) throws GuacamoleException; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UsernamePassword.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java similarity index 82% rename from guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UsernamePassword.java rename to guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java index 76d6e7ecd..d88201700 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UsernamePassword.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java @@ -1,5 +1,8 @@ package net.sourceforge.guacamole.net.auth; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpSession; + /* ***** BEGIN LICENSE BLOCK ***** * Version: MPL 1.1/GPL 2.0/LGPL 2.1 * @@ -43,7 +46,7 @@ package net.sourceforge.guacamole.net.auth; * * @author Michael Jumper */ -public class UsernamePassword { +public class Credentials { /** * An arbitrary username. @@ -55,6 +58,16 @@ public class UsernamePassword { */ private String password; + /** + * The HttpServletRequest carrying additional credentials, if any. + */ + private HttpServletRequest request; + + /** + * The HttpSession carrying additional credentials, if any. + */ + private HttpSession session; + /** * Returns the password associated with this username/password pair. * @return The password associated with this username/password pair, or @@ -91,4 +104,20 @@ public class UsernamePassword { this.username = username; } + public HttpServletRequest getRequest() { + return request; + } + + public void setRequest(HttpServletRequest request) { + this.request = request; + } + + public HttpSession getSession() { + return session; + } + + public void setSession(HttpSession session) { + this.session = session; + } + } From 7f027a71f23ac7034a9ab41814d0166882590f71 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 22 Mar 2012 23:40:45 -0700 Subject: [PATCH 10/95] Fixed comments. --- .../net/auth/AuthenticationProvider.java | 2 +- .../guacamole/net/auth/Credentials.java | 39 +++++++++++++++---- 2 files changed, 32 insertions(+), 9 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java index f3ea77320..9b6e2a28b 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java @@ -14,7 +14,7 @@ package net.sourceforge.guacamole.net.auth; * for the specific language governing rights and limitations under the * License. * - * The Original Code is guacamole-common-auth. + * The Original Code is guacamole-auth. * * The Initial Developer of the Original Code is * Michael Jumper. diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java index d88201700..a786a79f5 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java @@ -16,7 +16,7 @@ import javax.servlet.http.HttpSession; * for the specific language governing rights and limitations under the * License. * - * The Original Code is guacamole-common-auth. + * The Original Code is guacamole-auth. * * The Initial Developer of the Original Code is * Michael Jumper. @@ -40,9 +40,12 @@ import javax.servlet.http.HttpSession; * ***** END LICENSE BLOCK ***** */ /** - * Simple class containing username and password Strings. This class can be - * used along with AuthenticationProvider to provide username/password - * authentication. + * Simple arbitrary set of credentials, including a username/password pair, + * the HttpServletRequest associated with the request for authorization + * (if any) and the HttpSession associated with that request. + * + * This class is used along with AuthenticationProvider to provide arbitrary + * HTTP-based authentication for Guacamole. * * @author Michael Jumper */ @@ -69,7 +72,7 @@ public class Credentials { private HttpSession session; /** - * Returns the password associated with this username/password pair. + * Returns the password associated with this set of credentials. * @return The password associated with this username/password pair, or * null if no password has been set. */ @@ -78,7 +81,7 @@ public class Credentials { } /** - * Sets the password associated with this username/password pair. + * Sets the password associated with this set of credentials. * @param password The password to associate with this username/password * pair. */ @@ -87,7 +90,7 @@ public class Credentials { } /** - * Returns the username associated with this username/password pair. + * Returns the username associated with this set of credentials. * @return The username associated with this username/password pair, or * null if no username has been set. */ @@ -96,7 +99,7 @@ public class Credentials { } /** - * Sets the username associated with this username/password pair. + * Sets the username associated with this set of credentials. * @param username The username to associate with this username/password * pair. */ @@ -104,18 +107,38 @@ public class Credentials { this.username = username; } + /** + * Returns the HttpServletRequest associated with this set of credentials. + * @return The HttpServletRequest associated with this set of credentials, + * or null if no such request exists. + */ public HttpServletRequest getRequest() { return request; } + /** + * Sets the HttpServletRequest associated with this set of credentials. + * @param request The HttpServletRequest to associated with this set of + * credentials. + */ public void setRequest(HttpServletRequest request) { this.request = request; } + /** + * Returns the HttpSession associated with this set of credentials. + * @return The HttpSession associated with this set of credentials, or null + * if no such request exists. + */ public HttpSession getSession() { return session; } + /** + * Sets the HttpSession associated with this set of credentials. + * @param session The HttpSession to associated with this set of + * credentials. + */ public void setSession(HttpSession session) { this.session = session; } From e58a4fc52b6c3bb4a80fcb881ed4ce67c112aeb5 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Fri, 23 Mar 2012 11:02:08 -0700 Subject: [PATCH 11/95] Renamed to guacamole-ext. --- guacamole-ext/pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/guacamole-ext/pom.xml b/guacamole-ext/pom.xml index d100206c2..7e287aa69 100644 --- a/guacamole-ext/pom.xml +++ b/guacamole-ext/pom.xml @@ -3,10 +3,10 @@ 4.0.0 net.sourceforge.guacamole - guacamole-auth + guacamole-ext jar 0.6.0 - guacamole-auth + guacamole-ext http://guacamole.sourceforge.net/ From 898cee122f567f14000427664f238a3da13c94d2 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Fri, 23 Mar 2012 11:02:47 -0700 Subject: [PATCH 12/95] Create CredentialEvent interface for generic credentials-related events. Implemented AuthenticationFailureEvent. --- .../net/event/AuthenticationFailureEvent.java | 34 +++++++++++++++++++ .../guacamole/net/event/CredentialEvent.java | 21 ++++++++++++ 2 files changed, 55 insertions(+) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/CredentialEvent.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java new file mode 100644 index 000000000..46cf00a20 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java @@ -0,0 +1,34 @@ +package net.sourceforge.guacamole.net.event; + +import net.sourceforge.guacamole.net.auth.Credentials; + +/** + * An event which is triggered whenever a user's credentials fail to be + * authenticated. The credentials that failed to be authenticated are included + * within this event, and can be retrieved using getCredentials(). + * + * @author Michael Jumper + */ +public class AuthenticationFailureEvent implements CredentialEvent { + + /** + * The credentials which failed authentication + */ + private Credentials credentials; + + /** + * Creates a new AuthenticationFailureEvent which represents the failure + * to authenticate the given credentials. + * + * @param credentials The credentials which failed authentication. + */ + public AuthenticationFailureEvent(Credentials credentials) { + this.credentials = credentials; + } + + @Override + public Credentials getCredentials() { + return credentials; + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/CredentialEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/CredentialEvent.java new file mode 100644 index 000000000..0b5e5a04b --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/CredentialEvent.java @@ -0,0 +1,21 @@ +package net.sourceforge.guacamole.net.event; + +import net.sourceforge.guacamole.net.auth.Credentials; + +/** + * Abstract basis for events which may have associated user credentials when + * triggered. + * + * @author Michael Jumper + */ +public interface CredentialEvent { + + /** + * Returns the current credentials of the user triggering the event, if any. + * + * @return The current credentials of the user triggering the event, if + * any, or null if no credentials are associated with the event. + */ + public Credentials getCredentials(); + +} From 0b1011364d4f40ec6bb7c32fb72b6c926c6a600b Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Fri, 23 Mar 2012 11:06:09 -0700 Subject: [PATCH 13/95] Add AuthenticationFailureListener. --- .../AuthenticationFailureListener.java | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java new file mode 100644 index 000000000..1cada0563 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java @@ -0,0 +1,24 @@ +package net.sourceforge.guacamole.net.event.listener; + +import net.sourceforge.guacamole.net.event.AuthenticationFailureEvent; + +/** + * A listener whose postAuthenticationFailure() hook will fire immediately + * after a user's authentication attempt fails. Note that there is no + * preAuthenticationFailure() hook - authentication failure cannot be canceled, + * it can only be observed after the fact. + * + * @author Michael Jumper + */ +public interface AuthenticationFailureListener { + + /** + * Event hook which fires immediately after a user's authentication attempt + * fails. + * + * @param e The AuthenticationFailureEvent describing the authentication + * failure that just occurred. + */ + public void postAuthenticationFailure(AuthenticationFailureEvent e); + +} From e9fcab10b189fc7aef3627b1780547e7dc73cf82 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Fri, 23 Mar 2012 11:54:18 -0700 Subject: [PATCH 14/95] Renamed hook function. --- .../event/listener/AuthenticationFailureListener.java | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java index 1cada0563..c110144c6 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java @@ -3,10 +3,9 @@ package net.sourceforge.guacamole.net.event.listener; import net.sourceforge.guacamole.net.event.AuthenticationFailureEvent; /** - * A listener whose postAuthenticationFailure() hook will fire immediately - * after a user's authentication attempt fails. Note that there is no - * preAuthenticationFailure() hook - authentication failure cannot be canceled, - * it can only be observed after the fact. + * A listener whose authenticationFailed() hook will fire immediately + * after a user's authentication attempt fails. Note that this hook cannot + * be used to cancel the authentication failure. * * @author Michael Jumper */ @@ -19,6 +18,6 @@ public interface AuthenticationFailureListener { * @param e The AuthenticationFailureEvent describing the authentication * failure that just occurred. */ - public void postAuthenticationFailure(AuthenticationFailureEvent e); + public void authenticationFailed(AuthenticationFailureEvent e); } From d99d38a9b61c8ffd83489a8fd63e1324b1a6fb0d Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Fri, 23 Mar 2012 11:57:05 -0700 Subject: [PATCH 15/95] Authentication success event and listener. --- .../net/event/AuthenticationSuccessEvent.java | 34 +++++++++++++++++++ .../AuthenticationSuccessListener.java | 28 +++++++++++++++ 2 files changed, 62 insertions(+) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationSuccessListener.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java new file mode 100644 index 000000000..73e666a62 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java @@ -0,0 +1,34 @@ +package net.sourceforge.guacamole.net.event; + +import net.sourceforge.guacamole.net.auth.Credentials; + +/** + * An event which is triggered whenever a user's credentials pass + * authentication. The credentials that passed authentication are included + * within this event, and can be retrieved using getCredentials(). + * + * @author Michael Jumper + */ +public class AuthenticationSuccessEvent implements CredentialEvent { + + /** + * The credentials which passed authentication + */ + private Credentials credentials; + + /** + * Creates a new AuthenticationSuccessEvent which represents a successful + * authentication attempt with the given credentials. + * + * @param credentials The credentials which passed authentication. + */ + public AuthenticationSuccessEvent(Credentials credentials) { + this.credentials = credentials; + } + + @Override + public Credentials getCredentials() { + return credentials; + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationSuccessListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationSuccessListener.java new file mode 100644 index 000000000..f7fea9d56 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationSuccessListener.java @@ -0,0 +1,28 @@ +package net.sourceforge.guacamole.net.event.listener; + +import net.sourceforge.guacamole.net.event.AuthenticationSuccessEvent; + +/** + * A listener whose hooks will fire immediately before and after a user's + * authentication attempt succeeds. If a user successfully authenticates, + * the authenticationSucceeded() hook has the opportunity to cancel the + * authentication and force it to fail. + * + * @author Michael Jumper + */ +public interface AuthenticationSuccessListener { + + /** + * Event hook which fires immediately after a user's authentication attempt + * succeeds. The return value of this hook dictates whether the + * successful authentication attempt is canceled. + * + * @param e The AuthenticationFailureEvent describing the authentication + * failure that just occurred. + * @return true if the successful authentication attempt should be + * allowed, or false if the attempt should be denied, causing + * the attempt to effectively fail. + */ + public boolean authenticationSucceeded(AuthenticationSuccessEvent e); + +} From fe7de5201a51ad01295678f1396c35b86a4c268c Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Fri, 23 Mar 2012 12:00:37 -0700 Subject: [PATCH 16/95] TunnelEvent interface. --- .../guacamole/net/event/TunnelEvent.java | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelEvent.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelEvent.java new file mode 100644 index 000000000..65cec0648 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelEvent.java @@ -0,0 +1,20 @@ +package net.sourceforge.guacamole.net.event; + +import net.sourceforge.guacamole.net.GuacamoleTunnel; + +/** + * Abstract basis for events associated with tunnels. + * + * @author Michael Jumper + */ +public interface TunnelEvent { + + /** + * Returns the tunnel associated with this event, if any. + * + * @return The tunnel associated with this event, if any, or null if no + * tunnel is associated with this event. + */ + public GuacamoleTunnel getTunnel(); + +} From e13b62a993c48017dd893a95b3f862e657b65b1b Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Fri, 23 Mar 2012 12:04:08 -0700 Subject: [PATCH 17/95] Tunnel attach and detach events. --- .../net/event/TunnelAttachEvent.java | 37 +++++++++++++++++++ .../net/event/TunnelDetachEvent.java | 37 +++++++++++++++++++ 2 files changed, 74 insertions(+) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelAttachEvent.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelDetachEvent.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelAttachEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelAttachEvent.java new file mode 100644 index 000000000..c9d8bc17e --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelAttachEvent.java @@ -0,0 +1,37 @@ +package net.sourceforge.guacamole.net.event; + +import net.sourceforge.guacamole.net.GuacamoleTunnel; +import net.sourceforge.guacamole.net.auth.Credentials; + +/** + * An event which is triggered whenever a tunnel is being attached to a + * session. The tunnel being attached can be accessed through getTunnel(), + * and the set of all credentials available from the request which is + * attaching the tunnel can be retrieved using getCredentials(). + * + * @author Michael Jumper + */ +public class TunnelAttachEvent implements CredentialEvent, TunnelEvent { + + /** + * The credentials associated with the request that is attaching the + * tunnel, if any. + */ + private Credentials credentials; + + /** + * The tunnel being attached. + */ + private GuacamoleTunnel tunnel; + + @Override + public Credentials getCredentials() { + return credentials; + } + + @Override + public GuacamoleTunnel getTunnel() { + return tunnel; + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelDetachEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelDetachEvent.java new file mode 100644 index 000000000..a66e0a774 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelDetachEvent.java @@ -0,0 +1,37 @@ +package net.sourceforge.guacamole.net.event; + +import net.sourceforge.guacamole.net.GuacamoleTunnel; +import net.sourceforge.guacamole.net.auth.Credentials; + +/** + * An event which is triggered whenever a tunnel is being detached from a + * session. The tunnel being detached can be accessed through getTunnel(), + * and the set of all credentials available from the request which is + * detaching the tunnel can be retrieved using getCredentials(). + * + * @author Michael Jumper + */ +public class TunnelDetachEvent implements CredentialEvent, TunnelEvent { + + /** + * The credentials associated with the request that is detaching the + * tunnel, if any. + */ + private Credentials credentials; + + /** + * The tunnel being detached. + */ + private GuacamoleTunnel tunnel; + + @Override + public Credentials getCredentials() { + return credentials; + } + + @Override + public GuacamoleTunnel getTunnel() { + return tunnel; + } + +} From fc6750da00f0d2b924423aeb63104ffc6da37ec4 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Fri, 23 Mar 2012 12:09:24 -0700 Subject: [PATCH 18/95] Tunnel attach and detach listeners. --- .../event/listener/TunnelAttachListener.java | 26 +++++++++++++++++++ .../event/listener/TunnelDetachListener.java | 26 +++++++++++++++++++ 2 files changed, 52 insertions(+) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelAttachListener.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelDetachListener.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelAttachListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelAttachListener.java new file mode 100644 index 000000000..7936faef3 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelAttachListener.java @@ -0,0 +1,26 @@ +package net.sourceforge.guacamole.net.event.listener; + +import net.sourceforge.guacamole.net.event.TunnelAttachEvent; + +/** + * A listener whose tunnelAttached() hook will fire immediately after a new + * tunnel is attached to a session. + * + * @author Michael Jumper + */ +public interface TunnelAttachListener { + + /** + * Event hook which fires immediately after a new tunnel is attached to a + * session. The return value of this hook dictates whether the tunnel is + * allowed to be attached. + * + * @param e The TunnelAttachEvent describing the tunnel being attached and + * any associated credentials. + * @return true if the tunnel should be allowed to be attached, or false + * if the attempt should be denied, causing the attempt to + * effectively fail. + */ + public boolean tunnelAttached(TunnelAttachEvent e); + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelDetachListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelDetachListener.java new file mode 100644 index 000000000..9eea91f50 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelDetachListener.java @@ -0,0 +1,26 @@ +package net.sourceforge.guacamole.net.event.listener; + +import net.sourceforge.guacamole.net.event.TunnelDetachEvent; + +/** + * A listener whose tunnelDetached() hook will fire immediately after an + * existing tunnel is detached from a session. + * + * @author Michael Jumper + */ +public interface TunnelDetachListener { + + /** + * Event hook which fires immediately after an existing tunnel is detached + * from a session. The return value of this hook dictates whether the + * tunnel is allowed to be detached. + * + * @param e The TunnelDetachEvent describing the tunnel being detached and + * any associated credentials. + * @return true if the tunnel should be allowed to be detached, or false + * if the attempt should be denied, causing the attempt to + * effectively fail. + */ + public boolean tunnelDetached(TunnelDetachEvent e); + +} From 837614800dfd67c67322a00f695d8855bf2f34f5 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Fri, 23 Mar 2012 12:13:54 -0700 Subject: [PATCH 19/95] Allow listeners to throw exceptions from within hooks. --- .../net/event/listener/AuthenticationFailureListener.java | 8 +++++++- .../net/event/listener/AuthenticationSuccessListener.java | 8 +++++++- .../net/event/listener/TunnelAttachListener.java | 7 ++++++- .../net/event/listener/TunnelDetachListener.java | 7 ++++++- 4 files changed, 26 insertions(+), 4 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java index c110144c6..0a2ec03b3 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java @@ -1,5 +1,6 @@ package net.sourceforge.guacamole.net.event.listener; +import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.net.event.AuthenticationFailureEvent; /** @@ -17,7 +18,12 @@ public interface AuthenticationFailureListener { * * @param e The AuthenticationFailureEvent describing the authentication * failure that just occurred. + * @throws GuacamoleException If an error occurs while handling the + * authentication failure event. Note that + * throwing an exception will NOT cause the + * authentication failure to be canceled. */ - public void authenticationFailed(AuthenticationFailureEvent e); + public void authenticationFailed(AuthenticationFailureEvent e) + throws GuacamoleException; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationSuccessListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationSuccessListener.java index f7fea9d56..5422816c8 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationSuccessListener.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationSuccessListener.java @@ -1,5 +1,6 @@ package net.sourceforge.guacamole.net.event.listener; +import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.net.event.AuthenticationSuccessEvent; /** @@ -22,7 +23,12 @@ public interface AuthenticationSuccessListener { * @return true if the successful authentication attempt should be * allowed, or false if the attempt should be denied, causing * the attempt to effectively fail. + * @throws GuacamoleException If an error occurs while handling the + * authentication success event. Throwing an + * exception will also cancel the authentication + * success. */ - public boolean authenticationSucceeded(AuthenticationSuccessEvent e); + public boolean authenticationSucceeded(AuthenticationSuccessEvent e) + throws GuacamoleException; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelAttachListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelAttachListener.java index 7936faef3..e8e6dc7af 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelAttachListener.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelAttachListener.java @@ -1,5 +1,6 @@ package net.sourceforge.guacamole.net.event.listener; +import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.net.event.TunnelAttachEvent; /** @@ -20,7 +21,11 @@ public interface TunnelAttachListener { * @return true if the tunnel should be allowed to be attached, or false * if the attempt should be denied, causing the attempt to * effectively fail. + * @throws GuacamoleException If an error occurs while handling the + * tunnel attach event. Throwing an exception + * will also stop the tunnel from being attached. */ - public boolean tunnelAttached(TunnelAttachEvent e); + public boolean tunnelAttached(TunnelAttachEvent e) + throws GuacamoleException; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelDetachListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelDetachListener.java index 9eea91f50..cc7a84d35 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelDetachListener.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelDetachListener.java @@ -1,5 +1,6 @@ package net.sourceforge.guacamole.net.event.listener; +import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.net.event.TunnelDetachEvent; /** @@ -20,7 +21,11 @@ public interface TunnelDetachListener { * @return true if the tunnel should be allowed to be detached, or false * if the attempt should be denied, causing the attempt to * effectively fail. + * @throws GuacamoleException If an error occurs while handling the + * tunnel detach event. Throwing an exception + * will also stop the tunnel from being detached. */ - public boolean tunnelDetached(TunnelDetachEvent e); + public boolean tunnelDetached(TunnelDetachEvent e) + throws GuacamoleException; } From d831969322fdc5aecf508e1fc8f72bd724257a92 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Fri, 23 Mar 2012 14:04:03 -0700 Subject: [PATCH 20/95] Added missing constructors. --- .../guacamole/net/event/TunnelAttachEvent.java | 13 +++++++++++++ .../guacamole/net/event/TunnelDetachEvent.java | 13 +++++++++++++ 2 files changed, 26 insertions(+) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelAttachEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelAttachEvent.java index c9d8bc17e..3d22c104c 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelAttachEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelAttachEvent.java @@ -24,6 +24,19 @@ public class TunnelAttachEvent implements CredentialEvent, TunnelEvent { */ private GuacamoleTunnel tunnel; + /** + * Creates a new TunnelAttachEvent which represents the attaching of the + * given tunnel via a request associated with the given credentials. + * + * @param credentials The credentials associated with the request + * attaching the tunnel. + * @param tunnel The tunnel being attached. + */ + public TunnelAttachEvent(Credentials credentials, GuacamoleTunnel tunnel) { + this.credentials = credentials; + this.tunnel = tunnel; + } + @Override public Credentials getCredentials() { return credentials; diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelDetachEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelDetachEvent.java index a66e0a774..30d99ddbf 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelDetachEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelDetachEvent.java @@ -24,6 +24,19 @@ public class TunnelDetachEvent implements CredentialEvent, TunnelEvent { */ private GuacamoleTunnel tunnel; + /** + * Creates a new TunnelDetachEvent which represents the detaching of the + * given tunnel via a request associated with the given credentials. + * + * @param credentials The credentials associated with the request + * detaching the tunnel. + * @param tunnel The tunnel being detached. + */ + public TunnelDetachEvent(Credentials credentials, GuacamoleTunnel tunnel) { + this.credentials = credentials; + this.tunnel = tunnel; + } + @Override public Credentials getCredentials() { return credentials; From c2eb0744ac9fa2f081c3652f3b318d4e38d70d88 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Fri, 23 Mar 2012 15:21:44 -0700 Subject: [PATCH 21/95] Monitoring connect/close rather than attach/detach (as attach/detach is too low level, buried within the base HTTP tunnel implementation). --- ...DetachEvent.java => TunnelCloseEvent.java} | 22 +++++++++---------- ...tachEvent.java => TunnelConnectEvent.java} | 22 +++++++++---------- .../event/listener/TunnelAttachListener.java | 6 ++--- .../event/listener/TunnelDetachListener.java | 6 ++--- 4 files changed, 28 insertions(+), 28 deletions(-) rename guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/{TunnelDetachEvent.java => TunnelCloseEvent.java} (51%) rename guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/{TunnelAttachEvent.java => TunnelConnectEvent.java} (51%) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelDetachEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelCloseEvent.java similarity index 51% rename from guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelDetachEvent.java rename to guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelCloseEvent.java index 30d99ddbf..1f0a5b95b 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelDetachEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelCloseEvent.java @@ -4,35 +4,35 @@ import net.sourceforge.guacamole.net.GuacamoleTunnel; import net.sourceforge.guacamole.net.auth.Credentials; /** - * An event which is triggered whenever a tunnel is being detached from a - * session. The tunnel being detached can be accessed through getTunnel(), - * and the set of all credentials available from the request which is - * detaching the tunnel can be retrieved using getCredentials(). + * An event which is triggered whenever a tunnel is being closed. The tunnel + * being closed can be accessed through getTunnel(), and the set of all + * credentials available from the request which is closing the tunnel can be + * retrieved using getCredentials(). * * @author Michael Jumper */ -public class TunnelDetachEvent implements CredentialEvent, TunnelEvent { +public class TunnelCloseEvent implements CredentialEvent, TunnelEvent { /** - * The credentials associated with the request that is detaching the + * The credentials associated with the request that is closing the * tunnel, if any. */ private Credentials credentials; /** - * The tunnel being detached. + * The tunnel being closed. */ private GuacamoleTunnel tunnel; /** - * Creates a new TunnelDetachEvent which represents the detaching of the + * Creates a new TunnelCloseEvent which represents the closing of the * given tunnel via a request associated with the given credentials. * * @param credentials The credentials associated with the request - * detaching the tunnel. - * @param tunnel The tunnel being detached. + * closing the tunnel. + * @param tunnel The tunnel being closed. */ - public TunnelDetachEvent(Credentials credentials, GuacamoleTunnel tunnel) { + public TunnelCloseEvent(Credentials credentials, GuacamoleTunnel tunnel) { this.credentials = credentials; this.tunnel = tunnel; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelAttachEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelConnectEvent.java similarity index 51% rename from guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelAttachEvent.java rename to guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelConnectEvent.java index 3d22c104c..8a52d5df7 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelAttachEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelConnectEvent.java @@ -4,35 +4,35 @@ import net.sourceforge.guacamole.net.GuacamoleTunnel; import net.sourceforge.guacamole.net.auth.Credentials; /** - * An event which is triggered whenever a tunnel is being attached to a - * session. The tunnel being attached can be accessed through getTunnel(), - * and the set of all credentials available from the request which is - * attaching the tunnel can be retrieved using getCredentials(). + * An event which is triggered whenever a tunnel is being connected. The tunnel + * being connected can be accessed through getTunnel(), and the set of all + * credentials available from the request which is connecting the tunnel can be + * retrieved using getCredentials(). * * @author Michael Jumper */ -public class TunnelAttachEvent implements CredentialEvent, TunnelEvent { +public class TunnelConnectEvent implements CredentialEvent, TunnelEvent { /** - * The credentials associated with the request that is attaching the + * The credentials associated with the request that is connecting the * tunnel, if any. */ private Credentials credentials; /** - * The tunnel being attached. + * The tunnel being connected. */ private GuacamoleTunnel tunnel; /** - * Creates a new TunnelAttachEvent which represents the attaching of the + * Creates a new TunnelConnectEvent which represents the connecting of the * given tunnel via a request associated with the given credentials. * * @param credentials The credentials associated with the request - * attaching the tunnel. - * @param tunnel The tunnel being attached. + * connecting the tunnel. + * @param tunnel The tunnel being connected. */ - public TunnelAttachEvent(Credentials credentials, GuacamoleTunnel tunnel) { + public TunnelConnectEvent(Credentials credentials, GuacamoleTunnel tunnel) { this.credentials = credentials; this.tunnel = tunnel; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelAttachListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelAttachListener.java index e8e6dc7af..f15859638 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelAttachListener.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelAttachListener.java @@ -1,7 +1,7 @@ package net.sourceforge.guacamole.net.event.listener; import net.sourceforge.guacamole.GuacamoleException; -import net.sourceforge.guacamole.net.event.TunnelAttachEvent; +import net.sourceforge.guacamole.net.event.TunnelConnectEvent; /** * A listener whose tunnelAttached() hook will fire immediately after a new @@ -16,7 +16,7 @@ public interface TunnelAttachListener { * session. The return value of this hook dictates whether the tunnel is * allowed to be attached. * - * @param e The TunnelAttachEvent describing the tunnel being attached and + * @param e The TunnelConnectEvent describing the tunnel being attached and * any associated credentials. * @return true if the tunnel should be allowed to be attached, or false * if the attempt should be denied, causing the attempt to @@ -25,7 +25,7 @@ public interface TunnelAttachListener { * tunnel attach event. Throwing an exception * will also stop the tunnel from being attached. */ - public boolean tunnelAttached(TunnelAttachEvent e) + public boolean tunnelAttached(TunnelConnectEvent e) throws GuacamoleException; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelDetachListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelDetachListener.java index cc7a84d35..88395841a 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelDetachListener.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelDetachListener.java @@ -1,7 +1,7 @@ package net.sourceforge.guacamole.net.event.listener; import net.sourceforge.guacamole.GuacamoleException; -import net.sourceforge.guacamole.net.event.TunnelDetachEvent; +import net.sourceforge.guacamole.net.event.TunnelCloseEvent; /** * A listener whose tunnelDetached() hook will fire immediately after an @@ -16,7 +16,7 @@ public interface TunnelDetachListener { * from a session. The return value of this hook dictates whether the * tunnel is allowed to be detached. * - * @param e The TunnelDetachEvent describing the tunnel being detached and + * @param e The TunnelCloseEvent describing the tunnel being detached and * any associated credentials. * @return true if the tunnel should be allowed to be detached, or false * if the attempt should be denied, causing the attempt to @@ -25,7 +25,7 @@ public interface TunnelDetachListener { * tunnel detach event. Throwing an exception * will also stop the tunnel from being detached. */ - public boolean tunnelDetached(TunnelDetachEvent e) + public boolean tunnelDetached(TunnelCloseEvent e) throws GuacamoleException; } From 0285fe371ab4a656bb7d7429f15f363435881e05 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Fri, 23 Mar 2012 15:31:03 -0700 Subject: [PATCH 22/95] Rename attach/detach listeners to connect/close. --- ...Listener.java => TunnelCloseListener.java} | 22 +++++++++--------- ...stener.java => TunnelConnectListener.java} | 23 ++++++++++--------- 2 files changed, 23 insertions(+), 22 deletions(-) rename guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/{TunnelDetachListener.java => TunnelCloseListener.java} (56%) rename guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/{TunnelAttachListener.java => TunnelConnectListener.java} (55%) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelDetachListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelCloseListener.java similarity index 56% rename from guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelDetachListener.java rename to guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelCloseListener.java index 88395841a..0eb89703c 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelDetachListener.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelCloseListener.java @@ -4,28 +4,28 @@ import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.net.event.TunnelCloseEvent; /** - * A listener whose tunnelDetached() hook will fire immediately after an - * existing tunnel is detached from a session. + * A listener whose tunnelClosed() hook will fire immediately after an + * existing tunnel is closed. * * @author Michael Jumper */ -public interface TunnelDetachListener { +public interface TunnelCloseListener { /** - * Event hook which fires immediately after an existing tunnel is detached - * from a session. The return value of this hook dictates whether the - * tunnel is allowed to be detached. + * Event hook which fires immediately after an existing tunnel is closed. + * The return value of this hook dictates whether the tunnel is allowed to + * be closed. * - * @param e The TunnelCloseEvent describing the tunnel being detached and + * @param e The TunnelCloseEvent describing the tunnel being closed and * any associated credentials. - * @return true if the tunnel should be allowed to be detached, or false + * @return true if the tunnel should be allowed to be closed, or false * if the attempt should be denied, causing the attempt to * effectively fail. * @throws GuacamoleException If an error occurs while handling the - * tunnel detach event. Throwing an exception - * will also stop the tunnel from being detached. + * tunnel close event. Throwing an exception + * will also stop the tunnel from being closed. */ - public boolean tunnelDetached(TunnelCloseEvent e) + public boolean tunnelClosed(TunnelCloseEvent e) throws GuacamoleException; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelAttachListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelConnectListener.java similarity index 55% rename from guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelAttachListener.java rename to guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelConnectListener.java index f15859638..a59f8f9e5 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelAttachListener.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelConnectListener.java @@ -4,28 +4,29 @@ import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.net.event.TunnelConnectEvent; /** - * A listener whose tunnelAttached() hook will fire immediately after a new - * tunnel is attached to a session. + * A listener whose tunnelConnected() hook will fire immediately after a new + * tunnel is connected. * * @author Michael Jumper */ -public interface TunnelAttachListener { +public interface TunnelConnectListener { /** - * Event hook which fires immediately after a new tunnel is attached to a - * session. The return value of this hook dictates whether the tunnel is - * allowed to be attached. + * Event hook which fires immediately after a new tunnel is connected. + * The return value of this hook dictates whether the tunnel is made visible + * to the session. * - * @param e The TunnelConnectEvent describing the tunnel being attached and + * @param e The TunnelConnectEvent describing the tunnel being connected and * any associated credentials. - * @return true if the tunnel should be allowed to be attached, or false + * @return true if the tunnel should be allowed to be connected, or false * if the attempt should be denied, causing the attempt to * effectively fail. * @throws GuacamoleException If an error occurs while handling the - * tunnel attach event. Throwing an exception - * will also stop the tunnel from being attached. + * tunnel connect event. Throwing an exception + * will also stop the tunnel from being made + * visible to the session. */ - public boolean tunnelAttached(TunnelConnectEvent e) + public boolean tunnelConnected(TunnelConnectEvent e) throws GuacamoleException; } From 8a17e6592e26babb1c02fd2ab4df99e13b559820 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Mon, 26 Mar 2012 12:34:36 -0700 Subject: [PATCH 23/95] Make Credentials as serializable as possible. --- .../net/sourceforge/guacamole/net/auth/Credentials.java | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java index a786a79f5..c296e3452 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java @@ -1,5 +1,6 @@ package net.sourceforge.guacamole.net.auth; +import java.io.Serializable; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; @@ -49,7 +50,9 @@ import javax.servlet.http.HttpSession; * * @author Michael Jumper */ -public class Credentials { +public class Credentials implements Serializable { + + private static final long serialVersionUID = 1L; /** * An arbitrary username. @@ -64,12 +67,12 @@ public class Credentials { /** * The HttpServletRequest carrying additional credentials, if any. */ - private HttpServletRequest request; + private transient HttpServletRequest request; /** * The HttpSession carrying additional credentials, if any. */ - private HttpSession session; + private transient HttpSession session; /** * Returns the password associated with this set of credentials. From 57c5694142d8fca9e898a554b6a7ff5568a18564 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Mon, 26 Mar 2012 18:51:08 -0700 Subject: [PATCH 24/95] Fixed project URL. --- guacamole-ext/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/guacamole-ext/pom.xml b/guacamole-ext/pom.xml index 7e287aa69..a99f0f08e 100644 --- a/guacamole-ext/pom.xml +++ b/guacamole-ext/pom.xml @@ -7,7 +7,7 @@ jar 0.6.0 guacamole-ext - http://guacamole.sourceforge.net/ + http://guac-dev.org/ UTF-8 From 548fe9e008788bb2a075ade4a0d1cf3c22d48ae5 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Fri, 4 May 2012 18:49:39 -0700 Subject: [PATCH 25/95] Updated ChangeLog --- guacamole-ext/ChangeLog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/guacamole-ext/ChangeLog b/guacamole-ext/ChangeLog index 2a7c11190..641ef87f0 100644 --- a/guacamole-ext/ChangeLog +++ b/guacamole-ext/ChangeLog @@ -1,3 +1,9 @@ +2012-05-04 Michael Jumper + + * Renamed to guacamole-ext + * Generic HTTP-based Credentials object + * Added support for listeners and hooks + 2011-12-11 Michael Jumper * Initial release From e911a615bccbb10ce1e51bea8ba89fb3324a99f2 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 9 Aug 2012 11:42:29 -0700 Subject: [PATCH 26/95] Removed trailing whitespace. --- .../guacamole/net/auth/AuthenticationProvider.java | 4 ++-- .../sourceforge/guacamole/net/auth/Credentials.java | 6 +++--- .../net/event/AuthenticationFailureEvent.java | 10 +++++----- .../net/event/AuthenticationSuccessEvent.java | 10 +++++----- .../guacamole/net/event/CredentialEvent.java | 6 +++--- .../guacamole/net/event/TunnelCloseEvent.java | 4 ++-- .../guacamole/net/event/TunnelConnectEvent.java | 6 +++--- .../sourceforge/guacamole/net/event/TunnelEvent.java | 6 +++--- .../event/listener/AuthenticationFailureListener.java | 8 ++++---- .../event/listener/AuthenticationSuccessListener.java | 6 +++--- .../net/event/listener/TunnelCloseListener.java | 6 +++--- .../net/event/listener/TunnelConnectListener.java | 4 ++-- 12 files changed, 38 insertions(+), 38 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java index 9b6e2a28b..82b49baa8 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java @@ -44,7 +44,7 @@ import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; /** * Provides means of retrieving a set of named GuacamoleConfigurations for a * given Credentials object. - * + * * @author Michael Jumper */ public interface AuthenticationProvider { @@ -53,7 +53,7 @@ public interface AuthenticationProvider { * Given an arbitrary credentials object, returns a Map containing all * configurations authorized by those credentials. The keys of this Map * are Strings which uniquely identify each configuration. - * + * * @param credentials The credentials to use to retrieve authorized * configurations. * @return A Map of all configurations authorized by the given credentials, diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java index c296e3452..60d5101c0 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java @@ -44,10 +44,10 @@ import javax.servlet.http.HttpSession; * Simple arbitrary set of credentials, including a username/password pair, * the HttpServletRequest associated with the request for authorization * (if any) and the HttpSession associated with that request. - * + * * This class is used along with AuthenticationProvider to provide arbitrary * HTTP-based authentication for Guacamole. - * + * * @author Michael Jumper */ public class Credentials implements Serializable { @@ -73,7 +73,7 @@ public class Credentials implements Serializable { * The HttpSession carrying additional credentials, if any. */ private transient HttpSession session; - + /** * Returns the password associated with this set of credentials. * @return The password associated with this username/password pair, or diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java index 46cf00a20..c42460e37 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java @@ -6,11 +6,11 @@ import net.sourceforge.guacamole.net.auth.Credentials; * An event which is triggered whenever a user's credentials fail to be * authenticated. The credentials that failed to be authenticated are included * within this event, and can be retrieved using getCredentials(). - * + * * @author Michael Jumper */ public class AuthenticationFailureEvent implements CredentialEvent { - + /** * The credentials which failed authentication */ @@ -19,16 +19,16 @@ public class AuthenticationFailureEvent implements CredentialEvent { /** * Creates a new AuthenticationFailureEvent which represents the failure * to authenticate the given credentials. - * + * * @param credentials The credentials which failed authentication. */ public AuthenticationFailureEvent(Credentials credentials) { this.credentials = credentials; } - + @Override public Credentials getCredentials() { return credentials; } - + } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java index 73e666a62..5b6b1189b 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java @@ -6,11 +6,11 @@ import net.sourceforge.guacamole.net.auth.Credentials; * An event which is triggered whenever a user's credentials pass * authentication. The credentials that passed authentication are included * within this event, and can be retrieved using getCredentials(). - * + * * @author Michael Jumper */ public class AuthenticationSuccessEvent implements CredentialEvent { - + /** * The credentials which passed authentication */ @@ -19,16 +19,16 @@ public class AuthenticationSuccessEvent implements CredentialEvent { /** * Creates a new AuthenticationSuccessEvent which represents a successful * authentication attempt with the given credentials. - * + * * @param credentials The credentials which passed authentication. */ public AuthenticationSuccessEvent(Credentials credentials) { this.credentials = credentials; } - + @Override public Credentials getCredentials() { return credentials; } - + } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/CredentialEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/CredentialEvent.java index 0b5e5a04b..435c164cd 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/CredentialEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/CredentialEvent.java @@ -5,14 +5,14 @@ import net.sourceforge.guacamole.net.auth.Credentials; /** * Abstract basis for events which may have associated user credentials when * triggered. - * + * * @author Michael Jumper */ public interface CredentialEvent { - + /** * Returns the current credentials of the user triggering the event, if any. - * + * * @return The current credentials of the user triggering the event, if * any, or null if no credentials are associated with the event. */ diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelCloseEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelCloseEvent.java index 1f0a5b95b..d89715514 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelCloseEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelCloseEvent.java @@ -8,7 +8,7 @@ import net.sourceforge.guacamole.net.auth.Credentials; * being closed can be accessed through getTunnel(), and the set of all * credentials available from the request which is closing the tunnel can be * retrieved using getCredentials(). - * + * * @author Michael Jumper */ public class TunnelCloseEvent implements CredentialEvent, TunnelEvent { @@ -27,7 +27,7 @@ public class TunnelCloseEvent implements CredentialEvent, TunnelEvent { /** * Creates a new TunnelCloseEvent which represents the closing of the * given tunnel via a request associated with the given credentials. - * + * * @param credentials The credentials associated with the request * closing the tunnel. * @param tunnel The tunnel being closed. diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelConnectEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelConnectEvent.java index 8a52d5df7..b1608111e 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelConnectEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelConnectEvent.java @@ -8,11 +8,11 @@ import net.sourceforge.guacamole.net.auth.Credentials; * being connected can be accessed through getTunnel(), and the set of all * credentials available from the request which is connecting the tunnel can be * retrieved using getCredentials(). - * + * * @author Michael Jumper */ public class TunnelConnectEvent implements CredentialEvent, TunnelEvent { - + /** * The credentials associated with the request that is connecting the * tunnel, if any. @@ -27,7 +27,7 @@ public class TunnelConnectEvent implements CredentialEvent, TunnelEvent { /** * Creates a new TunnelConnectEvent which represents the connecting of the * given tunnel via a request associated with the given credentials. - * + * * @param credentials The credentials associated with the request * connecting the tunnel. * @param tunnel The tunnel being connected. diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelEvent.java index 65cec0648..0d5272854 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelEvent.java @@ -4,14 +4,14 @@ import net.sourceforge.guacamole.net.GuacamoleTunnel; /** * Abstract basis for events associated with tunnels. - * + * * @author Michael Jumper */ public interface TunnelEvent { - + /** * Returns the tunnel associated with this event, if any. - * + * * @return The tunnel associated with this event, if any, or null if no * tunnel is associated with this event. */ diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java index 0a2ec03b3..ed5d759e6 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java @@ -7,15 +7,15 @@ import net.sourceforge.guacamole.net.event.AuthenticationFailureEvent; * A listener whose authenticationFailed() hook will fire immediately * after a user's authentication attempt fails. Note that this hook cannot * be used to cancel the authentication failure. - * + * * @author Michael Jumper */ public interface AuthenticationFailureListener { - + /** * Event hook which fires immediately after a user's authentication attempt * fails. - * + * * @param e The AuthenticationFailureEvent describing the authentication * failure that just occurred. * @throws GuacamoleException If an error occurs while handling the @@ -25,5 +25,5 @@ public interface AuthenticationFailureListener { */ public void authenticationFailed(AuthenticationFailureEvent e) throws GuacamoleException; - + } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationSuccessListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationSuccessListener.java index 5422816c8..b272f4134 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationSuccessListener.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationSuccessListener.java @@ -8,16 +8,16 @@ import net.sourceforge.guacamole.net.event.AuthenticationSuccessEvent; * authentication attempt succeeds. If a user successfully authenticates, * the authenticationSucceeded() hook has the opportunity to cancel the * authentication and force it to fail. - * + * * @author Michael Jumper */ public interface AuthenticationSuccessListener { - + /** * Event hook which fires immediately after a user's authentication attempt * succeeds. The return value of this hook dictates whether the * successful authentication attempt is canceled. - * + * * @param e The AuthenticationFailureEvent describing the authentication * failure that just occurred. * @return true if the successful authentication attempt should be diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelCloseListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelCloseListener.java index 0eb89703c..e008ce89c 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelCloseListener.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelCloseListener.java @@ -6,16 +6,16 @@ import net.sourceforge.guacamole.net.event.TunnelCloseEvent; /** * A listener whose tunnelClosed() hook will fire immediately after an * existing tunnel is closed. - * + * * @author Michael Jumper */ public interface TunnelCloseListener { - + /** * Event hook which fires immediately after an existing tunnel is closed. * The return value of this hook dictates whether the tunnel is allowed to * be closed. - * + * * @param e The TunnelCloseEvent describing the tunnel being closed and * any associated credentials. * @return true if the tunnel should be allowed to be closed, or false diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelConnectListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelConnectListener.java index a59f8f9e5..276687a45 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelConnectListener.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelConnectListener.java @@ -6,7 +6,7 @@ import net.sourceforge.guacamole.net.event.TunnelConnectEvent; /** * A listener whose tunnelConnected() hook will fire immediately after a new * tunnel is connected. - * + * * @author Michael Jumper */ public interface TunnelConnectListener { @@ -15,7 +15,7 @@ public interface TunnelConnectListener { * Event hook which fires immediately after a new tunnel is connected. * The return value of this hook dictates whether the tunnel is made visible * to the session. - * + * * @param e The TunnelConnectEvent describing the tunnel being connected and * any associated credentials. * @return true if the tunnel should be allowed to be connected, or false From 66b222bc5c84fad583bda359690fa40d0eb53663 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 9 Aug 2012 12:45:40 -0700 Subject: [PATCH 27/95] Remove redundant public modifiers. --- .../net/sourceforge/guacamole/net/event/CredentialEvent.java | 2 +- .../java/net/sourceforge/guacamole/net/event/TunnelEvent.java | 2 +- .../net/event/listener/AuthenticationFailureListener.java | 2 +- .../net/event/listener/AuthenticationSuccessListener.java | 2 +- .../guacamole/net/event/listener/TunnelCloseListener.java | 2 +- .../guacamole/net/event/listener/TunnelConnectListener.java | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/CredentialEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/CredentialEvent.java index 435c164cd..e106ab448 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/CredentialEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/CredentialEvent.java @@ -16,6 +16,6 @@ public interface CredentialEvent { * @return The current credentials of the user triggering the event, if * any, or null if no credentials are associated with the event. */ - public Credentials getCredentials(); + Credentials getCredentials(); } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelEvent.java index 0d5272854..e2bc96b1f 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelEvent.java @@ -15,6 +15,6 @@ public interface TunnelEvent { * @return The tunnel associated with this event, if any, or null if no * tunnel is associated with this event. */ - public GuacamoleTunnel getTunnel(); + GuacamoleTunnel getTunnel(); } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java index ed5d759e6..cc00cbfdf 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationFailureListener.java @@ -23,7 +23,7 @@ public interface AuthenticationFailureListener { * throwing an exception will NOT cause the * authentication failure to be canceled. */ - public void authenticationFailed(AuthenticationFailureEvent e) + void authenticationFailed(AuthenticationFailureEvent e) throws GuacamoleException; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationSuccessListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationSuccessListener.java index b272f4134..342200635 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationSuccessListener.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/AuthenticationSuccessListener.java @@ -28,7 +28,7 @@ public interface AuthenticationSuccessListener { * exception will also cancel the authentication * success. */ - public boolean authenticationSucceeded(AuthenticationSuccessEvent e) + boolean authenticationSucceeded(AuthenticationSuccessEvent e) throws GuacamoleException; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelCloseListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelCloseListener.java index e008ce89c..c80e98473 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelCloseListener.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelCloseListener.java @@ -25,7 +25,7 @@ public interface TunnelCloseListener { * tunnel close event. Throwing an exception * will also stop the tunnel from being closed. */ - public boolean tunnelClosed(TunnelCloseEvent e) + boolean tunnelClosed(TunnelCloseEvent e) throws GuacamoleException; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelConnectListener.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelConnectListener.java index 276687a45..3eaa0eebc 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelConnectListener.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/TunnelConnectListener.java @@ -26,7 +26,7 @@ public interface TunnelConnectListener { * will also stop the tunnel from being made * visible to the session. */ - public boolean tunnelConnected(TunnelConnectEvent e) + boolean tunnelConnected(TunnelConnectEvent e) throws GuacamoleException; } From 5ab65225ef3a617a84695411bc5ad028ed829c7f Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 9 Aug 2012 12:51:10 -0700 Subject: [PATCH 28/95] Remove redundant public modified missed in last pass. --- .../sourceforge/guacamole/net/auth/AuthenticationProvider.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java index 82b49baa8..3a47309b5 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java @@ -61,7 +61,7 @@ public interface AuthenticationProvider { * @throws GuacamoleException If an error occurs while retrieving * configurations. */ - public Map + Map getAuthorizedConfigurations(Credentials credentials) throws GuacamoleException; From 545c525361c382d9dcba84f1336205f5062ae684 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 9 Aug 2012 14:09:52 -0700 Subject: [PATCH 29/95] Make method parameters final where it makes sense. --- .../net/sourceforge/guacamole/net/auth/Credentials.java | 8 ++++---- .../guacamole/net/event/AuthenticationFailureEvent.java | 2 +- .../guacamole/net/event/AuthenticationSuccessEvent.java | 2 +- .../sourceforge/guacamole/net/event/TunnelCloseEvent.java | 4 +++- .../guacamole/net/event/TunnelConnectEvent.java | 4 +++- 5 files changed, 12 insertions(+), 8 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java index 60d5101c0..60fc63d36 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java @@ -88,7 +88,7 @@ public class Credentials implements Serializable { * @param password The password to associate with this username/password * pair. */ - public void setPassword(String password) { + public void setPassword(final String password) { this.password = password; } @@ -106,7 +106,7 @@ public class Credentials implements Serializable { * @param username The username to associate with this username/password * pair. */ - public void setUsername(String username) { + public void setUsername(final String username) { this.username = username; } @@ -124,7 +124,7 @@ public class Credentials implements Serializable { * @param request The HttpServletRequest to associated with this set of * credentials. */ - public void setRequest(HttpServletRequest request) { + public void setRequest(final HttpServletRequest request) { this.request = request; } @@ -142,7 +142,7 @@ public class Credentials implements Serializable { * @param session The HttpSession to associated with this set of * credentials. */ - public void setSession(HttpSession session) { + public void setSession(final HttpSession session) { this.session = session; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java index c42460e37..b68910045 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java @@ -22,7 +22,7 @@ public class AuthenticationFailureEvent implements CredentialEvent { * * @param credentials The credentials which failed authentication. */ - public AuthenticationFailureEvent(Credentials credentials) { + public AuthenticationFailureEvent(final Credentials credentials) { this.credentials = credentials; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java index 5b6b1189b..3bb0ded56 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java @@ -22,7 +22,7 @@ public class AuthenticationSuccessEvent implements CredentialEvent { * * @param credentials The credentials which passed authentication. */ - public AuthenticationSuccessEvent(Credentials credentials) { + public AuthenticationSuccessEvent(final Credentials credentials) { this.credentials = credentials; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelCloseEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelCloseEvent.java index d89715514..21ea6c0c0 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelCloseEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelCloseEvent.java @@ -32,7 +32,9 @@ public class TunnelCloseEvent implements CredentialEvent, TunnelEvent { * closing the tunnel. * @param tunnel The tunnel being closed. */ - public TunnelCloseEvent(Credentials credentials, GuacamoleTunnel tunnel) { + public TunnelCloseEvent(final Credentials credentials, + final GuacamoleTunnel tunnel) { + this.credentials = credentials; this.tunnel = tunnel; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelConnectEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelConnectEvent.java index b1608111e..7565ca808 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelConnectEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelConnectEvent.java @@ -32,7 +32,9 @@ public class TunnelConnectEvent implements CredentialEvent, TunnelEvent { * connecting the tunnel. * @param tunnel The tunnel being connected. */ - public TunnelConnectEvent(Credentials credentials, GuacamoleTunnel tunnel) { + public TunnelConnectEvent(final Credentials credentials, + final GuacamoleTunnel tunnel) { + this.credentials = credentials; this.tunnel = tunnel; } From 720a78b17451df1bbd0355db35266aa6c54913d6 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 9 Aug 2012 14:18:46 -0700 Subject: [PATCH 30/95] Add package-info.java for all packages. --- .../sourceforge/guacamole/net/auth/package-info.java | 7 +++++++ .../sourceforge/guacamole/net/event/package-info.java | 10 ++++++++++ 2 files changed, 17 insertions(+) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/package-info.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/package-info.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/package-info.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/package-info.java new file mode 100644 index 000000000..5c42c725a --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/package-info.java @@ -0,0 +1,7 @@ + +/** + * Provides classes which can be used to extend or replace the authentication + * functionality of the Guacamole web application. + */ +package net.sourceforge.guacamole.net.auth; + diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/package-info.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/package-info.java new file mode 100644 index 000000000..bf8c3e8a5 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/package-info.java @@ -0,0 +1,10 @@ + +/** + * Provides classes for hooking into various events that take place as + * users log into and use the Guacamole web application. These event + * hooks can be used to take action upon occurence of an event and, + * in some cases, prevent the web application from allowing the + * event to continue for the user that triggered it. + */ +package net.sourceforge.guacamole.net.event; + From 96ad89486f04c9767dbbba0c1b893d49fb8c78f3 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 9 Aug 2012 14:36:14 -0700 Subject: [PATCH 31/95] Add missing periods. --- .../guacamole/net/event/AuthenticationFailureEvent.java | 2 +- .../guacamole/net/event/AuthenticationSuccessEvent.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java index b68910045..d6bfcd298 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java @@ -12,7 +12,7 @@ import net.sourceforge.guacamole.net.auth.Credentials; public class AuthenticationFailureEvent implements CredentialEvent { /** - * The credentials which failed authentication + * The credentials which failed authentication. */ private Credentials credentials; diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java index 3bb0ded56..de9e75556 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java @@ -12,7 +12,7 @@ import net.sourceforge.guacamole.net.auth.Credentials; public class AuthenticationSuccessEvent implements CredentialEvent { /** - * The credentials which passed authentication + * The credentials which passed authentication. */ private Credentials credentials; From 591dc39ba3b20f3ef4b77957266668ec4e93e34d Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 9 Aug 2012 14:40:05 -0700 Subject: [PATCH 32/95] Added missing package-info.java, fixed other. --- .../guacamole/net/event/listener/package-info.java | 10 ++++++++++ .../sourceforge/guacamole/net/event/package-info.java | 11 ++++++----- 2 files changed, 16 insertions(+), 5 deletions(-) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/package-info.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/package-info.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/package-info.java new file mode 100644 index 000000000..bf8c3e8a5 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/package-info.java @@ -0,0 +1,10 @@ + +/** + * Provides classes for hooking into various events that take place as + * users log into and use the Guacamole web application. These event + * hooks can be used to take action upon occurence of an event and, + * in some cases, prevent the web application from allowing the + * event to continue for the user that triggered it. + */ +package net.sourceforge.guacamole.net.event; + diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/package-info.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/package-info.java index bf8c3e8a5..c5bd8683e 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/package-info.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/package-info.java @@ -1,10 +1,11 @@ /** - * Provides classes for hooking into various events that take place as - * users log into and use the Guacamole web application. These event - * hooks can be used to take action upon occurence of an event and, - * in some cases, prevent the web application from allowing the - * event to continue for the user that triggered it. + * Provides classes for storing information about events that are + * triggered when users log into and use the Guacamole web application. + * These event classes are most useful when used with hooks implemented + * using listener classes. + * + * @see net.sourceforge.guacamole.net.event.listener */ package net.sourceforge.guacamole.net.event; From 7d66740a96a0993745591fdf3631f327cca05d18 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 9 Aug 2012 14:42:57 -0700 Subject: [PATCH 33/95] Add missing JavaDoc. --- .../java/net/sourceforge/guacamole/net/auth/Credentials.java | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java index 60fc63d36..1d0f3bf70 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java @@ -52,6 +52,11 @@ import javax.servlet.http.HttpSession; */ public class Credentials implements Serializable { + /** + * The version number of this class, used during serialization. + * + * @see Serializable + */ private static final long serialVersionUID = 1L; /** From c9876cc16e9e145d1f005980343aa886ba9c83b4 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 9 Aug 2012 20:57:40 -0700 Subject: [PATCH 34/95] Revert moderately silly changes. --- .../sourceforge/guacamole/net/auth/Credentials.java | 13 ++++--------- .../net/event/AuthenticationFailureEvent.java | 2 +- .../net/event/AuthenticationSuccessEvent.java | 2 +- .../guacamole/net/event/TunnelCloseEvent.java | 4 +--- .../guacamole/net/event/TunnelConnectEvent.java | 4 +--- 5 files changed, 8 insertions(+), 17 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java index 1d0f3bf70..60d5101c0 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java @@ -52,11 +52,6 @@ import javax.servlet.http.HttpSession; */ public class Credentials implements Serializable { - /** - * The version number of this class, used during serialization. - * - * @see Serializable - */ private static final long serialVersionUID = 1L; /** @@ -93,7 +88,7 @@ public class Credentials implements Serializable { * @param password The password to associate with this username/password * pair. */ - public void setPassword(final String password) { + public void setPassword(String password) { this.password = password; } @@ -111,7 +106,7 @@ public class Credentials implements Serializable { * @param username The username to associate with this username/password * pair. */ - public void setUsername(final String username) { + public void setUsername(String username) { this.username = username; } @@ -129,7 +124,7 @@ public class Credentials implements Serializable { * @param request The HttpServletRequest to associated with this set of * credentials. */ - public void setRequest(final HttpServletRequest request) { + public void setRequest(HttpServletRequest request) { this.request = request; } @@ -147,7 +142,7 @@ public class Credentials implements Serializable { * @param session The HttpSession to associated with this set of * credentials. */ - public void setSession(final HttpSession session) { + public void setSession(HttpSession session) { this.session = session; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java index d6bfcd298..6ce8b5c3a 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationFailureEvent.java @@ -22,7 +22,7 @@ public class AuthenticationFailureEvent implements CredentialEvent { * * @param credentials The credentials which failed authentication. */ - public AuthenticationFailureEvent(final Credentials credentials) { + public AuthenticationFailureEvent(Credentials credentials) { this.credentials = credentials; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java index de9e75556..80986fd6c 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/AuthenticationSuccessEvent.java @@ -22,7 +22,7 @@ public class AuthenticationSuccessEvent implements CredentialEvent { * * @param credentials The credentials which passed authentication. */ - public AuthenticationSuccessEvent(final Credentials credentials) { + public AuthenticationSuccessEvent(Credentials credentials) { this.credentials = credentials; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelCloseEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelCloseEvent.java index 21ea6c0c0..d89715514 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelCloseEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelCloseEvent.java @@ -32,9 +32,7 @@ public class TunnelCloseEvent implements CredentialEvent, TunnelEvent { * closing the tunnel. * @param tunnel The tunnel being closed. */ - public TunnelCloseEvent(final Credentials credentials, - final GuacamoleTunnel tunnel) { - + public TunnelCloseEvent(Credentials credentials, GuacamoleTunnel tunnel) { this.credentials = credentials; this.tunnel = tunnel; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelConnectEvent.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelConnectEvent.java index 7565ca808..b1608111e 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelConnectEvent.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/TunnelConnectEvent.java @@ -32,9 +32,7 @@ public class TunnelConnectEvent implements CredentialEvent, TunnelEvent { * connecting the tunnel. * @param tunnel The tunnel being connected. */ - public TunnelConnectEvent(final Credentials credentials, - final GuacamoleTunnel tunnel) { - + public TunnelConnectEvent(Credentials credentials, GuacamoleTunnel tunnel) { this.credentials = credentials; this.tunnel = tunnel; } From 5fef7cda4c2f5d37e94f3cf70974866bc9f04bd1 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sat, 11 Aug 2012 14:03:39 -0700 Subject: [PATCH 35/95] Updated changelog --- guacamole-ext/ChangeLog | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/guacamole-ext/ChangeLog b/guacamole-ext/ChangeLog index 641ef87f0..c4cc3c061 100644 --- a/guacamole-ext/ChangeLog +++ b/guacamole-ext/ChangeLog @@ -1,3 +1,7 @@ +2012-08-11 Michael Jumper + + * Improved documentation + 2012-05-04 Michael Jumper * Renamed to guacamole-ext From ad73864f1be7cb246215b7929bf81b7a3b6bb990 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Mon, 13 Aug 2012 09:59:18 -0700 Subject: [PATCH 36/95] Depend on same version of guacamole-common as guacamole. --- guacamole-ext/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/guacamole-ext/pom.xml b/guacamole-ext/pom.xml index a99f0f08e..9bf749499 100644 --- a/guacamole-ext/pom.xml +++ b/guacamole-ext/pom.xml @@ -43,7 +43,7 @@ net.sourceforge.guacamole guacamole-common - 0.6.0 + 0.6.1 compile From 650ae27d1956570dc83c0f7827e720bbf38dc30d Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Mon, 13 Aug 2012 09:59:36 -0700 Subject: [PATCH 37/95] Bump version number. --- guacamole-ext/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/guacamole-ext/pom.xml b/guacamole-ext/pom.xml index 9bf749499..fadd12442 100644 --- a/guacamole-ext/pom.xml +++ b/guacamole-ext/pom.xml @@ -5,7 +5,7 @@ net.sourceforge.guacamole guacamole-ext jar - 0.6.0 + 0.6.1 guacamole-ext http://guac-dev.org/ From 8b172d4af5f801b936fceeec58acd49233ababd2 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Mon, 15 Oct 2012 10:49:57 -0700 Subject: [PATCH 38/95] Updated guacamole-common. --- guacamole-ext/ChangeLog | 4 ++++ guacamole-ext/pom.xml | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/guacamole-ext/ChangeLog b/guacamole-ext/ChangeLog index c4cc3c061..53960bae3 100644 --- a/guacamole-ext/ChangeLog +++ b/guacamole-ext/ChangeLog @@ -1,3 +1,7 @@ +2012-10-15 Michael Jumper + + * Updated to latest guacamole-common + 2012-08-11 Michael Jumper * Improved documentation diff --git a/guacamole-ext/pom.xml b/guacamole-ext/pom.xml index fadd12442..202277e10 100644 --- a/guacamole-ext/pom.xml +++ b/guacamole-ext/pom.xml @@ -5,7 +5,7 @@ net.sourceforge.guacamole guacamole-ext jar - 0.6.1 + 0.6.2 guacamole-ext http://guac-dev.org/ @@ -43,7 +43,7 @@ net.sourceforge.guacamole guacamole-common - 0.6.1 + 0.6.2 compile From d13014a481f172845c980e98547bfd0d6a05705d Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Tue, 23 Oct 2012 00:48:30 -0700 Subject: [PATCH 39/95] Bump version. --- guacamole-ext/pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/guacamole-ext/pom.xml b/guacamole-ext/pom.xml index 202277e10..d02b2c908 100644 --- a/guacamole-ext/pom.xml +++ b/guacamole-ext/pom.xml @@ -5,7 +5,7 @@ net.sourceforge.guacamole guacamole-ext jar - 0.6.2 + 0.7.0 guacamole-ext http://guac-dev.org/ @@ -43,7 +43,7 @@ net.sourceforge.guacamole guacamole-common - 0.6.2 + 0.7.0 compile From 6d64a3e1615538f21b20cbff6cc019960f3af7e5 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sat, 26 Jan 2013 14:09:16 -0800 Subject: [PATCH 40/95] Add CRUD operations for GuacacmoleConfigurations (#266), bump version to 0.8.0. --- guacamole-ext/pom.xml | 2 +- .../net/auth/AuthenticationProvider.java | 61 +++++++++++++++++-- 2 files changed, 56 insertions(+), 7 deletions(-) diff --git a/guacamole-ext/pom.xml b/guacamole-ext/pom.xml index d02b2c908..f6287c45e 100644 --- a/guacamole-ext/pom.xml +++ b/guacamole-ext/pom.xml @@ -5,7 +5,7 @@ net.sourceforge.guacamole guacamole-ext jar - 0.7.0 + 0.8.0 guacamole-ext http://guac-dev.org/ diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java index 3a47309b5..935d3f2ce 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java @@ -42,17 +42,18 @@ import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; /** - * Provides means of retrieving a set of named GuacamoleConfigurations for a - * given Credentials object. + * Provides means of accessing and managing the available + * GuacamoleConfiguration objects and User objects. Access to each configuration + * and each user is limited by a given Credentials object. * * @author Michael Jumper */ public interface AuthenticationProvider { /** - * Given an arbitrary credentials object, returns a Map containing all - * configurations authorized by those credentials. The keys of this Map - * are Strings which uniquely identify each configuration. + * Given an arbitrary Credentials object, returns a Map containing all + * GuacamoleConfigurations authorized by those credentials. The keys of + * this Map are Strings which uniquely identify each configuration. * * @param credentials The credentials to use to retrieve authorized * configurations. @@ -62,7 +63,55 @@ public interface AuthenticationProvider { * configurations. */ Map - getAuthorizedConfigurations(Credentials credentials) + getConfigurations(Credentials credentials) throws GuacamoleException; + /** + * Adds the given GuacamoleConfiguration to the overall set of available + * GuacamoleConfigurations, using the given unique identifier and + * credentials. + * + * @param credentials The credentials to use when adding the given + * configuration. + * @param identifier The identifier to assign to the configuration. + * @param config The configuration to add. + * @throws GuacamoleException If an error occurs while adding the + * configuration, or if adding the configuration + * is not allowed. + */ + void addConfiguration(Credentials credentials, String identifier, + GuacamoleConfiguration config) throws GuacamoleException; + + /** + * Updates the GuacamoleConfiguration having the given unique identifier + * with the data contained in the given GuacamoleConfiguration, using the + * given credentials. + * + * @param credentials The credentials to use when updating the configuration + * having the given identifier. + * @param identifier The identifier to use when locating the configuration + * to update. + * @param config The configuration to use when updating the stored + * configuration. + * @throws GuacamoleException If an error occurs while updating the + * configuration, or if updating the + * configuration is not allowed. + */ + void updateConfiguration(Credentials credentials, String identifier, + GuacamoleConfiguration config) throws GuacamoleException; + + /** + * Removes the GuacamoleConfiguration having the given unique identifier, + * using the given credentials. + * + * @param credentials The credentials to use when removing the configuration + * having the given identifier. + * @param identifier The identifier of the configuration to remove. + * @throws GuacamoleException If an error occurs while removing the + * configuration, or if removing the + * configuration is not allowed. + */ + void removeConfiguration(Credentials credentials, String identifier) + throws GuacamoleException; + } From ef342e910098c3ad707cda85504a09745d4d9b26 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sat, 26 Jan 2013 17:05:35 -0800 Subject: [PATCH 41/95] Add interface for restricting arbitrary objects on a per-user basis (#266, #267). --- .../guacamole/net/auth/Restrictable.java | 116 ++++++++++++++++++ .../guacamole/net/auth/RestrictedObject.java | 112 +++++++++++++++++ 2 files changed, 228 insertions(+) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Restrictable.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/RestrictedObject.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Restrictable.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Restrictable.java new file mode 100644 index 000000000..05c211884 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Restrictable.java @@ -0,0 +1,116 @@ + +package net.sourceforge.guacamole.net.auth; + +import net.sourceforge.guacamole.GuacamoleException; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-auth. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + + +/** + * Interface which allows restricted objects to expose their restrictions. + * + * @author Michael Jumper + */ +public interface Restrictable { + + /** + * All possible permissions for a restricted object. + */ + public enum Permission { + + /** + * Access to read properties of the restricted object. + */ + READ, + + /** + * Access to write properties of the restricted object. + */ + WRITE, + + /** + * Access to change permissions of the restricted object. + */ + ADMINISTER + + } + + /** + * Checks whether the given user has the given permission on this object. + * Depending on the credentials given, access to reading permissions may + * be denied. + * + * @param credentials The credentials to use when reading permissions. + * @param user The user to read the permissions for. + * @param permission The permission to check. + * @return true if the user has the given permission, false otherwise. + * @throws GuacamoleException If an error occurs while reading the + * permissions, such as permission being denied. + */ + public boolean hasPermission(Credentials credentials, + User user, Permission permission) throws GuacamoleException; + + + /** + * Adds the given permission to the given user for this object. Depending + * on the credentials given, access to administering permissions may be + * denied. + * + * @param credentials The credentials to use when adding permissions. + * @param user The user to add the permission for. + * @param permission The permission to add. + * @throws GuacamoleException If an error occurs while adding the + * permission, such as permission being denied. + */ + public void addPermission(Credentials credentials, + User user, Permission permission) throws GuacamoleException; + + /** + * Removes the given permission from the given user for this object. + * Depending on the credentials given, access to administering permissions + * may be denied. + * + * @param credentials The credentials to use when removing permissions. + * @param user The user to remove the permission from. + * @param permission The permission to add. + * @throws GuacamoleException If an error occurs while removing the + * permission, such as permission being denied. + */ + public void removePermission(Credentials credentials, + User user, Permission permission) throws GuacamoleException; + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/RestrictedObject.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/RestrictedObject.java new file mode 100644 index 000000000..b556fcb1d --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/RestrictedObject.java @@ -0,0 +1,112 @@ + +package net.sourceforge.guacamole.net.auth; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-auth. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import java.util.EnumSet; +import java.util.HashMap; +import java.util.Map; +import net.sourceforge.guacamole.GuacamoleException; + + +/** + * A basic object providing permissions access and storage. + * + * @author Michael Jumper + */ +public abstract class RestrictedObject implements Restrictable { + + /** + * Map of all user permissions. + */ + private Map> permissions = + new HashMap>(); + + + @Override + public boolean hasPermission(Credentials credentials, + User user, Permission permission) throws GuacamoleException { + + // Get permissions set, if any + EnumSet userPermissions = + permissions.get(user); + + // If permission set exists for this user, just test whether permission + // set contains the requested permission. + if (userPermissions != null) + return userPermissions.contains(permission); + + // Default to no permission + return false; + + } + + @Override + public void addPermission(Credentials credentials, + User user, Permission permission) throws GuacamoleException { + + // Get permissions set, if any + EnumSet userPermissions = + permissions.get(user); + + // If set does not exist, create it + if (userPermissions == null) { + userPermissions = EnumSet.of(permission); + permissions.put(user, userPermissions); + } + + // Otherwise, just add permission + else + userPermissions.add(permission); + + } + + @Override + public void removePermission(Credentials credentials, + User user, Permission permission) throws GuacamoleException { + + // Get permissions set, if any + EnumSet userPermissions = + permissions.get(user); + + // Remove permission + if (userPermissions != null) + userPermissions.remove(permission); + + } + +} From 34dd92cae6a0e677596f9d2b93f201678ca338fd Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sat, 26 Jan 2013 17:15:55 -0800 Subject: [PATCH 42/95] Fix placement of import. --- .../java/net/sourceforge/guacamole/net/auth/Restrictable.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Restrictable.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Restrictable.java index 05c211884..6d89418bf 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Restrictable.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Restrictable.java @@ -1,8 +1,6 @@ package net.sourceforge.guacamole.net.auth; -import net.sourceforge.guacamole.GuacamoleException; - /* ***** BEGIN LICENSE BLOCK ***** * Version: MPL 1.1/GPL 2.0/LGPL 2.1 * @@ -39,6 +37,8 @@ import net.sourceforge.guacamole.GuacamoleException; * * ***** END LICENSE BLOCK ***** */ +import net.sourceforge.guacamole.GuacamoleException; + /** * Interface which allows restricted objects to expose their restrictions. From 6b4156ccf0d7690c8bc139ad56cd290a91570206 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sat, 26 Jan 2013 21:01:46 -0800 Subject: [PATCH 43/95] Add User and AbstractUser clases for managing users (#267). --- .../guacamole/net/auth/AbstractUser.java | 132 ++++++++++++++++++ .../sourceforge/guacamole/net/auth/User.java | 85 +++++++++++ 2 files changed, 217 insertions(+) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java new file mode 100644 index 000000000..4037672c0 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java @@ -0,0 +1,132 @@ + +package net.sourceforge.guacamole.net.auth; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-auth. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import net.sourceforge.guacamole.GuacamoleException; + + +/** + * Basic implementation of a Guacamole user which uses the username to + * determine equality. Username comparison is case-sensitive. + * + * @author Michael Jumper + */ +public class AbstractUser extends RestrictedObject + implements User, Comparable { + + /** + * The name of this user. + */ + private String username; + + /** + * This user's password. Note that while this provides a means for the + * password to be set, the data stored in this String is not necessarily + * the user's actual password. It may be hashed, it may be arbitrary. + */ + private String password; + + @Override + public String getUsername() throws GuacamoleException { + return username; + } + + @Override + public void setUsername(String username) throws GuacamoleException { + this.username = username; + } + + @Override + public String getPassword() throws GuacamoleException { + return password; + } + + @Override + public void setPassword(String password) throws GuacamoleException { + this.password = password; + } + + + @Override + public int hashCode() { + if (username == null) return 0; + return username.hashCode(); + } + + @Override + public boolean equals(Object obj) { + + // Not equal if null or not a User + if (obj == null) return false; + if (!(obj instanceof AbstractUser)) return false; + + // Get username + String objUsername = ((AbstractUser) obj).username; + + // If null, equal only if this username is null + if (objUsername == null) return username == null; + + // Otherwise, equal only if strings are identical + return objUsername.equals(username); + + } + + @Override + public int compareTo(AbstractUser user) { + + // Having a username is greater than lack of a username + if (user.username == null) { + + // If both null, then equal + if (username == null) + return 0; + + return 1; + + } + + // Lacking a username is less than having a username + if (username == null) + return -1; + + // Otherwise, compare strings + return username.compareTo(user.username); + + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java new file mode 100644 index 000000000..0076f9e6f --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java @@ -0,0 +1,85 @@ + +package net.sourceforge.guacamole.net.auth; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-auth. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import net.sourceforge.guacamole.GuacamoleException; + + +/** + * A user of the Guacamole web application. + * + * @author Michael Jumper + */ +public interface User extends Restrictable { + + /** + * Returns the name of this user, which must be unique across all users. + * + * @return The name of this user. + * @throws GuacamoleException If an error occurs retrieving the username. + */ + public String getUsername() throws GuacamoleException; + + /** + * Sets the name of this user, which must be unique across all users. + * + * @param username The name of this user. + * @throws GuacamoleException If an error occurs setting the username. + */ + public void setUsername(String username) throws GuacamoleException; + + /** + * Returns this user's password. Note that the password returned may be + * hashed or completely arbitrary. + * + * @return A String which may (or may not) be the user's password. + * @throws GuacamoleException If an error occurs retrieving the password. + */ + public String getPassword() throws GuacamoleException; + + /** + * Sets this user's password. Note that while this function is guaranteed + * to change the password of this User object, there is no guarantee that + * getPassword() will return the value given to setPassword(). + * + * @param password The password to set. + * @throws GuacamoleException If an error occurs setting the password. + */ + public void setPassword(String password) throws GuacamoleException; + +} From d8c8b2d4230ebee8c2dbc71269e1fdc8c96f7b22 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sat, 26 Jan 2013 22:04:55 -0800 Subject: [PATCH 44/95] Add User CRUD operations to AuthenticationProvider. Add mechanism for converting Credentials into a User (#267). --- .../net/auth/AuthenticationProvider.java | 65 ++++++++++++++++++- 1 file changed, 64 insertions(+), 1 deletion(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java index 935d3f2ce..38f2bf692 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java @@ -38,6 +38,7 @@ package net.sourceforge.guacamole.net.auth; * ***** END LICENSE BLOCK ***** */ import java.util.Map; +import java.util.Set; import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; @@ -50,9 +51,23 @@ import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; */ public interface AuthenticationProvider { + /** + * Converts the given Credentials to a corresponding User, which need not + * actually exist. + * + * @param ownCredentials The credentials to use to authorize the conversion. + * @param credentials The credentials to convert. + * @return A User which corresponds to the given Credentials. + * @throws GuacamoleException If an error occurs converting the Credentials + * into a User, or if such conversion is not + * allowed. + */ + User toUser(Credentials ownCredentials, Credentials credentials) + throws GuacamoleException; + /** * Given an arbitrary Credentials object, returns a Map containing all - * GuacamoleConfigurations authorized by those credentials. The keys of + * GuacamoleConfigurations visible with those credentials. The keys of * this Map are Strings which uniquely identify each configuration. * * @param credentials The credentials to use to retrieve authorized @@ -113,5 +128,53 @@ public interface AuthenticationProvider { */ void removeConfiguration(Credentials credentials, String identifier) throws GuacamoleException; + + /** + * Given an arbitrary Credentials object, returns a Set containing all + * Users visible with those credentials. + * + * @param credentials The credentials to use to retrieve users. + * @return A Set of all users visible with the given credentials, + * or null if the credentials given are not authorized. + * @throws GuacamoleException If an error occurs while retrieving + * users. + */ + Set getUsers(Credentials credentials) throws GuacamoleException; + + /** + * Adds the given User to the overall set of available Users, using the + * given credentials. + * + * @param credentials The credentials to use when adding the given + * user. + * @param user The user to add. + * @throws GuacamoleException If an error occurs while adding the user, or + * if adding the user is not allowed. + */ + void addUser(Credentials credentials, User user) + throws GuacamoleException; + + /** + * Updates the User with the data contained in the given User, using the + * given credentials. The user to update is identified using the username + * of the User given. + * + * @param credentials The credentials to use when updating the user. + * @param user The user to use when updating the stored user. + * @throws GuacamoleException If an error occurs while updating the user, + * or if updating the user is not allowed. + */ + void updateUser(Credentials credentials, User user) + throws GuacamoleException; + + /** + * Removes the User using the given credentials. + * + * @param credentials The credentials to use when removing the user. + * @throws GuacamoleException If an error occurs while removing the user, + * or if removing user is not allowed. + */ + void removeUser(Credentials credentials, User user) + throws GuacamoleException; } From 003dc28511701c366173bce07011c7c0619579f7 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sat, 26 Jan 2013 23:20:31 -0800 Subject: [PATCH 45/95] Refactor CRUD operations of AuthenticationProvider into Environment (produced via Credentials). --- .../net/auth/AuthenticationProvider.java | 135 ++------------ .../guacamole/net/auth/Environment.java | 166 ++++++++++++++++++ 2 files changed, 176 insertions(+), 125 deletions(-) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Environment.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java index 38f2bf692..599410a29 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java @@ -37,10 +37,8 @@ package net.sourceforge.guacamole.net.auth; * * ***** END LICENSE BLOCK ***** */ -import java.util.Map; -import java.util.Set; import net.sourceforge.guacamole.GuacamoleException; -import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; + /** * Provides means of accessing and managing the available @@ -52,129 +50,16 @@ import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; public interface AuthenticationProvider { /** - * Converts the given Credentials to a corresponding User, which need not - * actually exist. + * Returns the Environment authorized by the given credentials, or null if + * the given credentials are not authorized. * - * @param ownCredentials The credentials to use to authorize the conversion. - * @param credentials The credentials to convert. - * @return A User which corresponds to the given Credentials. - * @throws GuacamoleException If an error occurs converting the Credentials - * into a User, or if such conversion is not - * allowed. + * @param credentials The credentials to use to retrieve the environment. + * @return An Environment containing all Users and GuacamoleConfigurations + * the credentials provide access to. + * @throws GuacamoleException If an error occurs while creating the + * Environment. */ - User toUser(Credentials ownCredentials, Credentials credentials) + Environment getAuthorizedEnvironment(Credentials credentials) throws GuacamoleException; - - /** - * Given an arbitrary Credentials object, returns a Map containing all - * GuacamoleConfigurations visible with those credentials. The keys of - * this Map are Strings which uniquely identify each configuration. - * - * @param credentials The credentials to use to retrieve authorized - * configurations. - * @return A Map of all configurations authorized by the given credentials, - * or null if the credentials given are not authorized. - * @throws GuacamoleException If an error occurs while retrieving - * configurations. - */ - Map - getConfigurations(Credentials credentials) - throws GuacamoleException; - - /** - * Adds the given GuacamoleConfiguration to the overall set of available - * GuacamoleConfigurations, using the given unique identifier and - * credentials. - * - * @param credentials The credentials to use when adding the given - * configuration. - * @param identifier The identifier to assign to the configuration. - * @param config The configuration to add. - * @throws GuacamoleException If an error occurs while adding the - * configuration, or if adding the configuration - * is not allowed. - */ - void addConfiguration(Credentials credentials, String identifier, - GuacamoleConfiguration config) throws GuacamoleException; - - /** - * Updates the GuacamoleConfiguration having the given unique identifier - * with the data contained in the given GuacamoleConfiguration, using the - * given credentials. - * - * @param credentials The credentials to use when updating the configuration - * having the given identifier. - * @param identifier The identifier to use when locating the configuration - * to update. - * @param config The configuration to use when updating the stored - * configuration. - * @throws GuacamoleException If an error occurs while updating the - * configuration, or if updating the - * configuration is not allowed. - */ - void updateConfiguration(Credentials credentials, String identifier, - GuacamoleConfiguration config) throws GuacamoleException; - - /** - * Removes the GuacamoleConfiguration having the given unique identifier, - * using the given credentials. - * - * @param credentials The credentials to use when removing the configuration - * having the given identifier. - * @param identifier The identifier of the configuration to remove. - * @throws GuacamoleException If an error occurs while removing the - * configuration, or if removing the - * configuration is not allowed. - */ - void removeConfiguration(Credentials credentials, String identifier) - throws GuacamoleException; - - /** - * Given an arbitrary Credentials object, returns a Set containing all - * Users visible with those credentials. - * - * @param credentials The credentials to use to retrieve users. - * @return A Set of all users visible with the given credentials, - * or null if the credentials given are not authorized. - * @throws GuacamoleException If an error occurs while retrieving - * users. - */ - Set getUsers(Credentials credentials) throws GuacamoleException; - - /** - * Adds the given User to the overall set of available Users, using the - * given credentials. - * - * @param credentials The credentials to use when adding the given - * user. - * @param user The user to add. - * @throws GuacamoleException If an error occurs while adding the user, or - * if adding the user is not allowed. - */ - void addUser(Credentials credentials, User user) - throws GuacamoleException; - - /** - * Updates the User with the data contained in the given User, using the - * given credentials. The user to update is identified using the username - * of the User given. - * - * @param credentials The credentials to use when updating the user. - * @param user The user to use when updating the stored user. - * @throws GuacamoleException If an error occurs while updating the user, - * or if updating the user is not allowed. - */ - void updateUser(Credentials credentials, User user) - throws GuacamoleException; - - /** - * Removes the User using the given credentials. - * - * @param credentials The credentials to use when removing the user. - * @throws GuacamoleException If an error occurs while removing the user, - * or if removing user is not allowed. - */ - void removeUser(Credentials credentials, User user) - throws GuacamoleException; - + } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Environment.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Environment.java new file mode 100644 index 000000000..fc589bc45 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Environment.java @@ -0,0 +1,166 @@ + +package net.sourceforge.guacamole.net.auth; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-auth. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import java.util.Map; +import java.util.Set; +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; + + +/** + * Represents the global set of available Users and GuacamoleConfigurations. + * Every Environment has an associated Credentials that determine what Users + * and GuacamoleConfigurations are visible in the Environment. + * + * Note that if the available GuacamoleConfigurations or Users can change + * externally, it is up to the implementation of the Environment to reload these + * external changes if desired. + * + * @author Michael Jumper + */ +public interface Environment { + + /** + * Returns the User represented by the Credentials that own this + * Environment. + * + * @return The User represented by the Credentials that own this + * Environment. + */ + User self(); + + + /* + * CONFIGURATION FUNCTIONS + */ + + + /** + * Returns a Map containing all GuacamoleConfigurations visible within this + * Environment. The keys of this Map are Strings which uniquely identify + * each configuration. + * + * @return A Map of all configurations visible. + * @throws GuacamoleException If an error occurs while retrieving + * configurations. + */ + Map getConfigurations() + throws GuacamoleException; + + /** + * Adds the given GuacamoleConfiguration to the overall set of available + * GuacamoleConfigurations, using the given unique identifier. + * + * @param identifier The identifier to assign to the configuration. + * @param config The configuration to add. + * @throws GuacamoleException If an error occurs while adding the + * configuration, or if adding the configuration + * is not allowed. + */ + void addConfiguration(String identifier, GuacamoleConfiguration config) + throws GuacamoleException; + + /** + * Updates the GuacamoleConfiguration having the given unique identifier + * with the data contained in the given GuacamoleConfiguration. + * + * @param identifier The identifier to use when locating the configuration + * to update. + * @param config The configuration to use when updating the stored + * configuration. + * @throws GuacamoleException If an error occurs while updating the + * configuration, or if updating the + * configuration is not allowed. + */ + void updateConfiguration(String identifier, GuacamoleConfiguration config) + throws GuacamoleException; + + /** + * Removes the GuacamoleConfiguration having the given unique identifier. + * + * @param identifier The identifier of the configuration to remove. + * @throws GuacamoleException If an error occurs while removing the + * configuration, or if removing the + * configuration is not allowed. + */ + void removeConfiguration(String identifier) throws GuacamoleException; + + + /* + * USER FUNCTIONS + */ + + + /** + * Returns a Set containing all Users visible within this Environment. + * + * @return A Set of all users visible. + * @throws GuacamoleException If an error occurs while retrieving + * users. + */ + Set getUsers() throws GuacamoleException; + + /** + * Adds the given User to the overall set of available Users. + * + * @param user The user to add. + * @throws GuacamoleException If an error occurs while adding the user, or + * if adding the user is not allowed. + */ + void addUser(User user) throws GuacamoleException; + + /** + * Updates the User with the data contained in the given User. The user to + * update is identified using the username of the User given. + * + * @param user The user to use when updating the stored user. + * @throws GuacamoleException If an error occurs while updating the user, + * or if updating the user is not allowed. + */ + void updateUser(User user) throws GuacamoleException; + + /** + * Removes the given User from the overall set of available Users. + * + * @throws GuacamoleException If an error occurs while removing the user, + * or if removing user is not allowed. + */ + void removeUser(User user) throws GuacamoleException; + +} From 2d337531946c4caa6d33129e892305ae56be3ab0 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sun, 27 Jan 2013 01:52:56 -0800 Subject: [PATCH 46/95] Allow unrestricted access to all Users and GuacamoleConfigurations through the Environment. Restrict access to everything and provide CRUD operations within UserContext. Define contract of permissions. --- .../guacamole/net/auth/AbstractUser.java | 3 +- .../net/auth/AuthenticationProvider.java | 26 ++- .../guacamole/net/auth/Environment.java | 95 +--------- .../guacamole/net/auth/Restrictable.java | 116 ------------ .../guacamole/net/auth/RestrictedObject.java | 112 ------------ .../sourceforge/guacamole/net/auth/User.java | 2 +- .../guacamole/net/auth/UserContext.java | 170 ++++++++++++++++++ 7 files changed, 196 insertions(+), 328 deletions(-) delete mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Restrictable.java delete mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/RestrictedObject.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java index 4037672c0..8497f3627 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java @@ -46,8 +46,7 @@ import net.sourceforge.guacamole.GuacamoleException; * * @author Michael Jumper */ -public class AbstractUser extends RestrictedObject - implements User, Comparable { +public abstract class AbstractUser implements User, Comparable { /** * The name of this user. diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java index 599410a29..5fccba9a8 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java @@ -50,16 +50,30 @@ import net.sourceforge.guacamole.GuacamoleException; public interface AuthenticationProvider { /** - * Returns the Environment authorized by the given credentials, or null if - * the given credentials are not authorized. + * Returns the environment exposed by this AuthenticationProvider. The + * environment provides unrestricted access to all available users and + * configurations, though operations which permanently affect users and + * configurations are only possible through a UserContext. + * + * @return An Environment containing all Users and GuacamoleConfigurations + * currently available through this AuthenticationProvider. + * + * @throws GuacamoleException If an error occurs while retrieving the + * environment. + */ + Environment getEnvironment() throws GuacamoleException; + + /** + * Returns the UserContext of the user authorized by the given credentials. * * @param credentials The credentials to use to retrieve the environment. - * @return An Environment containing all Users and GuacamoleConfigurations - * the credentials provide access to. + * @return The UserContext of the user authorized by the given credentials, + * or null if the credentials are not authorized. + * * @throws GuacamoleException If an error occurs while creating the - * Environment. + * UserContext. */ - Environment getAuthorizedEnvironment(Credentials credentials) + UserContext getUserContext(Credentials credentials) throws GuacamoleException; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Environment.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Environment.java index fc589bc45..7c251d5fe 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Environment.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Environment.java @@ -57,24 +57,8 @@ import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; public interface Environment { /** - * Returns the User represented by the Credentials that own this - * Environment. - * - * @return The User represented by the Credentials that own this - * Environment. - */ - User self(); - - - /* - * CONFIGURATION FUNCTIONS - */ - - - /** - * Returns a Map containing all GuacamoleConfigurations visible within this - * Environment. The keys of this Map are Strings which uniquely identify - * each configuration. + * Returns a Map containing absolutely all GuacamoleConfigurations. The + * keys of this Map are Strings which uniquely identify each configuration. * * @return A Map of all configurations visible. * @throws GuacamoleException If an error occurs while retrieving @@ -84,83 +68,12 @@ public interface Environment { throws GuacamoleException; /** - * Adds the given GuacamoleConfiguration to the overall set of available - * GuacamoleConfigurations, using the given unique identifier. - * - * @param identifier The identifier to assign to the configuration. - * @param config The configuration to add. - * @throws GuacamoleException If an error occurs while adding the - * configuration, or if adding the configuration - * is not allowed. - */ - void addConfiguration(String identifier, GuacamoleConfiguration config) - throws GuacamoleException; - - /** - * Updates the GuacamoleConfiguration having the given unique identifier - * with the data contained in the given GuacamoleConfiguration. - * - * @param identifier The identifier to use when locating the configuration - * to update. - * @param config The configuration to use when updating the stored - * configuration. - * @throws GuacamoleException If an error occurs while updating the - * configuration, or if updating the - * configuration is not allowed. - */ - void updateConfiguration(String identifier, GuacamoleConfiguration config) - throws GuacamoleException; - - /** - * Removes the GuacamoleConfiguration having the given unique identifier. - * - * @param identifier The identifier of the configuration to remove. - * @throws GuacamoleException If an error occurs while removing the - * configuration, or if removing the - * configuration is not allowed. - */ - void removeConfiguration(String identifier) throws GuacamoleException; - - - /* - * USER FUNCTIONS - */ - - - /** - * Returns a Set containing all Users visible within this Environment. + * Returns a Set containing absolutely all Users. * - * @return A Set of all users visible. + * @return A Set of all users. * @throws GuacamoleException If an error occurs while retrieving * users. */ Set getUsers() throws GuacamoleException; - /** - * Adds the given User to the overall set of available Users. - * - * @param user The user to add. - * @throws GuacamoleException If an error occurs while adding the user, or - * if adding the user is not allowed. - */ - void addUser(User user) throws GuacamoleException; - - /** - * Updates the User with the data contained in the given User. The user to - * update is identified using the username of the User given. - * - * @param user The user to use when updating the stored user. - * @throws GuacamoleException If an error occurs while updating the user, - * or if updating the user is not allowed. - */ - void updateUser(User user) throws GuacamoleException; - - /** - * Removes the given User from the overall set of available Users. - * - * @throws GuacamoleException If an error occurs while removing the user, - * or if removing user is not allowed. - */ - void removeUser(User user) throws GuacamoleException; - } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Restrictable.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Restrictable.java deleted file mode 100644 index 6d89418bf..000000000 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Restrictable.java +++ /dev/null @@ -1,116 +0,0 @@ - -package net.sourceforge.guacamole.net.auth; - -/* ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is guacamole-auth. - * - * The Initial Developer of the Original Code is - * Michael Jumper. - * Portions created by the Initial Developer are Copyright (C) 2010 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -import net.sourceforge.guacamole.GuacamoleException; - - -/** - * Interface which allows restricted objects to expose their restrictions. - * - * @author Michael Jumper - */ -public interface Restrictable { - - /** - * All possible permissions for a restricted object. - */ - public enum Permission { - - /** - * Access to read properties of the restricted object. - */ - READ, - - /** - * Access to write properties of the restricted object. - */ - WRITE, - - /** - * Access to change permissions of the restricted object. - */ - ADMINISTER - - } - - /** - * Checks whether the given user has the given permission on this object. - * Depending on the credentials given, access to reading permissions may - * be denied. - * - * @param credentials The credentials to use when reading permissions. - * @param user The user to read the permissions for. - * @param permission The permission to check. - * @return true if the user has the given permission, false otherwise. - * @throws GuacamoleException If an error occurs while reading the - * permissions, such as permission being denied. - */ - public boolean hasPermission(Credentials credentials, - User user, Permission permission) throws GuacamoleException; - - - /** - * Adds the given permission to the given user for this object. Depending - * on the credentials given, access to administering permissions may be - * denied. - * - * @param credentials The credentials to use when adding permissions. - * @param user The user to add the permission for. - * @param permission The permission to add. - * @throws GuacamoleException If an error occurs while adding the - * permission, such as permission being denied. - */ - public void addPermission(Credentials credentials, - User user, Permission permission) throws GuacamoleException; - - /** - * Removes the given permission from the given user for this object. - * Depending on the credentials given, access to administering permissions - * may be denied. - * - * @param credentials The credentials to use when removing permissions. - * @param user The user to remove the permission from. - * @param permission The permission to add. - * @throws GuacamoleException If an error occurs while removing the - * permission, such as permission being denied. - */ - public void removePermission(Credentials credentials, - User user, Permission permission) throws GuacamoleException; - -} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/RestrictedObject.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/RestrictedObject.java deleted file mode 100644 index b556fcb1d..000000000 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/RestrictedObject.java +++ /dev/null @@ -1,112 +0,0 @@ - -package net.sourceforge.guacamole.net.auth; - -/* ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is guacamole-auth. - * - * The Initial Developer of the Original Code is - * Michael Jumper. - * Portions created by the Initial Developer are Copyright (C) 2010 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -import java.util.EnumSet; -import java.util.HashMap; -import java.util.Map; -import net.sourceforge.guacamole.GuacamoleException; - - -/** - * A basic object providing permissions access and storage. - * - * @author Michael Jumper - */ -public abstract class RestrictedObject implements Restrictable { - - /** - * Map of all user permissions. - */ - private Map> permissions = - new HashMap>(); - - - @Override - public boolean hasPermission(Credentials credentials, - User user, Permission permission) throws GuacamoleException { - - // Get permissions set, if any - EnumSet userPermissions = - permissions.get(user); - - // If permission set exists for this user, just test whether permission - // set contains the requested permission. - if (userPermissions != null) - return userPermissions.contains(permission); - - // Default to no permission - return false; - - } - - @Override - public void addPermission(Credentials credentials, - User user, Permission permission) throws GuacamoleException { - - // Get permissions set, if any - EnumSet userPermissions = - permissions.get(user); - - // If set does not exist, create it - if (userPermissions == null) { - userPermissions = EnumSet.of(permission); - permissions.put(user, userPermissions); - } - - // Otherwise, just add permission - else - userPermissions.add(permission); - - } - - @Override - public void removePermission(Credentials credentials, - User user, Permission permission) throws GuacamoleException { - - // Get permissions set, if any - EnumSet userPermissions = - permissions.get(user); - - // Remove permission - if (userPermissions != null) - userPermissions.remove(permission); - - } - -} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java index 0076f9e6f..c01a7f5ca 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java @@ -45,7 +45,7 @@ import net.sourceforge.guacamole.GuacamoleException; * * @author Michael Jumper */ -public interface User extends Restrictable { +public interface User { /** * Returns the name of this user, which must be unique across all users. diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java new file mode 100644 index 000000000..ee28243e6 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java @@ -0,0 +1,170 @@ + +package net.sourceforge.guacamole.net.auth; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-auth. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import java.util.Map; +import java.util.Set; +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; + +/** + * The context of an active user. The functions of this class enforce all + * permissions and act only within the rights of the associated user. + * + * @author Michael Jumper + */ +public interface UserContext { + + /** + * All possible permissions for user within a UserContext. + * + * Absolutely ALL possible operations that can possibly fail due to + * security issues within a UserContext must have a means of querying + * beforehand whether the operation will fail, and thus must have an + * associated permission value. + */ + public enum Permission { + + /* STUB */ + + } + + /** + * Returns the User whose access rights control the operations of this + * UserContext. + * + * @return The User whose access rights control the operations of this + * UserContext. + */ + User self(); + + /* + * USER FUNCTIONS + */ + + /** + * Returns a Set containing all Users visible within this UserContext. + * + * @return A Set of all users visible. + * @throws GuacamoleException If an error occurs while retrieving + * users. + */ + Set getUsers() throws GuacamoleException; + + /** + * Adds the given User to the overall set of available Users. + * + * @param user The user to add. + * @throws GuacamoleException If an error occurs while adding the user, or + * if adding the user is not allowed. + */ + void addUser(User user) throws GuacamoleException; + + /** + * Updates the User with the data contained in the given User. The user to + * update is identified using the username of the User given. + * + * @param user The user to use when updating the stored user. + * @throws GuacamoleException If an error occurs while updating the user, + * or if updating the user is not allowed. + */ + void updateUser(User user) throws GuacamoleException; + + /** + * Removes the given User from the overall set of available Users. + * + * @throws GuacamoleException If an error occurs while removing the user, + * or if removing user is not allowed. + */ + void removeUser(User user) throws GuacamoleException; + + /* + * CONFIGURATION FUNCTIONS + */ + + /** + * Returns a Map containing all GuacamoleConfigurations visible within this + * UserContext. The keys of this Map are Strings which uniquely identify + * each configuration. + * + * @return A Map of all configurations visible. + * @throws GuacamoleException If an error occurs while retrieving + * configurations. + */ + Map getConfigurations() + throws GuacamoleException; + + /** + * Adds the given GuacamoleConfiguration to the overall set of available + * GuacamoleConfigurations, using the given unique identifier. + * + * @param identifier The identifier to assign to the configuration. + * @param config The configuration to add. + * @throws GuacamoleException If an error occurs while adding the + * configuration, or if adding the configuration + * is not allowed. + */ + void addConfiguration(String identifier, GuacamoleConfiguration config) + throws GuacamoleException; + + /** + * Updates the GuacamoleConfiguration having the given unique identifier + * with the data contained in the given GuacamoleConfiguration. + * + * @param identifier The identifier to use when locating the configuration + * to update. + * @param config The configuration to use when updating the stored + * configuration. + * @throws GuacamoleException If an error occurs while updating the + * configuration, or if updating the + * configuration is not allowed. + */ + void updateConfiguration(String identifier, GuacamoleConfiguration config) + throws GuacamoleException; + + /** + * Removes the GuacamoleConfiguration having the given unique identifier. + * + * @param identifier The identifier of the configuration to remove. + * @throws GuacamoleException If an error occurs while removing the + * configuration, or if removing the + * configuration is not allowed. + */ + void removeConfiguration(String identifier) throws GuacamoleException; + +} From 9288c15104bb07eb2022026d6821d6af2e9f482e Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sun, 27 Jan 2013 01:54:21 -0800 Subject: [PATCH 47/95] Fix license comment (should refer to code as guacamole-ext, not guacamole-auth). --- .../java/net/sourceforge/guacamole/net/auth/AbstractUser.java | 2 +- .../sourceforge/guacamole/net/auth/AuthenticationProvider.java | 2 +- .../java/net/sourceforge/guacamole/net/auth/Credentials.java | 2 +- .../java/net/sourceforge/guacamole/net/auth/Environment.java | 2 +- .../src/main/java/net/sourceforge/guacamole/net/auth/User.java | 2 +- .../java/net/sourceforge/guacamole/net/auth/UserContext.java | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java index 8497f3627..b97a6a35b 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java @@ -14,7 +14,7 @@ package net.sourceforge.guacamole.net.auth; * for the specific language governing rights and limitations under the * License. * - * The Original Code is guacamole-auth. + * The Original Code is guacamole-ext. * * The Initial Developer of the Original Code is * Michael Jumper. diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java index 5fccba9a8..10112ada0 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java @@ -14,7 +14,7 @@ package net.sourceforge.guacamole.net.auth; * for the specific language governing rights and limitations under the * License. * - * The Original Code is guacamole-auth. + * The Original Code is guacamole-ext. * * The Initial Developer of the Original Code is * Michael Jumper. diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java index 60d5101c0..26647f8b1 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java @@ -17,7 +17,7 @@ import javax.servlet.http.HttpSession; * for the specific language governing rights and limitations under the * License. * - * The Original Code is guacamole-auth. + * The Original Code is guacamole-ext. * * The Initial Developer of the Original Code is * Michael Jumper. diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Environment.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Environment.java index 7c251d5fe..01c83e6e2 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Environment.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Environment.java @@ -14,7 +14,7 @@ package net.sourceforge.guacamole.net.auth; * for the specific language governing rights and limitations under the * License. * - * The Original Code is guacamole-auth. + * The Original Code is guacamole-ext. * * The Initial Developer of the Original Code is * Michael Jumper. diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java index c01a7f5ca..12546feea 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java @@ -14,7 +14,7 @@ package net.sourceforge.guacamole.net.auth; * for the specific language governing rights and limitations under the * License. * - * The Original Code is guacamole-auth. + * The Original Code is guacamole-ext. * * The Initial Developer of the Original Code is * Michael Jumper. diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java index ee28243e6..4d737c962 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java @@ -14,7 +14,7 @@ package net.sourceforge.guacamole.net.auth; * for the specific language governing rights and limitations under the * License. * - * The Original Code is guacamole-auth. + * The Original Code is guacamole-ext. * * The Initial Developer of the Original Code is * Michael Jumper. From 137e5cb91f34c627c8d64e794c8e7e597956e514 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sun, 27 Jan 2013 02:37:37 -0800 Subject: [PATCH 48/95] Add user role concept, stub permissions (#267). --- .../guacamole/net/auth/AbstractUser.java | 25 ++++++-- .../sourceforge/guacamole/net/auth/Role.java | 64 +++++++++++++++++++ .../sourceforge/guacamole/net/auth/User.java | 29 ++++++--- 3 files changed, 102 insertions(+), 16 deletions(-) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Role.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java index b97a6a35b..43c0219a7 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java @@ -37,8 +37,6 @@ package net.sourceforge.guacamole.net.auth; * * ***** END LICENSE BLOCK ***** */ -import net.sourceforge.guacamole.GuacamoleException; - /** * Basic implementation of a Guacamole user which uses the username to @@ -60,26 +58,41 @@ public abstract class AbstractUser implements User, Comparable { */ private String password; + /** + * This user's role. + */ + private Role role; + @Override - public String getUsername() throws GuacamoleException { + public String getUsername() { return username; } @Override - public void setUsername(String username) throws GuacamoleException { + public void setUsername(String username) { this.username = username; } @Override - public String getPassword() throws GuacamoleException { + public String getPassword() { return password; } @Override - public void setPassword(String password) throws GuacamoleException { + public void setPassword(String password) { this.password = password; } + @Override + public Role getRole() { + return role; + } + + @Override + public void setRole(Role role) { + this.role = role; + } + @Override public int hashCode() { diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Role.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Role.java new file mode 100644 index 000000000..6a18ed162 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Role.java @@ -0,0 +1,64 @@ +package net.sourceforge.guacamole.net.auth; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + + +/** + * The role of a particular user, defining the access levels of that user. + * + * @author Michael Jumper + */ +public interface Role { + + /* FIXME: STUB */ + + /* + * POSSIBLE PERMISSIONS: + * + * UserManagementPermission(ADD/UPDATE/DELETE/VIEW, user or ANY) + * ConfigurationPermission(ADD/UPDATE/DELETE/VIEW, config or ANY) + * AdministrationPermission(ADD/REMOVE, permission or ANY) + * + * Each can be used with: + * + * add(Permission) + * remove(Permission) + * has(Permission) + * + */ + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java index 12546feea..35a9f3dea 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java @@ -37,8 +37,6 @@ package net.sourceforge.guacamole.net.auth; * * ***** END LICENSE BLOCK ***** */ -import net.sourceforge.guacamole.GuacamoleException; - /** * A user of the Guacamole web application. @@ -51,26 +49,23 @@ public interface User { * Returns the name of this user, which must be unique across all users. * * @return The name of this user. - * @throws GuacamoleException If an error occurs retrieving the username. */ - public String getUsername() throws GuacamoleException; + public String getUsername(); /** * Sets the name of this user, which must be unique across all users. * * @param username The name of this user. - * @throws GuacamoleException If an error occurs setting the username. */ - public void setUsername(String username) throws GuacamoleException; + public void setUsername(String username); /** * Returns this user's password. Note that the password returned may be * hashed or completely arbitrary. * * @return A String which may (or may not) be the user's password. - * @throws GuacamoleException If an error occurs retrieving the password. */ - public String getPassword() throws GuacamoleException; + public String getPassword(); /** * Sets this user's password. Note that while this function is guaranteed @@ -78,8 +73,22 @@ public interface User { * getPassword() will return the value given to setPassword(). * * @param password The password to set. - * @throws GuacamoleException If an error occurs setting the password. */ - public void setPassword(String password) throws GuacamoleException; + public void setPassword(String password); + /** + * Returns the role of this User. The role defines exactly which permissions + * a particular user has. + * + * @return The role of this User. + */ + public Role getRole(); + + /** + * Sets the role of this User to the given Role. + * + * @param role The role which this User should have. + */ + public void setRole(Role role); + } From 7ed37d20e1eecb3ddae3e90e59b72ed965dc6b5b Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Mon, 28 Jan 2013 00:25:06 -0800 Subject: [PATCH 49/95] Add basic permission interfaces and hierarchy. --- .../net/auth/permission/ObjectPermission.java | 84 +++++++++++++++++++ .../net/auth/permission/Permission.java | 57 +++++++++++++ .../net/auth/permission/SystemPermission.java | 62 ++++++++++++++ 3 files changed, 203 insertions(+) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ObjectPermission.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/Permission.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/SystemPermission.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ObjectPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ObjectPermission.java new file mode 100644 index 000000000..a67b7516a --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ObjectPermission.java @@ -0,0 +1,84 @@ + +package net.sourceforge.guacamole.net.auth.permission; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + + +/** + * A permission which affects a specific object, rather than the system as a + * whole. + * + * @author Michael Jumper + * @param The type of object this permission affects. + */ +public interface ObjectPermission extends Permission { + + /** + * Specific types of object-level permissions. Each permission type is + * related to a specific class of object-level operation. + */ + public enum Type { + + /** + * Read data within an object. + */ + READ, + + /** + * Update data within an object. + */ + UPDATE, + + /** + * Delete an object. + */ + DELETE, + + /** + * Change who has access to an object. + */ + ADMINSTER + + } + + /** + * Returns the specific object affected by this permission. + * @return The specific object affected by this permission. + */ + public T getSubject(); + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/Permission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/Permission.java new file mode 100644 index 000000000..a17a15f86 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/Permission.java @@ -0,0 +1,57 @@ + +package net.sourceforge.guacamole.net.auth.permission; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + + +/** + * A permission which affects a specific type of operation, where all available + * operation types are defined by an enumeration. + * + * @author Michael Jumper + * @param The enumeration of all available operation types that this + * permission can affect. + */ +public interface Permission { + + /** + * Returns the type of operation affected by this permission. + * @return The type of operation affected by this permission. + */ + public Type getType(); + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/SystemPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/SystemPermission.java new file mode 100644 index 000000000..08e83c288 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/SystemPermission.java @@ -0,0 +1,62 @@ + +package net.sourceforge.guacamole.net.auth.permission; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + + +/** + * A permission which affects the system as a whole, rather than an individual + * object. + * + * @author Michael Jumper + */ +public interface SystemPermission extends Permission { + + /** + * Specific types of system-level permissions. Each permission type is + * related to a specific class of system-level operation. + */ + public enum Type { + + /** + * Create system-level objects. + */ + CREATE + + } + +} From d907f7758b16dc8b7fc3c773871af5cef2b90ae5 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Mon, 28 Jan 2013 11:14:59 -0800 Subject: [PATCH 50/95] Implement concrete permissions. --- ...amoleConfigurationDirectoryPermission.java | 69 ++++++++++++++ .../GuacamoleConfigurationPermission.java | 89 +++++++++++++++++++ .../permission/UserDirectoryPermission.java | 67 ++++++++++++++ .../net/auth/permission/UserPermission.java | 85 ++++++++++++++++++ 4 files changed, 310 insertions(+) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationDirectoryPermission.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationPermission.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserDirectoryPermission.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationDirectoryPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationDirectoryPermission.java new file mode 100644 index 000000000..4d9b4d4e4 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationDirectoryPermission.java @@ -0,0 +1,69 @@ + +package net.sourceforge.guacamole.net.auth.permission; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + + +/** + * A permission which controls access to a GuacamoleConfigurationDirectory. + * + * @author Michael Jumper + */ +public class GuacamoleConfigurationDirectoryPermission + implements SystemPermission { + + /** + * The type of operation affected by this permission. + */ + private Type type; + + /** + * Creates a new GuacamoleConfigurationDirectoryPermission with the given + * type. + * + * @param type The type of operation controlled by this permission. + */ + public GuacamoleConfigurationDirectoryPermission(Type type) { + this.type = type; + } + + @Override + public Type getType() { + return type; + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationPermission.java new file mode 100644 index 000000000..a7c96be76 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationPermission.java @@ -0,0 +1,89 @@ + +package net.sourceforge.guacamole.net.auth.permission; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; + + +/** + * A permission which controls operations that directly affect a specific + * GuacamoleConfiguration. + * + * @author Michael Jumper + */ +public class GuacamoleConfigurationPermission + implements ObjectPermission { + + /** + * The GuacamoleConfiguration associated with the operation affected by + * this permission. + */ + private GuacamoleConfiguration subject; + + /** + * The type of operation affected by this permission. + */ + private Type type; + + /** + * Creates a new GuacamoleConfigurationPermission having the given type + * and subject. + * + * @param type The type of operation affected by this permission. + * @param subject The GuacamoleConfiguration associated with the operation + * affected by this permission. + */ + public GuacamoleConfigurationPermission(Type type, + GuacamoleConfiguration subject) { + + this.subject = subject; + this.type = type; + + } + + @Override + public GuacamoleConfiguration getSubject() { + return subject; + } + + @Override + public Type getType() { + return type; + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserDirectoryPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserDirectoryPermission.java new file mode 100644 index 000000000..dc87da095 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserDirectoryPermission.java @@ -0,0 +1,67 @@ + +package net.sourceforge.guacamole.net.auth.permission; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + + +/** + * A permission which controls access to a UserDirectory. + * + * @author Michael Jumper + */ +public class UserDirectoryPermission implements SystemPermission { + + /** + * The type of operation affected by this permission. + */ + private Type type; + + /** + * Creates a new UserDirectoryPermission with the given type. + * + * @param type The type of operation controlled by this permission. + */ + public UserDirectoryPermission(Type type) { + this.type = type; + } + + @Override + public Type getType() { + return type; + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java new file mode 100644 index 000000000..3029aeb40 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java @@ -0,0 +1,85 @@ + +package net.sourceforge.guacamole.net.auth.permission; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import net.sourceforge.guacamole.net.auth.User; + + +/** + * A permission which controls operations that directly affect a specific + * User. + * + * @author Michael Jumper + */ +public class UserPermission implements ObjectPermission { + + /** + * The User associated with the operation affected by this permission. + */ + private User subject; + + /** + * The type of operation affected by this permission. + */ + private Type type; + + /** + * Creates a new UserPermission having the given type and subject. + * + * @param type The type of operation affected by this permission. + * @param subject The User associated with the operation affected by this + * permission. + */ + public UserPermission(User subject, Type type) { + + this.subject = subject; + this.type = type; + + } + + @Override + public User getSubject() { + return subject; + } + + @Override + public Type getType() { + return type; + } + +} From 942f3754907e868a258bd8da86eecef4af604363 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Mon, 28 Jan 2013 11:27:37 -0800 Subject: [PATCH 51/95] Refactor operations into separate directories. --- .../auth/GuacamoleConfigurationDirectory.java | 102 ++++++++++++++ .../net/auth/PermissionDirectory.java | 92 +++++++++++++ .../guacamole/net/auth/UserContext.java | 127 ++++-------------- .../guacamole/net/auth/UserDirectory.java | 87 ++++++++++++ 4 files changed, 309 insertions(+), 99 deletions(-) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/PermissionDirectory.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserDirectory.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java new file mode 100644 index 000000000..64e1bc89c --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java @@ -0,0 +1,102 @@ + +package net.sourceforge.guacamole.net.auth; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import java.util.Map; +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; + + +/** + * Provides access to a collection of all configurations, and allows + * configuration manipulation and removal. + * + * @author Michael Jumper + */ +public interface GuacamoleConfigurationDirectory { + + /** + * Returns a Map containing all GuacamoleConfigurations. The keys of this + * Map are Strings which uniquely identify each configuration. + * + * @return A Map of all configurations visible. + * @throws GuacamoleException If an error occurs while retrieving + * configurations. + */ + Map getConfigurations() + throws GuacamoleException; + + /** + * Adds the given GuacamoleConfiguration to the overall set of available + * GuacamoleConfigurations, using the given unique identifier. + * + * @param identifier The identifier to assign to the configuration. + * @param config The configuration to add. + * @throws GuacamoleException If an error occurs while adding the + * configuration, or if adding the configuration + * is not allowed. + */ + void addConfiguration(String identifier, GuacamoleConfiguration config) + throws GuacamoleException; + + /** + * Updates the GuacamoleConfiguration having the given unique identifier + * with the data contained in the given GuacamoleConfiguration. + * + * @param identifier The identifier to use when locating the configuration + * to update. + * @param config The configuration to use when updating the stored + * configuration. + * @throws GuacamoleException If an error occurs while updating the + * configuration, or if updating the + * configuration is not allowed. + */ + void updateConfiguration(String identifier, GuacamoleConfiguration config) + throws GuacamoleException; + + /** + * Removes the GuacamoleConfiguration having the given unique identifier. + * + * @param identifier The identifier of the configuration to remove. + * @throws GuacamoleException If an error occurs while removing the + * configuration, or if removing the + * configuration is not allowed. + */ + void removeConfiguration(String identifier) throws GuacamoleException; + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/PermissionDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/PermissionDirectory.java new file mode 100644 index 000000000..30b4f2c38 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/PermissionDirectory.java @@ -0,0 +1,92 @@ +package net.sourceforge.guacamole.net.auth; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.net.auth.permission.Permission; + + +/** + * Provides access to a collection of all permissions, and allows permission + * manipulation and removal. + * + * @author Michael Jumper + */ +public interface PermissionDirectory { + + /** + * Tests whether the specified user has the specified permission. + * + * @param user The user to check permissions for. + * @param permission The permission to check. + * @return true if the permission is granted to the user specified, false + * otherwise. + * + * @throws GuacamoleException If an error occurs while checking permissions, + * or if permissions cannot be checked due to + * lack of permissions to do so. + */ + boolean hasPermission(User user, Permission permission) + throws GuacamoleException; + + /** + * Adds the specified permission to the specified user. + * + * @param user The user to add the permission to. + * @param permission The permission to add. + * + * @throws GuacamoleException If an error occurs while adding the + * permission. or if permission to add + * permissions is denied. + */ + void addPermission(User user, Permission permission) + throws GuacamoleException; + + /** + * Removes the specified permission from the specified user. + * + * @param user The user to remove the permission from. + * @param permission The permission to remove. + * + * @throws GuacamoleException If an error occurs while removing the + * permission. or if permission to remove + * permissions is denied. + */ + void removePermission(User user, Permission permission) + throws GuacamoleException; + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java index 4d737c962..ce7cc6016 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java @@ -37,10 +37,7 @@ package net.sourceforge.guacamole.net.auth; * * ***** END LICENSE BLOCK ***** */ -import java.util.Map; -import java.util.Set; import net.sourceforge.guacamole.GuacamoleException; -import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; /** * The context of an active user. The functions of this class enforce all @@ -50,20 +47,6 @@ import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; */ public interface UserContext { - /** - * All possible permissions for user within a UserContext. - * - * Absolutely ALL possible operations that can possibly fail due to - * security issues within a UserContext must have a means of querying - * beforehand whether the operation will fail, and thus must have an - * associated permission value. - */ - public enum Permission { - - /* STUB */ - - } - /** * Returns the User whose access rights control the operations of this * UserContext. @@ -73,98 +56,44 @@ public interface UserContext { */ User self(); - /* - * USER FUNCTIONS - */ - /** - * Returns a Set containing all Users visible within this UserContext. - * - * @return A Set of all users visible. - * @throws GuacamoleException If an error occurs while retrieving - * users. - */ - Set getUsers() throws GuacamoleException; - - /** - * Adds the given User to the overall set of available Users. + * Retrieves a UserDirectory which can be used to view and manipulate other + * users, but only as allowed by the permissions given to the user of this + * UserContext. * - * @param user The user to add. - * @throws GuacamoleException If an error occurs while adding the user, or - * if adding the user is not allowed. - */ - void addUser(User user) throws GuacamoleException; - - /** - * Updates the User with the data contained in the given User. The user to - * update is identified using the username of the User given. + * @return A UserDirectory whose operations are bound by the restrictions + * of this UserContext. * - * @param user The user to use when updating the stored user. - * @throws GuacamoleException If an error occurs while updating the user, - * or if updating the user is not allowed. + * @throws GuacamoleException If an error occurs while creating the + * UserDirectory. */ - void updateUser(User user) throws GuacamoleException; - - /** - * Removes the given User from the overall set of available Users. - * - * @throws GuacamoleException If an error occurs while removing the user, - * or if removing user is not allowed. - */ - void removeUser(User user) throws GuacamoleException; + UserDirectory getUserDirectory() throws GuacamoleException; - /* - * CONFIGURATION FUNCTIONS - */ - /** - * Returns a Map containing all GuacamoleConfigurations visible within this - * UserContext. The keys of this Map are Strings which uniquely identify - * each configuration. - * - * @return A Map of all configurations visible. - * @throws GuacamoleException If an error occurs while retrieving - * configurations. - */ - Map getConfigurations() + * Retrieves a GuacamoleConfigurationDirectory which can be used to view + * and manipulate configurations, but only as allowed by the permissions + * given to the user of this UserContext. + * + * @return A GuacamoleConfigurationdirectory whose operations are bound by + * the restrictions of this UserContext. + * + * @throws GuacamoleException If an error occurs while creating the + * GuacamoleConfigurationDirectory. + */ + GuacamoleConfigurationDirectory getGuacamoleConfigurationDirectory() throws GuacamoleException; /** - * Adds the given GuacamoleConfiguration to the overall set of available - * GuacamoleConfigurations, using the given unique identifier. + * Retrieves a PermissionDirectory which can be used to view and manipulate + * permissions, but only as allowed by the permissions given to the user of + * this UserContext. * - * @param identifier The identifier to assign to the configuration. - * @param config The configuration to add. - * @throws GuacamoleException If an error occurs while adding the - * configuration, or if adding the configuration - * is not allowed. + * @return A PermissionDirectory whose operations are bound by the + * restrictions of this UserContext. + * + * @throws GuacamoleException If an error occurs while creating the + * PermissionDirectory. */ - void addConfiguration(String identifier, GuacamoleConfiguration config) - throws GuacamoleException; + PermissionDirectory getPermissionDirectory() throws GuacamoleException; - /** - * Updates the GuacamoleConfiguration having the given unique identifier - * with the data contained in the given GuacamoleConfiguration. - * - * @param identifier The identifier to use when locating the configuration - * to update. - * @param config The configuration to use when updating the stored - * configuration. - * @throws GuacamoleException If an error occurs while updating the - * configuration, or if updating the - * configuration is not allowed. - */ - void updateConfiguration(String identifier, GuacamoleConfiguration config) - throws GuacamoleException; - - /** - * Removes the GuacamoleConfiguration having the given unique identifier. - * - * @param identifier The identifier of the configuration to remove. - * @throws GuacamoleException If an error occurs while removing the - * configuration, or if removing the - * configuration is not allowed. - */ - void removeConfiguration(String identifier) throws GuacamoleException; - } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserDirectory.java new file mode 100644 index 000000000..85ece850a --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserDirectory.java @@ -0,0 +1,87 @@ +package net.sourceforge.guacamole.net.auth; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import java.util.Set; +import net.sourceforge.guacamole.GuacamoleException; + + +/** + * Provides access to a collection of all users, and allows user manipulation + * and removal. + * + * @author Michael Jumper + */ +public interface UserDirectory { + + /** + * Returns a Set containing all Users. + * + * @return A Set of all users. + * @throws GuacamoleException If an error occurs while retrieving + * users. + */ + Set getUsers() throws GuacamoleException; + + /** + * Adds the given User to the overall set of available Users. + * + * @param user The user to add. + * @throws GuacamoleException If an error occurs while adding the user, or + * if adding the user is not allowed. + */ + void addUser(User user) throws GuacamoleException; + + /** + * Updates the User with the data contained in the given User. The user to + * update is identified using the username of the User given. + * + * @param user The user to use when updating the stored user. + * @throws GuacamoleException If an error occurs while updating the user, + * or if updating the user is not allowed. + */ + void updateUser(User user) throws GuacamoleException; + + /** + * Removes the given User from the overall set of available Users. + * + * @throws GuacamoleException If an error occurs while removing the user, + * or if removing user is not allowed. + */ + void removeUser(User user) throws GuacamoleException; + +} From a1b989ada0ed1a6a9cfa26dd82ccec8388cc6834 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Mon, 28 Jan 2013 11:35:31 -0800 Subject: [PATCH 52/95] Remove Environment class. --- .../net/auth/AuthenticationProvider.java | 14 ---- .../guacamole/net/auth/Environment.java | 79 ------------------- 2 files changed, 93 deletions(-) delete mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Environment.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java index 10112ada0..6c1e71394 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java @@ -49,20 +49,6 @@ import net.sourceforge.guacamole.GuacamoleException; */ public interface AuthenticationProvider { - /** - * Returns the environment exposed by this AuthenticationProvider. The - * environment provides unrestricted access to all available users and - * configurations, though operations which permanently affect users and - * configurations are only possible through a UserContext. - * - * @return An Environment containing all Users and GuacamoleConfigurations - * currently available through this AuthenticationProvider. - * - * @throws GuacamoleException If an error occurs while retrieving the - * environment. - */ - Environment getEnvironment() throws GuacamoleException; - /** * Returns the UserContext of the user authorized by the given credentials. * diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Environment.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Environment.java deleted file mode 100644 index 01c83e6e2..000000000 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Environment.java +++ /dev/null @@ -1,79 +0,0 @@ - -package net.sourceforge.guacamole.net.auth; - -/* ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is guacamole-ext. - * - * The Initial Developer of the Original Code is - * Michael Jumper. - * Portions created by the Initial Developer are Copyright (C) 2010 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -import java.util.Map; -import java.util.Set; -import net.sourceforge.guacamole.GuacamoleException; -import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; - - -/** - * Represents the global set of available Users and GuacamoleConfigurations. - * Every Environment has an associated Credentials that determine what Users - * and GuacamoleConfigurations are visible in the Environment. - * - * Note that if the available GuacamoleConfigurations or Users can change - * externally, it is up to the implementation of the Environment to reload these - * external changes if desired. - * - * @author Michael Jumper - */ -public interface Environment { - - /** - * Returns a Map containing absolutely all GuacamoleConfigurations. The - * keys of this Map are Strings which uniquely identify each configuration. - * - * @return A Map of all configurations visible. - * @throws GuacamoleException If an error occurs while retrieving - * configurations. - */ - Map getConfigurations() - throws GuacamoleException; - - /** - * Returns a Set containing absolutely all Users. - * - * @return A Set of all users. - * @throws GuacamoleException If an error occurs while retrieving - * users. - */ - Set getUsers() throws GuacamoleException; - -} From 01f8b4c596f2f20293dae43d75e5399dd0f16998 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Mon, 28 Jan 2013 12:21:41 -0800 Subject: [PATCH 53/95] Implement simple authentication provider base class (for convenience and testing). --- .../simple/SimpleAuthenticationProvider.java | 100 ++++++++++++++++ ...SimpleGuacamoleConfigurationDirectory.java | 97 +++++++++++++++ .../guacamole/net/auth/simple/SimpleUser.java | 65 ++++++++++ .../net/auth/simple/SimpleUserContext.java | 113 ++++++++++++++++++ 4 files changed, 375 insertions(+) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleAuthenticationProvider.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleAuthenticationProvider.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleAuthenticationProvider.java new file mode 100644 index 000000000..644f5526c --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleAuthenticationProvider.java @@ -0,0 +1,100 @@ + +package net.sourceforge.guacamole.net.auth.simple; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-auth. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import java.util.Map; +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.net.auth.AuthenticationProvider; +import net.sourceforge.guacamole.net.auth.Credentials; +import net.sourceforge.guacamole.net.auth.User; +import net.sourceforge.guacamole.net.auth.UserContext; +import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; + + +/** + * Provides means of retrieving a set of named GuacamoleConfigurations for a + * given Credentials object. This is a simple AuthenticationProvider + * implementation intended to be easily extended. It is useful for simple + * authentication situations where access to web-based administration and + * complex users and permissions are not required. + * + * The interface provided by SimpleAuthenticationProvider is similar to that of + * the AuthenticationProvider interface of older Guacamole releases. + * + * @author Michael Jumper + */ +public abstract class SimpleAuthenticationProvider + implements AuthenticationProvider { + + /** + * Given an arbitrary credentials object, returns a Map containing all + * configurations authorized by those credentials. The keys of this Map + * are Strings which uniquely identify each configuration. + * + * @param credentials The credentials to use to retrieve authorized + * configurations. + * @return A Map of all configurations authorized by the given credentials, + * or null if the credentials given are not authorized. + * @throws GuacamoleException If an error occurs while retrieving + * configurations. + */ + public abstract Map + getAuthorizedConfigurations(Credentials credentials) + throws GuacamoleException; + + @Override + public UserContext getUserContext(Credentials credentials) + throws GuacamoleException { + + // Get configurations + Map configs = + getAuthorizedConfigurations(credentials); + + // Return as unauthorized if not authorized to retrieve configs + if (configs == null) + return null; + + // Build new user from credentials + User user = new SimpleUser(credentials.getUsername()); + + // Return user context restricted to authorized configs + return new SimpleUserContext(user, configs); + + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java new file mode 100644 index 000000000..28057d2fd --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java @@ -0,0 +1,97 @@ + +package net.sourceforge.guacamole.net.auth.simple; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-auth. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import java.util.Map; +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.GuacamoleSecurityException; +import net.sourceforge.guacamole.net.auth.GuacamoleConfigurationDirectory; +import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; + + +/** + * An extremely simple read-only implementation of a + * GuacamoleConfigurationDirectory which provides access to a pre-defined + * Map of GuacamoleConfigurations. + * + * @author Michael Jumper + */ +public class SimpleGuacamoleConfigurationDirectory + implements GuacamoleConfigurationDirectory { + + /** + * The Map of GuacamoleConfigurations to provide access to. + */ + private Map configs; + + /** + * Creates a new SimpleGuacamoleConfigurationDirectory which provides + * access to the configurations contained within the given Map. + * + * @param configs The Map of GuacamoleConfigurations to provide access to. + */ + public SimpleGuacamoleConfigurationDirectory( + Map configs) { + this.configs = configs; + } + + @Override + public Map getConfigurations() + throws GuacamoleException { + return configs; + } + + @Override + public void addConfiguration(String identifier, + GuacamoleConfiguration config) throws GuacamoleException { + throw new GuacamoleSecurityException("Permission denied."); + } + + @Override + public void updateConfiguration(String identifier, + GuacamoleConfiguration config) throws GuacamoleException { + throw new GuacamoleSecurityException("Permission denied."); + } + + @Override + public void removeConfiguration(String identifier) + throws GuacamoleException { + throw new GuacamoleSecurityException("Permission denied."); + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java new file mode 100644 index 000000000..5d60845f1 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java @@ -0,0 +1,65 @@ + +package net.sourceforge.guacamole.net.auth.simple; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-auth. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import net.sourceforge.guacamole.net.auth.AbstractUser; + + +/** + * An extremely basic User implementation. + * + * @author Michael Jumper + */ +public class SimpleUser extends AbstractUser { + + /** + * Creates a completely uninitialized SimpleUser. + */ + public SimpleUser() { + } + + /** + * Creates a new SimpleUser having the given username. + * + * @param username The username to assign to this SimpleUser. + */ + public SimpleUser(String username) { + setUsername(username); + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java new file mode 100644 index 000000000..e3fae3122 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java @@ -0,0 +1,113 @@ + +package net.sourceforge.guacamole.net.auth.simple; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import java.util.Map; +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.GuacamoleSecurityException; +import net.sourceforge.guacamole.net.auth.GuacamoleConfigurationDirectory; +import net.sourceforge.guacamole.net.auth.PermissionDirectory; +import net.sourceforge.guacamole.net.auth.User; +import net.sourceforge.guacamole.net.auth.UserContext; +import net.sourceforge.guacamole.net.auth.UserDirectory; +import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; + +/** + * An extremely simple UserContext implementation which provides access to + * a defined and restricted set of GuacamoleConfigurations. Access to + * querying or modifying either users or permissions is denied. + * + * @author Michael Jumper + */ +public class SimpleUserContext implements UserContext { + + /** + * Reference to the user whose permissions dictate the configurations + * accessible within this UserContext. + */ + private final User self; + + /** + * The GuacamoleConfigurationDirectory with access only to those + * configurations that the User associated with this UserContext has + * read access to. + */ + private final GuacamoleConfigurationDirectory configDirectory; + + /** + * Creates a new SimpleUserContext which provides access to only those + * configurations within the given Map. The User given must be the user + * that owns this UserContext, and the Map given must contain only + * GuacamoleConfigurations that the given User has read access to. + * + * @param self The owner of this UserContext. + * @param configs A Map of all configurations for which the user associated + * with this UserContext has read access. + */ + public SimpleUserContext(User self, + Map configs) { + + this.self = self; + this.configDirectory = + new SimpleGuacamoleConfigurationDirectory(configs); + + } + + @Override + public User self() { + return self; + } + + @Override + public GuacamoleConfigurationDirectory getGuacamoleConfigurationDirectory() + throws GuacamoleException { + return configDirectory; + } + + @Override + public UserDirectory getUserDirectory() throws GuacamoleException { + throw new GuacamoleSecurityException("Permission denied."); + } + + @Override + public PermissionDirectory getPermissionDirectory() + throws GuacamoleException { + throw new GuacamoleSecurityException("Permission denied."); + } + +} From 2df5207518ea5d4de2510c19caa24687d8ac1077 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Mon, 28 Jan 2013 16:43:01 -0800 Subject: [PATCH 54/95] GuacamoleConfigurationPermission should take identifier as subject, not actual GuacamoleConfiguration. --- .../GuacamoleConfigurationPermission.java | 23 +++++++++---------- 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationPermission.java index a7c96be76..6e2838aee 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationPermission.java @@ -37,23 +37,23 @@ package net.sourceforge.guacamole.net.auth.permission; * * ***** END LICENSE BLOCK ***** */ -import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; - /** * A permission which controls operations that directly affect a specific - * GuacamoleConfiguration. + * GuacamoleConfiguration. Note that this permission only refers to the + * GuacamoleConfiguration by its identifier. The actual GuacamoleConfiguration + * is not stored within. * * @author Michael Jumper */ public class GuacamoleConfigurationPermission - implements ObjectPermission { + implements ObjectPermission { /** - * The GuacamoleConfiguration associated with the operation affected by - * this permission. + * The identifier of the GuacamoleConfiguration associated with the + * operation affected by this permission. */ - private GuacamoleConfiguration subject; + private String subject; /** * The type of operation affected by this permission. @@ -65,11 +65,10 @@ public class GuacamoleConfigurationPermission * and subject. * * @param type The type of operation affected by this permission. - * @param subject The GuacamoleConfiguration associated with the operation - * affected by this permission. + * @param subject The identifier of the GuacamoleConfiguration associated + * with the operation affected by this permission. */ - public GuacamoleConfigurationPermission(Type type, - GuacamoleConfiguration subject) { + public GuacamoleConfigurationPermission(Type type, String subject) { this.subject = subject; this.type = type; @@ -77,7 +76,7 @@ public class GuacamoleConfigurationPermission } @Override - public GuacamoleConfiguration getSubject() { + public String getSubject() { return subject; } From dfca47d4157d65c3b5099860c38bbe324a1fe2bd Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Mon, 28 Jan 2013 16:45:30 -0800 Subject: [PATCH 55/95] UserPermission should use username. --- .../net/auth/permission/UserPermission.java | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java index 3029aeb40..965e56abb 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java @@ -46,12 +46,13 @@ import net.sourceforge.guacamole.net.auth.User; * * @author Michael Jumper */ -public class UserPermission implements ObjectPermission { +public class UserPermission implements ObjectPermission { /** - * The User associated with the operation affected by this permission. + * The username of the User associated with the operation affected by this + * permission. */ - private User subject; + private String subject; /** * The type of operation affected by this permission. @@ -62,10 +63,10 @@ public class UserPermission implements ObjectPermission { * Creates a new UserPermission having the given type and subject. * * @param type The type of operation affected by this permission. - * @param subject The User associated with the operation affected by this - * permission. + * @param subject The username of the User associated with the operation + * affected by this permission. */ - public UserPermission(User subject, Type type) { + public UserPermission(String subject, Type type) { this.subject = subject; this.type = type; @@ -73,7 +74,7 @@ public class UserPermission implements ObjectPermission { } @Override - public User getSubject() { + public String getSubject() { return subject; } From c537e4fe2c0a83384471359e67101cd5aa33feba Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Mon, 28 Jan 2013 16:50:14 -0800 Subject: [PATCH 56/95] ObjectPermissions in general should deal only with identifiers. --- .../GuacamoleConfigurationPermission.java | 17 +++++++++-------- .../net/auth/permission/ObjectPermission.java | 11 +++++++---- .../net/auth/permission/UserPermission.java | 19 +++++++++---------- 3 files changed, 25 insertions(+), 22 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationPermission.java index 6e2838aee..abaacebce 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationPermission.java @@ -53,7 +53,7 @@ public class GuacamoleConfigurationPermission * The identifier of the GuacamoleConfiguration associated with the * operation affected by this permission. */ - private String subject; + private String identifier; /** * The type of operation affected by this permission. @@ -62,22 +62,23 @@ public class GuacamoleConfigurationPermission /** * Creates a new GuacamoleConfigurationPermission having the given type - * and subject. + * and identifier. The identifier must be the unique identifier assigned + * to the GuacamoleConfiguration by the AuthenticationProvider in use. * * @param type The type of operation affected by this permission. - * @param subject The identifier of the GuacamoleConfiguration associated - * with the operation affected by this permission. + * @param identifier The identifier of the GuacamoleConfiguration associated + * with the operation affected by this permission. */ - public GuacamoleConfigurationPermission(Type type, String subject) { + public GuacamoleConfigurationPermission(Type type, String identifier) { - this.subject = subject; + this.identifier = identifier; this.type = type; } @Override - public String getSubject() { - return subject; + public String getObjectIdentifier() { + return identifier; } @Override diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ObjectPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ObjectPermission.java index a67b7516a..9541e5c50 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ObjectPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ObjectPermission.java @@ -43,7 +43,7 @@ package net.sourceforge.guacamole.net.auth.permission; * whole. * * @author Michael Jumper - * @param The type of object this permission affects. + * @param The type of identifier used by the object this permission affects. */ public interface ObjectPermission extends Permission { @@ -76,9 +76,12 @@ public interface ObjectPermission extends Permission { } /** - * Returns the specific object affected by this permission. - * @return The specific object affected by this permission. + * Returns the identifier of the specific object affected by this + * permission. + * + * @return The identifier of the specific object affected by this + * permission. */ - public T getSubject(); + public T getObjectIdentifier(); } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java index 965e56abb..f8c33903c 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java @@ -37,8 +37,6 @@ package net.sourceforge.guacamole.net.auth.permission; * * ***** END LICENSE BLOCK ***** */ -import net.sourceforge.guacamole.net.auth.User; - /** * A permission which controls operations that directly affect a specific @@ -52,7 +50,7 @@ public class UserPermission implements ObjectPermission { * The username of the User associated with the operation affected by this * permission. */ - private String subject; + private String identifier; /** * The type of operation affected by this permission. @@ -60,22 +58,23 @@ public class UserPermission implements ObjectPermission { private Type type; /** - * Creates a new UserPermission having the given type and subject. + * Creates a new UserPermission having the given type and identifier. The + * identifier must be the user's username. * * @param type The type of operation affected by this permission. - * @param subject The username of the User associated with the operation - * affected by this permission. + * @param identifier The username of the User associated with the operation + * affected by this permission. */ - public UserPermission(String subject, Type type) { + public UserPermission(String identifier, Type type) { - this.subject = subject; + this.identifier = identifier; this.type = type; } @Override - public String getSubject() { - return subject; + public String getObjectIdentifier() { + return identifier; } @Override From b7872eb2022bbbc8251b401f05cb372693f8be70 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Mon, 28 Jan 2013 22:21:24 -0800 Subject: [PATCH 57/95] Allow permission queries. --- .../simple/SimplePermissionDirectory.java | 121 ++++++++++++++++++ .../net/auth/simple/SimpleUserContext.java | 12 +- 2 files changed, 132 insertions(+), 1 deletion(-) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimplePermissionDirectory.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimplePermissionDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimplePermissionDirectory.java new file mode 100644 index 000000000..7b2c6a42e --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimplePermissionDirectory.java @@ -0,0 +1,121 @@ + +package net.sourceforge.guacamole.net.auth.simple; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import java.util.Map; +import java.util.Set; +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.GuacamoleSecurityException; +import net.sourceforge.guacamole.net.auth.PermissionDirectory; +import net.sourceforge.guacamole.net.auth.User; +import net.sourceforge.guacamole.net.auth.permission.GuacamoleConfigurationPermission; +import net.sourceforge.guacamole.net.auth.permission.ObjectPermission; +import net.sourceforge.guacamole.net.auth.permission.Permission; +import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; + + +/** + * A simple read-only PermissionDirectory which manages the permissions for a + * single user. + * + * @author Michael Jumper + */ +public class SimplePermissionDirectory implements PermissionDirectory { + + /** + * The user that has access to all given configs. + */ + private User user; + + /** + * The identifiers of all available configs. + */ + private Set configIdentifiers; + + /** + * Creates a new SimplePermissionDirectory which manages the permissions of + * the given user and the given Map of GuacamoleConfigurations, which must + * contain only those GuacamoleConfigurations the given user has access to. + * + * @param user The user to manage permissions for. + * @param configs All available configurations for the user given. + */ + public SimplePermissionDirectory(User user, + Map configs) { + + this.user = user; + configIdentifiers = configs.keySet(); + + } + + @Override + public boolean hasPermission(User user, Permission permission) throws GuacamoleException { + + // No permssion to check permissions of other users + if (!this.user.equals(user)) + throw new GuacamoleSecurityException("Permission denied."); + + // If correct user, validate config permission + if (permission instanceof GuacamoleConfigurationPermission) { + + // Get permission + GuacamoleConfigurationPermission guacConfigPerm = + (GuacamoleConfigurationPermission) permission; + + // If type is READ, permission given if the config exists in the set + if (guacConfigPerm.getType() == ObjectPermission.Type.READ) + return configIdentifiers.contains(guacConfigPerm.getObjectIdentifier()); + + } + + // No permission by default + return false; + + } + + @Override + public void addPermission(User user, Permission permission) throws GuacamoleException { + throw new GuacamoleSecurityException("Permission denied."); + } + + @Override + public void removePermission(User user, Permission permission) throws GuacamoleException { + throw new GuacamoleSecurityException("Permission denied."); + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java index e3fae3122..4943b8947 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java @@ -68,6 +68,12 @@ public class SimpleUserContext implements UserContext { * read access to. */ private final GuacamoleConfigurationDirectory configDirectory; + + /** + * The PermissionDirectory describing which permissions are available for + * the configurations provided. + */ + private final PermissionDirectory permissionDirectory; /** * Creates a new SimpleUserContext which provides access to only those @@ -83,9 +89,13 @@ public class SimpleUserContext implements UserContext { Map configs) { this.self = self; + this.configDirectory = new SimpleGuacamoleConfigurationDirectory(configs); + this.permissionDirectory = + new SimplePermissionDirectory(self, configs); + } @Override @@ -107,7 +117,7 @@ public class SimpleUserContext implements UserContext { @Override public PermissionDirectory getPermissionDirectory() throws GuacamoleException { - throw new GuacamoleSecurityException("Permission denied."); + return permissionDirectory; } } From e9253473d1dbb94d3fa6b4c094b27e56965020d9 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Tue, 29 Jan 2013 00:34:18 -0800 Subject: [PATCH 58/95] Add package-info.java files. --- .../guacamole/net/auth/permission/package-info.java | 7 +++++++ .../guacamole/net/auth/simple/package-info.java | 8 ++++++++ 2 files changed, 15 insertions(+) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/package-info.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/package-info.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/package-info.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/package-info.java new file mode 100644 index 000000000..242edc24c --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/package-info.java @@ -0,0 +1,7 @@ + +/** + * Provides classes which describe the various permissions a Guacamole user + * can be granted. + */ +package net.sourceforge.guacamole.net.auth.permission; + diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/package-info.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/package-info.java new file mode 100644 index 000000000..7066da16d --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/package-info.java @@ -0,0 +1,8 @@ + +/** + * Provides a basic AuthenticationProvider base class that can be used to create + * simple AuthenticationProviders in the same way allowed by the old + * authentication API. + */ +package net.sourceforge.guacamole.net.auth.simple; + From 3a47e3ffa11b75fd676c2e74add761bf36da6b01 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Tue, 29 Jan 2013 02:32:45 -0800 Subject: [PATCH 59/95] Fix wrong package and typo. --- .../guacamole/net/event/listener/package-info.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/package-info.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/package-info.java index bf8c3e8a5..83545510c 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/package-info.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/event/listener/package-info.java @@ -2,9 +2,9 @@ /** * Provides classes for hooking into various events that take place as * users log into and use the Guacamole web application. These event - * hooks can be used to take action upon occurence of an event and, + * hooks can be used to take action upon occurrence of an event and, * in some cases, prevent the web application from allowing the * event to continue for the user that triggered it. */ -package net.sourceforge.guacamole.net.event; +package net.sourceforge.guacamole.net.event.listener; From ab1c65ac92892c470a2fe123d6fff7804b24325e Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Tue, 29 Jan 2013 02:36:36 -0800 Subject: [PATCH 60/95] Remove unused Role. --- .../guacamole/net/auth/AbstractUser.java | 16 ----- .../sourceforge/guacamole/net/auth/Role.java | 64 ------------------- .../sourceforge/guacamole/net/auth/User.java | 15 ----- 3 files changed, 95 deletions(-) delete mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Role.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java index 43c0219a7..392d168d8 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java @@ -58,11 +58,6 @@ public abstract class AbstractUser implements User, Comparable { */ private String password; - /** - * This user's role. - */ - private Role role; - @Override public String getUsername() { return username; @@ -83,17 +78,6 @@ public abstract class AbstractUser implements User, Comparable { this.password = password; } - @Override - public Role getRole() { - return role; - } - - @Override - public void setRole(Role role) { - this.role = role; - } - - @Override public int hashCode() { if (username == null) return 0; diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Role.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Role.java deleted file mode 100644 index 6a18ed162..000000000 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Role.java +++ /dev/null @@ -1,64 +0,0 @@ -package net.sourceforge.guacamole.net.auth; - -/* ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is guacamole-ext. - * - * The Initial Developer of the Original Code is - * Michael Jumper. - * Portions created by the Initial Developer are Copyright (C) 2010 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - - -/** - * The role of a particular user, defining the access levels of that user. - * - * @author Michael Jumper - */ -public interface Role { - - /* FIXME: STUB */ - - /* - * POSSIBLE PERMISSIONS: - * - * UserManagementPermission(ADD/UPDATE/DELETE/VIEW, user or ANY) - * ConfigurationPermission(ADD/UPDATE/DELETE/VIEW, config or ANY) - * AdministrationPermission(ADD/REMOVE, permission or ANY) - * - * Each can be used with: - * - * add(Permission) - * remove(Permission) - * has(Permission) - * - */ - -} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java index 35a9f3dea..a91b9cc18 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java @@ -76,19 +76,4 @@ public interface User { */ public void setPassword(String password); - /** - * Returns the role of this User. The role defines exactly which permissions - * a particular user has. - * - * @return The role of this User. - */ - public Role getRole(); - - /** - * Sets the role of this User to the given Role. - * - * @param role The role which this User should have. - */ - public void setRole(Role role); - } From 59886fcdc2e63624598c0892f0c0750cafbd3165 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Tue, 29 Jan 2013 11:35:59 -0800 Subject: [PATCH 61/95] Implement templates (for configuration interface construction). --- .../auth/GuacamoleConfigurationDirectory.java | 12 ++ .../auth/GuacamoleConfigurationTemplate.java | 124 ++++++++++++++++++ ...SimpleGuacamoleConfigurationDirectory.java | 7 + 3 files changed, 143 insertions(+) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationTemplate.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java index 64e1bc89c..8765068e5 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java @@ -61,6 +61,18 @@ public interface GuacamoleConfigurationDirectory { Map getConfigurations() throws GuacamoleException; + /** + * Returns a Map containing GuacamoleConfigurationTemplates which describe + * legal parameters and value. These templates are expected to be used as + * the blueprints for new connections. + * + * @return A Map of configuration templates. + * @throws GuacamoleException If an error occurs while retrieving the + * templates. + */ + Map getTemplates() + throws GuacamoleException; + /** * Adds the given GuacamoleConfiguration to the overall set of available * GuacamoleConfigurations, using the given unique identifier. diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationTemplate.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationTemplate.java new file mode 100644 index 000000000..fd5d9935c --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationTemplate.java @@ -0,0 +1,124 @@ + +package net.sourceforge.guacamole.net.auth; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import java.util.Collection; + + +/** + * A template which describes legal parameters and their values such that + * a new configuration for a Guacamole connection can be created. A + * GuacamoleConfigurationTemplate would normally be used to construct a + * meaningful interface for a user, such that creating a new configuration + * does not require reading the low-level documentation for a protocol. + * + * @author Michael Jumper + */ +public interface GuacamoleConfigurationTemplate { + + /** + * A field corresponding to a parameter of a GuacamoleConfiguration. + */ + public interface Field { + + /** + * The type of a field, dictating the data accepted and possibly the + * manner of that field's presentation. + */ + public enum Type { + + /** + * A field whose values are arbitrary strings. + */ + TEXT, + + /** + * A field whose legal values are either "true" or "false". + */ + BOOLEAN, + + /** + * A field which can only have numeric values. + */ + NUMERIC, + + /** + * A field whose values are arbitrary, sensitive strings. + */ + PASSWORD + + } + + /** + * Returns the type of this field. + * @return The type of this field. + */ + Type getType(); + + /** + * Returns a human-readable description of the field. + * @return A human-readable description of the field. + */ + String getDescription(); + + /** + * Returns the set of all possible legal values for this field. + * @return The set of all possible legal values for this field, or null + * if this field can have any value. + */ + Collection getDefaultValues(); + + } + + /** + * Returns the protocol that will be used by any configuration created + * using this template. + * + * @return The protocol that will be used by any configuration created + * using this template. + */ + String getProtocol(); + + /** + * Returns the set of all available fields. + * + * @return The set of all available fields. + */ + Collection getFields(); + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java index 28057d2fd..fa0c74b0a 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java @@ -41,6 +41,7 @@ import java.util.Map; import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.GuacamoleSecurityException; import net.sourceforge.guacamole.net.auth.GuacamoleConfigurationDirectory; +import net.sourceforge.guacamole.net.auth.GuacamoleConfigurationTemplate; import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; @@ -76,6 +77,12 @@ public class SimpleGuacamoleConfigurationDirectory return configs; } + @Override + public Map getTemplates() + throws GuacamoleException { + throw new GuacamoleSecurityException("Permission denied."); + } + @Override public void addConfiguration(String identifier, GuacamoleConfiguration config) throws GuacamoleException { From f4ec3221832f23c69839eceae35c0c859838b344 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Tue, 29 Jan 2013 14:17:27 -0800 Subject: [PATCH 62/95] Use guacamole-common 0.8.0. --- guacamole-ext/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/guacamole-ext/pom.xml b/guacamole-ext/pom.xml index f6287c45e..b301f9b15 100644 --- a/guacamole-ext/pom.xml +++ b/guacamole-ext/pom.xml @@ -43,7 +43,7 @@ net.sourceforge.guacamole guacamole-common - 0.7.0 + 0.8.0 compile From b6c1bc19ff36ec5cab179c8629ca57a7bc3916a0 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Tue, 29 Jan 2013 19:19:55 -0800 Subject: [PATCH 63/95] Rename field value function reasonably. --- .../guacamole/net/auth/GuacamoleConfigurationTemplate.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationTemplate.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationTemplate.java index fd5d9935c..158448607 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationTemplate.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationTemplate.java @@ -101,7 +101,7 @@ public interface GuacamoleConfigurationTemplate { * @return The set of all possible legal values for this field, or null * if this field can have any value. */ - Collection getDefaultValues(); + Collection getPossibleValues(); } From 6c866ac05826ca41a85da7f9ea1bd20f5731d519 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 30 Jan 2013 02:15:21 -0800 Subject: [PATCH 64/95] Fix parameter order of UserPermission constructor. --- .../guacamole/net/auth/permission/UserPermission.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java index f8c33903c..bfe2b9fad 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java @@ -65,7 +65,7 @@ public class UserPermission implements ObjectPermission { * @param identifier The username of the User associated with the operation * affected by this permission. */ - public UserPermission(String identifier, Type type) { + public UserPermission(Type type, String identifier) { this.identifier = identifier; this.type = type; From 77f02d62485bbf859225c7f1fd7ccc92a7caa02b Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 30 Jan 2013 12:55:16 -0800 Subject: [PATCH 65/95] Fix typo in object permission type name. --- .../guacamole/net/auth/permission/ObjectPermission.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ObjectPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ObjectPermission.java index 9541e5c50..2c38a32a7 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ObjectPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ObjectPermission.java @@ -71,7 +71,7 @@ public interface ObjectPermission extends Permission { /** * Change who has access to an object. */ - ADMINSTER + ADMINISTER } From c6e414025a3ef7cf10837ebd6ec1f9ebf93b921c Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 30 Jan 2013 13:12:59 -0800 Subject: [PATCH 66/95] Allow per-user permissions listing, query by username. --- .../net/auth/PermissionDirectory.java | 25 +++++++++--- .../simple/SimplePermissionDirectory.java | 38 ++++++++++++++++--- 2 files changed, 51 insertions(+), 12 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/PermissionDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/PermissionDirectory.java index 30b4f2c38..26d51acec 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/PermissionDirectory.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/PermissionDirectory.java @@ -36,6 +36,7 @@ package net.sourceforge.guacamole.net.auth; * * ***** END LICENSE BLOCK ***** */ +import java.util.Set; import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.net.auth.permission.Permission; @@ -48,10 +49,22 @@ import net.sourceforge.guacamole.net.auth.permission.Permission; */ public interface PermissionDirectory { + /** + * Lists all permissions given to the specified user. + * + * @param user The username of the user to list permissions of. + * @return A Set of all permissions granted to the specified user. + * + * @throws GuacamoleException If an error occurs while retrieving + * permissions, or if reading all permissions + * is not allowed. + */ + Set getPermissions(String user) throws GuacamoleException; + /** * Tests whether the specified user has the specified permission. * - * @param user The user to check permissions for. + * @param user The username of the user to check permissions for. * @param permission The permission to check. * @return true if the permission is granted to the user specified, false * otherwise. @@ -60,33 +73,33 @@ public interface PermissionDirectory { * or if permissions cannot be checked due to * lack of permissions to do so. */ - boolean hasPermission(User user, Permission permission) + boolean hasPermission(String user, Permission permission) throws GuacamoleException; /** * Adds the specified permission to the specified user. * - * @param user The user to add the permission to. + * @param user The username of the user to add the permission to. * @param permission The permission to add. * * @throws GuacamoleException If an error occurs while adding the * permission. or if permission to add * permissions is denied. */ - void addPermission(User user, Permission permission) + void addPermission(String user, Permission permission) throws GuacamoleException; /** * Removes the specified permission from the specified user. * - * @param user The user to remove the permission from. + * @param user The username of the user to remove the permission from. * @param permission The permission to remove. * * @throws GuacamoleException If an error occurs while removing the * permission. or if permission to remove * permissions is denied. */ - void removePermission(User user, Permission permission) + void removePermission(String user, Permission permission) throws GuacamoleException; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimplePermissionDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimplePermissionDirectory.java index 7b2c6a42e..2498cd902 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimplePermissionDirectory.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimplePermissionDirectory.java @@ -37,6 +37,7 @@ package net.sourceforge.guacamole.net.auth.simple; * * ***** END LICENSE BLOCK ***** */ +import java.util.HashSet; import java.util.Map; import java.util.Set; import net.sourceforge.guacamole.GuacamoleException; @@ -58,9 +59,9 @@ import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; public class SimplePermissionDirectory implements PermissionDirectory { /** - * The user that has access to all given configs. + * The username of the user that has access to all given configs. */ - private User user; + private String user; /** * The identifiers of all available configs. @@ -78,13 +79,38 @@ public class SimplePermissionDirectory implements PermissionDirectory { public SimplePermissionDirectory(User user, Map configs) { - this.user = user; + this.user = user.getUsername(); configIdentifiers = configs.keySet(); } @Override - public boolean hasPermission(User user, Permission permission) throws GuacamoleException { + public Set getPermissions(String user) throws GuacamoleException { + + // No permssion to check permissions of other users + if (!this.user.equals(user)) + throw new GuacamoleSecurityException("Permission denied."); + + // If correct user, build list all permissions + Set permissions = new HashSet(); + for (String identifier : configIdentifiers) { + + // Add permission to set + permissions.add( + new GuacamoleConfigurationPermission( + ObjectPermission.Type.READ, + identifier + ) + ); + + } + + return permissions; + + } + + @Override + public boolean hasPermission(String user, Permission permission) throws GuacamoleException { // No permssion to check permissions of other users if (!this.user.equals(user)) @@ -109,12 +135,12 @@ public class SimplePermissionDirectory implements PermissionDirectory { } @Override - public void addPermission(User user, Permission permission) throws GuacamoleException { + public void addPermission(String user, Permission permission) throws GuacamoleException { throw new GuacamoleSecurityException("Permission denied."); } @Override - public void removePermission(User user, Permission permission) throws GuacamoleException { + public void removePermission(String user, Permission permission) throws GuacamoleException { throw new GuacamoleSecurityException("Permission denied."); } From 2925db8945ad560858f4d4001f2b31e7c44ef3d5 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 30 Jan 2013 22:23:04 -0800 Subject: [PATCH 67/95] Remove by username, not by User. --- .../net/sourceforge/guacamole/net/auth/UserDirectory.java | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserDirectory.java index 85ece850a..5f7952fbc 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserDirectory.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserDirectory.java @@ -77,11 +77,12 @@ public interface UserDirectory { void updateUser(User user) throws GuacamoleException; /** - * Removes the given User from the overall set of available Users. + * Removes the user with the given username from the overall set of + * available Users. * * @throws GuacamoleException If an error occurs while removing the user, * or if removing user is not allowed. */ - void removeUser(User user) throws GuacamoleException; + void removeUser(String username) throws GuacamoleException; } From 53bb4e31b0a7e4b41f3cb031d7444d81b9814d2f Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 30 Jan 2013 22:38:48 -0800 Subject: [PATCH 68/95] Remove GuacamoleConfigurationTemplate - shouldn't be in auth provider. --- .../auth/GuacamoleConfigurationDirectory.java | 12 -- .../auth/GuacamoleConfigurationTemplate.java | 124 ------------------ ...SimpleGuacamoleConfigurationDirectory.java | 7 - 3 files changed, 143 deletions(-) delete mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationTemplate.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java index 8765068e5..64e1bc89c 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java @@ -61,18 +61,6 @@ public interface GuacamoleConfigurationDirectory { Map getConfigurations() throws GuacamoleException; - /** - * Returns a Map containing GuacamoleConfigurationTemplates which describe - * legal parameters and value. These templates are expected to be used as - * the blueprints for new connections. - * - * @return A Map of configuration templates. - * @throws GuacamoleException If an error occurs while retrieving the - * templates. - */ - Map getTemplates() - throws GuacamoleException; - /** * Adds the given GuacamoleConfiguration to the overall set of available * GuacamoleConfigurations, using the given unique identifier. diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationTemplate.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationTemplate.java deleted file mode 100644 index 158448607..000000000 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationTemplate.java +++ /dev/null @@ -1,124 +0,0 @@ - -package net.sourceforge.guacamole.net.auth; - -/* ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is guacamole-ext. - * - * The Initial Developer of the Original Code is - * Michael Jumper. - * Portions created by the Initial Developer are Copyright (C) 2010 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -import java.util.Collection; - - -/** - * A template which describes legal parameters and their values such that - * a new configuration for a Guacamole connection can be created. A - * GuacamoleConfigurationTemplate would normally be used to construct a - * meaningful interface for a user, such that creating a new configuration - * does not require reading the low-level documentation for a protocol. - * - * @author Michael Jumper - */ -public interface GuacamoleConfigurationTemplate { - - /** - * A field corresponding to a parameter of a GuacamoleConfiguration. - */ - public interface Field { - - /** - * The type of a field, dictating the data accepted and possibly the - * manner of that field's presentation. - */ - public enum Type { - - /** - * A field whose values are arbitrary strings. - */ - TEXT, - - /** - * A field whose legal values are either "true" or "false". - */ - BOOLEAN, - - /** - * A field which can only have numeric values. - */ - NUMERIC, - - /** - * A field whose values are arbitrary, sensitive strings. - */ - PASSWORD - - } - - /** - * Returns the type of this field. - * @return The type of this field. - */ - Type getType(); - - /** - * Returns a human-readable description of the field. - * @return A human-readable description of the field. - */ - String getDescription(); - - /** - * Returns the set of all possible legal values for this field. - * @return The set of all possible legal values for this field, or null - * if this field can have any value. - */ - Collection getPossibleValues(); - - } - - /** - * Returns the protocol that will be used by any configuration created - * using this template. - * - * @return The protocol that will be used by any configuration created - * using this template. - */ - String getProtocol(); - - /** - * Returns the set of all available fields. - * - * @return The set of all available fields. - */ - Collection getFields(); - -} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java index fa0c74b0a..28057d2fd 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java @@ -41,7 +41,6 @@ import java.util.Map; import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.GuacamoleSecurityException; import net.sourceforge.guacamole.net.auth.GuacamoleConfigurationDirectory; -import net.sourceforge.guacamole.net.auth.GuacamoleConfigurationTemplate; import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; @@ -77,12 +76,6 @@ public class SimpleGuacamoleConfigurationDirectory return configs; } - @Override - public Map getTemplates() - throws GuacamoleException { - throw new GuacamoleSecurityException("Permission denied."); - } - @Override public void addConfiguration(String identifier, GuacamoleConfiguration config) throws GuacamoleException { From b244058a57aafcda66de33d9976816de8c180c4e Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 30 Jan 2013 22:43:24 -0800 Subject: [PATCH 69/95] Remove PermissionDirectory, migrate functionality to User. --- .../net/auth/PermissionDirectory.java | 105 ------------- .../sourceforge/guacamole/net/auth/User.java | 50 ++++++ .../guacamole/net/auth/UserContext.java | 13 -- .../simple/SimplePermissionDirectory.java | 147 ------------------ .../net/auth/simple/SimpleUserContext.java | 16 -- 5 files changed, 50 insertions(+), 281 deletions(-) delete mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/PermissionDirectory.java delete mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimplePermissionDirectory.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/PermissionDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/PermissionDirectory.java deleted file mode 100644 index 26d51acec..000000000 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/PermissionDirectory.java +++ /dev/null @@ -1,105 +0,0 @@ -package net.sourceforge.guacamole.net.auth; - -/* ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is guacamole-ext. - * - * The Initial Developer of the Original Code is - * Michael Jumper. - * Portions created by the Initial Developer are Copyright (C) 2010 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -import java.util.Set; -import net.sourceforge.guacamole.GuacamoleException; -import net.sourceforge.guacamole.net.auth.permission.Permission; - - -/** - * Provides access to a collection of all permissions, and allows permission - * manipulation and removal. - * - * @author Michael Jumper - */ -public interface PermissionDirectory { - - /** - * Lists all permissions given to the specified user. - * - * @param user The username of the user to list permissions of. - * @return A Set of all permissions granted to the specified user. - * - * @throws GuacamoleException If an error occurs while retrieving - * permissions, or if reading all permissions - * is not allowed. - */ - Set getPermissions(String user) throws GuacamoleException; - - /** - * Tests whether the specified user has the specified permission. - * - * @param user The username of the user to check permissions for. - * @param permission The permission to check. - * @return true if the permission is granted to the user specified, false - * otherwise. - * - * @throws GuacamoleException If an error occurs while checking permissions, - * or if permissions cannot be checked due to - * lack of permissions to do so. - */ - boolean hasPermission(String user, Permission permission) - throws GuacamoleException; - - /** - * Adds the specified permission to the specified user. - * - * @param user The username of the user to add the permission to. - * @param permission The permission to add. - * - * @throws GuacamoleException If an error occurs while adding the - * permission. or if permission to add - * permissions is denied. - */ - void addPermission(String user, Permission permission) - throws GuacamoleException; - - /** - * Removes the specified permission from the specified user. - * - * @param user The username of the user to remove the permission from. - * @param permission The permission to remove. - * - * @throws GuacamoleException If an error occurs while removing the - * permission. or if permission to remove - * permissions is denied. - */ - void removePermission(String user, Permission permission) - throws GuacamoleException; - -} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java index a91b9cc18..b2f573c65 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java @@ -1,6 +1,10 @@ package net.sourceforge.guacamole.net.auth; +import java.util.Set; +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.net.auth.permission.Permission; + /* ***** BEGIN LICENSE BLOCK ***** * Version: MPL 1.1/GPL 2.0/LGPL 2.1 * @@ -76,4 +80,50 @@ public interface User { */ public void setPassword(String password); + /** + * Lists all permissions given to this user. + * + * @return A Set of all permissions granted to this user. + * + * @throws GuacamoleException If an error occurs while retrieving + * permissions, or if reading all permissions + * is not allowed. + */ + Set getPermissions() throws GuacamoleException; + + /** + * Tests whether this user has the specified permission. + * + * @param permission The permission to check. + * @return true if the permission is granted to this user, false otherwise. + * + * @throws GuacamoleException If an error occurs while checking permissions, + * or if permissions cannot be checked due to + * lack of permissions to do so. + */ + boolean hasPermission(Permission permission) throws GuacamoleException; + + /** + * Adds the specified permission to this user. + * + * @param permission The permission to add. + * + * @throws GuacamoleException If an error occurs while adding the + * permission. or if permission to add + * permissions is denied. + */ + void addPermission(Permission permission) throws GuacamoleException; + + /** + * Removes the specified permission from this specified user. + * + * @param permission The permission to remove. + * + * @throws GuacamoleException If an error occurs while removing the + * permission. or if permission to remove + * permissions is denied. + */ + void removePermission(Permission permission) throws GuacamoleException; + + } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java index ce7cc6016..479d12f36 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java @@ -83,17 +83,4 @@ public interface UserContext { GuacamoleConfigurationDirectory getGuacamoleConfigurationDirectory() throws GuacamoleException; - /** - * Retrieves a PermissionDirectory which can be used to view and manipulate - * permissions, but only as allowed by the permissions given to the user of - * this UserContext. - * - * @return A PermissionDirectory whose operations are bound by the - * restrictions of this UserContext. - * - * @throws GuacamoleException If an error occurs while creating the - * PermissionDirectory. - */ - PermissionDirectory getPermissionDirectory() throws GuacamoleException; - } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimplePermissionDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimplePermissionDirectory.java deleted file mode 100644 index 2498cd902..000000000 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimplePermissionDirectory.java +++ /dev/null @@ -1,147 +0,0 @@ - -package net.sourceforge.guacamole.net.auth.simple; - -/* ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is guacamole-ext. - * - * The Initial Developer of the Original Code is - * Michael Jumper. - * Portions created by the Initial Developer are Copyright (C) 2010 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -import java.util.HashSet; -import java.util.Map; -import java.util.Set; -import net.sourceforge.guacamole.GuacamoleException; -import net.sourceforge.guacamole.GuacamoleSecurityException; -import net.sourceforge.guacamole.net.auth.PermissionDirectory; -import net.sourceforge.guacamole.net.auth.User; -import net.sourceforge.guacamole.net.auth.permission.GuacamoleConfigurationPermission; -import net.sourceforge.guacamole.net.auth.permission.ObjectPermission; -import net.sourceforge.guacamole.net.auth.permission.Permission; -import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; - - -/** - * A simple read-only PermissionDirectory which manages the permissions for a - * single user. - * - * @author Michael Jumper - */ -public class SimplePermissionDirectory implements PermissionDirectory { - - /** - * The username of the user that has access to all given configs. - */ - private String user; - - /** - * The identifiers of all available configs. - */ - private Set configIdentifiers; - - /** - * Creates a new SimplePermissionDirectory which manages the permissions of - * the given user and the given Map of GuacamoleConfigurations, which must - * contain only those GuacamoleConfigurations the given user has access to. - * - * @param user The user to manage permissions for. - * @param configs All available configurations for the user given. - */ - public SimplePermissionDirectory(User user, - Map configs) { - - this.user = user.getUsername(); - configIdentifiers = configs.keySet(); - - } - - @Override - public Set getPermissions(String user) throws GuacamoleException { - - // No permssion to check permissions of other users - if (!this.user.equals(user)) - throw new GuacamoleSecurityException("Permission denied."); - - // If correct user, build list all permissions - Set permissions = new HashSet(); - for (String identifier : configIdentifiers) { - - // Add permission to set - permissions.add( - new GuacamoleConfigurationPermission( - ObjectPermission.Type.READ, - identifier - ) - ); - - } - - return permissions; - - } - - @Override - public boolean hasPermission(String user, Permission permission) throws GuacamoleException { - - // No permssion to check permissions of other users - if (!this.user.equals(user)) - throw new GuacamoleSecurityException("Permission denied."); - - // If correct user, validate config permission - if (permission instanceof GuacamoleConfigurationPermission) { - - // Get permission - GuacamoleConfigurationPermission guacConfigPerm = - (GuacamoleConfigurationPermission) permission; - - // If type is READ, permission given if the config exists in the set - if (guacConfigPerm.getType() == ObjectPermission.Type.READ) - return configIdentifiers.contains(guacConfigPerm.getObjectIdentifier()); - - } - - // No permission by default - return false; - - } - - @Override - public void addPermission(String user, Permission permission) throws GuacamoleException { - throw new GuacamoleSecurityException("Permission denied."); - } - - @Override - public void removePermission(String user, Permission permission) throws GuacamoleException { - throw new GuacamoleSecurityException("Permission denied."); - } - -} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java index 4943b8947..a7697ea19 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java @@ -41,7 +41,6 @@ import java.util.Map; import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.GuacamoleSecurityException; import net.sourceforge.guacamole.net.auth.GuacamoleConfigurationDirectory; -import net.sourceforge.guacamole.net.auth.PermissionDirectory; import net.sourceforge.guacamole.net.auth.User; import net.sourceforge.guacamole.net.auth.UserContext; import net.sourceforge.guacamole.net.auth.UserDirectory; @@ -69,12 +68,6 @@ public class SimpleUserContext implements UserContext { */ private final GuacamoleConfigurationDirectory configDirectory; - /** - * The PermissionDirectory describing which permissions are available for - * the configurations provided. - */ - private final PermissionDirectory permissionDirectory; - /** * Creates a new SimpleUserContext which provides access to only those * configurations within the given Map. The User given must be the user @@ -93,9 +86,6 @@ public class SimpleUserContext implements UserContext { this.configDirectory = new SimpleGuacamoleConfigurationDirectory(configs); - this.permissionDirectory = - new SimplePermissionDirectory(self, configs); - } @Override @@ -114,10 +104,4 @@ public class SimpleUserContext implements UserContext { throw new GuacamoleSecurityException("Permission denied."); } - @Override - public PermissionDirectory getPermissionDirectory() - throws GuacamoleException { - return permissionDirectory; - } - } From 493090195af074b8248774ae9ad4cb56a19252f2 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 30 Jan 2013 22:49:31 -0800 Subject: [PATCH 70/95] Migrate SimpleAuthenticationProvider to model with permissions residing in User. --- .../simple/SimpleAuthenticationProvider.java | 2 +- .../guacamole/net/auth/simple/SimpleUser.java | 58 ++++++++++++++++++- 2 files changed, 58 insertions(+), 2 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleAuthenticationProvider.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleAuthenticationProvider.java index 644f5526c..451b4d999 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleAuthenticationProvider.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleAuthenticationProvider.java @@ -90,7 +90,7 @@ public abstract class SimpleAuthenticationProvider return null; // Build new user from credentials - User user = new SimpleUser(credentials.getUsername()); + User user = new SimpleUser(credentials.getUsername(), configs); // Return user context restricted to authorized configs return new SimpleUserContext(user, configs); diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java index 5d60845f1..7c574c151 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java @@ -37,7 +37,16 @@ package net.sourceforge.guacamole.net.auth.simple; * * ***** END LICENSE BLOCK ***** */ +import java.util.HashSet; +import java.util.Map; +import java.util.Set; +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.GuacamoleSecurityException; import net.sourceforge.guacamole.net.auth.AbstractUser; +import net.sourceforge.guacamole.net.auth.permission.GuacamoleConfigurationPermission; +import net.sourceforge.guacamole.net.auth.permission.ObjectPermission; +import net.sourceforge.guacamole.net.auth.permission.Permission; +import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; /** @@ -47,6 +56,11 @@ import net.sourceforge.guacamole.net.auth.AbstractUser; */ public class SimpleUser extends AbstractUser { + /** + * The set of all permissions available to this user. + */ + private Set permissions = new HashSet(); + /** * Creates a completely uninitialized SimpleUser. */ @@ -57,9 +71,51 @@ public class SimpleUser extends AbstractUser { * Creates a new SimpleUser having the given username. * * @param username The username to assign to this SimpleUser. + * @param configs All configurations this user has read access to. */ - public SimpleUser(String username) { + public SimpleUser(String username, + Map configs) { + + // Set username setUsername(username); + + // Add permissions + for (String identifier : configs.keySet()) { + + // Create permission + Permission permission = new GuacamoleConfigurationPermission( + ObjectPermission.Type.READ, + identifier + ); + + // Add to set + permissions.add(permission); + + } + + } + + @Override + public Set getPermissions() throws GuacamoleException { + return permissions; + } + + @Override + public boolean hasPermission(Permission permission) throws GuacamoleException { + + /* FIXME: STUB! */ + throw new UnsupportedOperationException("Not supported yet."); + + } + + @Override + public void addPermission(Permission permission) throws GuacamoleException { + throw new GuacamoleSecurityException("Permission denied."); + } + + @Override + public void removePermission(Permission permission) throws GuacamoleException { + throw new GuacamoleSecurityException("Permission denied."); } } From c20a4794496e391b2a55a91be9c0b6bd39758622 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 30 Jan 2013 23:01:11 -0800 Subject: [PATCH 71/95] Provide means for retrieving Users by username. --- .../guacamole/net/auth/UserDirectory.java | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserDirectory.java index 5f7952fbc..74737049b 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserDirectory.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserDirectory.java @@ -47,7 +47,20 @@ import net.sourceforge.guacamole.GuacamoleException; * @author Michael Jumper */ public interface UserDirectory { - + + /** + * Returns the User having the given username. + * + * @param username The username of the User to return. + * @return The User having the given username, or null if no such user + * exists. + * + * @throws GuacamoleException If an error occurs while retrieving the user, + * or if permission for retrieving the user is + * denied. + */ + User getUser(String username) throws GuacamoleException; + /** * Returns a Set containing all Users. * From 7e4a210ba515de1ac5edb44f52e3943d65a4910e Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 30 Jan 2013 23:04:31 -0800 Subject: [PATCH 72/95] Provide means for retrieving configuration by identifier. --- .../net/auth/GuacamoleConfigurationDirectory.java | 15 +++++++++++++++ .../SimpleGuacamoleConfigurationDirectory.java | 6 ++++++ 2 files changed, 21 insertions(+) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java index 64e1bc89c..4bf060b5a 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java @@ -50,6 +50,21 @@ import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; */ public interface GuacamoleConfigurationDirectory { + /** + * Returns the GuacamoleConfiguration having the given identifier. + * + * @param identifier The identifier of the GuacamoleConfiguration to + * return. + * @return The GuacamoleConfiguration having the given identifier, or null + * if no such GuacamoleConfiguration exists. + * + * @throws GuacamoleException If an error occurs while retrieving the + * configuration, or if access to the + * configuration is denied. + */ + GuacamoleConfiguration getConfiguration(String identifier) + throws GuacamoleException; + /** * Returns a Map containing all GuacamoleConfigurations. The keys of this * Map are Strings which uniquely identify each configuration. diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java index 28057d2fd..34b804042 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java @@ -70,6 +70,12 @@ public class SimpleGuacamoleConfigurationDirectory this.configs = configs; } + @Override + public GuacamoleConfiguration getConfiguration(String identifier) + throws GuacamoleException { + return configs.get(identifier); + } + @Override public Map getConfigurations() throws GuacamoleException { From 01477ba06365542c5658b8fb61491216e4e48624 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 30 Jan 2013 23:06:09 -0800 Subject: [PATCH 73/95] Remove Comparable from AbstractUser. --- .../guacamole/net/auth/AbstractUser.java | 25 +------------------ 1 file changed, 1 insertion(+), 24 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java index 392d168d8..6af864410 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java @@ -44,7 +44,7 @@ package net.sourceforge.guacamole.net.auth; * * @author Michael Jumper */ -public abstract class AbstractUser implements User, Comparable { +public abstract class AbstractUser implements User { /** * The name of this user. @@ -102,27 +102,4 @@ public abstract class AbstractUser implements User, Comparable { } - @Override - public int compareTo(AbstractUser user) { - - // Having a username is greater than lack of a username - if (user.username == null) { - - // If both null, then equal - if (username == null) - return 0; - - return 1; - - } - - // Lacking a username is less than having a username - if (username == null) - return -1; - - // Otherwise, compare strings - return username.compareTo(user.username); - - } - } From e37d0eb1c9883ee53a1925d44c385ef1c6812542 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 30 Jan 2013 23:24:56 -0800 Subject: [PATCH 74/95] Implement equals() and hashCode() for permissions. --- ...amoleConfigurationDirectoryPermission.java | 22 +++++++++++++ .../GuacamoleConfigurationPermission.java | 32 +++++++++++++++++++ .../permission/UserDirectoryPermission.java | 21 ++++++++++++ .../net/auth/permission/UserPermission.java | 31 ++++++++++++++++++ 4 files changed, 106 insertions(+) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationDirectoryPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationDirectoryPermission.java index 4d9b4d4e4..71a24ffef 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationDirectoryPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationDirectoryPermission.java @@ -66,4 +66,26 @@ public class GuacamoleConfigurationDirectoryPermission return type; } + @Override + public int hashCode() { + return type.hashCode(); + } + + @Override + public boolean equals(Object obj) { + + // Not equal if null or wrong type + if (obj == null) return false; + if (getClass() != obj.getClass()) return false; + + final GuacamoleConfigurationDirectoryPermission other = + (GuacamoleConfigurationDirectoryPermission) obj; + + // Compare types + if (type != other.type) + return false; + + return true; + } + } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationPermission.java index abaacebce..1661c5c93 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationPermission.java @@ -86,4 +86,36 @@ public class GuacamoleConfigurationPermission return type; } + @Override + public int hashCode() { + int hash = 5; + if (identifier != null) hash = 47 * hash + identifier.hashCode(); + if (type != null) hash = 47 * hash + type.hashCode(); + return hash; + } + + @Override + public boolean equals(Object obj) { + + // Not equal if null or wrong type + if (obj == null) return false; + if (getClass() != obj.getClass()) return false; + + final GuacamoleConfigurationPermission other = + (GuacamoleConfigurationPermission) obj; + + // Not equal if different type + if (this.type != other.type) + return false; + + // If null identifier, equality depends on whether other identifier + // is null + if (identifier == null) + return other.identifier != null; + + // Otherwise, equality depends entirely on identifier + return identifier.equals(other.identifier); + + } + } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserDirectoryPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserDirectoryPermission.java index dc87da095..52548cb7e 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserDirectoryPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserDirectoryPermission.java @@ -64,4 +64,25 @@ public class UserDirectoryPermission implements SystemPermission { return type; } + @Override + public int hashCode() { + return type.hashCode(); + } + + @Override + public boolean equals(Object obj) { + + // Not equal if null or wrong type + if (obj == null) return false; + if (getClass() != obj.getClass()) return false; + + final UserDirectoryPermission other = (UserDirectoryPermission) obj; + + // Compare types + if (type != other.type) + return false; + + return true; + } + } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java index bfe2b9fad..e83000619 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java @@ -82,4 +82,35 @@ public class UserPermission implements ObjectPermission { return type; } + @Override + public int hashCode() { + int hash = 5; + if (identifier != null) hash = 47 * hash + identifier.hashCode(); + if (type != null) hash = 47 * hash + type.hashCode(); + return hash; + } + + @Override + public boolean equals(Object obj) { + + // Not equal if null or wrong type + if (obj == null) return false; + if (getClass() != obj.getClass()) return false; + + final UserPermission other = (UserPermission) obj; + + // Not equal if different type + if (this.type != other.type) + return false; + + // If null identifier, equality depends on whether other identifier + // is null + if (identifier == null) + return other.identifier != null; + + // Otherwise, equality depends entirely on identifier + return identifier.equals(other.identifier); + + } + } From 8dc7a259775ff08dd034fdb08dc8389fb9629319 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 30 Jan 2013 23:25:46 -0800 Subject: [PATCH 75/95] Implement hasPermission(). --- .../sourceforge/guacamole/net/auth/simple/SimpleUser.java | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java index 7c574c151..5d0172f40 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java @@ -102,10 +102,7 @@ public class SimpleUser extends AbstractUser { @Override public boolean hasPermission(Permission permission) throws GuacamoleException { - - /* FIXME: STUB! */ - throw new UnsupportedOperationException("Not supported yet."); - + return permissions.contains(permission); } @Override From 72eb1ba36e3047158cd6194cbcb860847120e03d Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 30 Jan 2013 23:39:45 -0800 Subject: [PATCH 76/95] Implement UserDirectory within SimpleUserContext. --- .../net/auth/simple/SimpleUserContext.java | 10 +- .../net/auth/simple/SimpleUserDirectory.java | 103 ++++++++++++++++++ 2 files changed, 112 insertions(+), 1 deletion(-) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserDirectory.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java index a7697ea19..c96a00a77 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java @@ -68,6 +68,12 @@ public class SimpleUserContext implements UserContext { */ private final GuacamoleConfigurationDirectory configDirectory; + /** + * The UserDirectory with access only to the User associated with this + * UserContext. + */ + private final UserDirectory userDirectory; + /** * Creates a new SimpleUserContext which provides access to only those * configurations within the given Map. The User given must be the user @@ -86,6 +92,8 @@ public class SimpleUserContext implements UserContext { this.configDirectory = new SimpleGuacamoleConfigurationDirectory(configs); + this.userDirectory = new SimpleUserDirectory(self); + } @Override @@ -101,7 +109,7 @@ public class SimpleUserContext implements UserContext { @Override public UserDirectory getUserDirectory() throws GuacamoleException { - throw new GuacamoleSecurityException("Permission denied."); + return userDirectory; } } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserDirectory.java new file mode 100644 index 000000000..9fe3b8a64 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserDirectory.java @@ -0,0 +1,103 @@ + +package net.sourceforge.guacamole.net.auth.simple; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-auth. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import java.util.Collections; +import java.util.Set; +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.GuacamoleSecurityException; +import net.sourceforge.guacamole.net.auth.User; +import net.sourceforge.guacamole.net.auth.UserDirectory; + + +/** + * An extremely simple read-only implementation of a UserDirectory which + * provides access to a single pre-defined User. + * + * @author Michael Jumper + */ +public class SimpleUserDirectory implements UserDirectory { + + /** + * The only user to be contained within this directory. + */ + private User user; + + /** + * Creates a new SimpleUserDirectory which provides access to the single + * user provided. + * + * @param user The user to provide access to. + */ + public SimpleUserDirectory(User user) { + this.user = user; + } + + @Override + public User getUser(String username) throws GuacamoleException { + + // If username matches, return the user + if (user.getUsername().equals(username)) + return user; + + // Otherwise, not found + return null; + + } + + @Override + public Set getUsers() throws GuacamoleException { + return Collections.singleton(user); + } + + @Override + public void addUser(User user) throws GuacamoleException { + throw new GuacamoleSecurityException("Permission denied."); + } + + @Override + public void updateUser(User user) throws GuacamoleException { + throw new GuacamoleSecurityException("Permission denied."); + } + + @Override + public void removeUser(String username) throws GuacamoleException { + throw new GuacamoleSecurityException("Permission denied."); + } + +} From 7f0135ee694113995ac1ac3f260dbd30d4416f5b Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 31 Jan 2013 10:07:11 -0800 Subject: [PATCH 77/95] Move GuacamoleProperties stuff to guacamole-ext. --- .../properties/FileGuacamoleProperty.java | 61 ++++++ .../properties/GuacamoleProperties.java | 175 ++++++++++++++++++ .../properties/GuacamoleProperty.java | 71 +++++++ .../properties/IntegerGuacamoleProperty.java | 67 +++++++ .../properties/StringGuacamoleProperty.java | 54 ++++++ .../guacamole/properties/package-info.java | 7 + 6 files changed, 435 insertions(+) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/FileGuacamoleProperty.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperty.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/IntegerGuacamoleProperty.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/StringGuacamoleProperty.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/package-info.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/FileGuacamoleProperty.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/FileGuacamoleProperty.java new file mode 100644 index 000000000..9b2a4ceb4 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/FileGuacamoleProperty.java @@ -0,0 +1,61 @@ + +package net.sourceforge.guacamole.properties; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import java.io.File; +import net.sourceforge.guacamole.GuacamoleException; + +/** + * A GuacamoleProperty whose value is a filename. + * + * @author Michael Jumper + */ +public abstract class FileGuacamoleProperty implements GuacamoleProperty { + + @Override + public File parseValue(String value) throws GuacamoleException { + + // If no property provided, return null. + if (value == null) + return null; + + return new File(value); + + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java new file mode 100644 index 000000000..81e2da480 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java @@ -0,0 +1,175 @@ + +package net.sourceforge.guacamole.properties; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.util.Properties; +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.GuacamoleServerException; + +/** + * Simple utility class for reading properties from the guacamole.properties + * file in the root of the classpath. + * + * @author Michael Jumper + */ +public class GuacamoleProperties { + + private GuacamoleProperties() {} + + /** + * The hostname of the server where guacd (the Guacamole proxy server) is + * running. + */ + public static final StringGuacamoleProperty GUACD_HOSTNAME = new StringGuacamoleProperty() { + + @Override + public String getName() { return "guacd-hostname"; } + + }; + + /** + * The port that guacd (the Guacamole proxy server) is listening on. + */ + public static final IntegerGuacamoleProperty GUACD_PORT = new IntegerGuacamoleProperty() { + + @Override + public String getName() { return "guacd-port"; } + + }; + + private static final Properties properties; + private static GuacamoleException exception; + + static { + + properties = new Properties(); + + try { + + // Attempt to find Guacamole home + File guacHome; + + // Get explicitly specified directory, if any + String desiredDir = System.getProperty("guacamole.home"); + if (desiredDir != null) + guacHome = new File(desiredDir); + + // If not explicitly-define directory, use ~/.guacamole + else + guacHome = new File(System.getProperty("user.home"), ".guacamole"); + + InputStream stream; + + // If not a directory, load from classpath + if (!guacHome.isDirectory()) { + + // Read from classpath + stream = GuacamoleProperties.class.getResourceAsStream("/guacamole.properties"); + if (stream == null) + throw new IOException( + "guacamole.properties not loaded from " + guacHome + + " (not a directory), and guacamole.properties could" + + " not be found as a resource in the classpath."); + + } + + // Otherwise, try to load from file + else + stream = new FileInputStream(new File(guacHome, "guacamole.properties")); + + // Load properties, always close stream + try { properties.load(stream); } + finally { stream.close(); } + + } + catch (IOException e) { + exception = new GuacamoleServerException("Error reading guacamole.properties", e); + } + + } + + /** + * Given a GuacamoleProperty, parses and returns the value set for that + * property in guacamole.properties, if any. + * + * @param The type that the given property is parsed into. + * @param property The property to read from guacamole.properties. + * @return The parsed value of the property as read from + * guacamole.properties. + * @throws GuacamoleException If an error occurs while parsing the value + * for the given property in + * guacamole.properties. + */ + public static Type getProperty(GuacamoleProperty property) throws GuacamoleException { + + if (exception != null) + throw exception; + + return property.parseValue(properties.getProperty(property.getName())); + + } + + /** + * Given a GuacamoleProperty, parses and returns the value set for that + * property in guacamole.properties. An exception is thrown if the value + * is not provided. + * + * @param The type that the given property is parsed into. + * @param property The property to read from guacamole.properties. + * @return The parsed value of the property as read from + * guacamole.properties. + * @throws GuacamoleException If an error occurs while parsing the value + * for the given property in + * guacamole.properties, or if the property is + * not specified. + */ + public static Type getRequiredProperty(GuacamoleProperty property) + throws GuacamoleException { + + Type value = getProperty(property); + if (value == null) + throw new GuacamoleServerException("Property " + property.getName() + " is required."); + + return value; + + } +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperty.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperty.java new file mode 100644 index 000000000..aae793623 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperty.java @@ -0,0 +1,71 @@ + +package net.sourceforge.guacamole.properties; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import net.sourceforge.guacamole.GuacamoleException; + +/** + * An abstract representation of a property in the guacamole.properties file, + * which parses into a specific type. + * + * @author Michael Jumper + * @param The type this GuacamoleProperty will parse into. + */ +public interface GuacamoleProperty { + + /** + * Returns the name of the property in guacamole.properties that this + * GuacamoleProperty will parse. + * + * @return The name of the property in guacamole.properties that this + * GuacamoleProperty will parse. + */ + public String getName(); + + /** + * Parses the given string value into the type associated with this + * GuacamoleProperty. + * + * @param value The string value to parse. + * @return The parsed value. + * @throws GuacamoleException If an error occurs while parsing the + * provided value. + */ + public Type parseValue(String value) throws GuacamoleException; + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/IntegerGuacamoleProperty.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/IntegerGuacamoleProperty.java new file mode 100644 index 000000000..479d2bd5b --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/IntegerGuacamoleProperty.java @@ -0,0 +1,67 @@ + +package net.sourceforge.guacamole.properties; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.GuacamoleServerException; + +/** + * A GuacamoleProperty whose value is an integer. + * + * @author Michael Jumper + */ +public abstract class IntegerGuacamoleProperty implements GuacamoleProperty { + + @Override + public Integer parseValue(String value) throws GuacamoleException { + + // If no property provided, return null. + if (value == null) + return null; + + try { + Integer integer = new Integer(value); + return integer; + } + catch (NumberFormatException e) { + throw new GuacamoleServerException("Property \"" + getName() + "\" must be an integer.", e); + } + + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/StringGuacamoleProperty.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/StringGuacamoleProperty.java new file mode 100644 index 000000000..74fc97e6d --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/StringGuacamoleProperty.java @@ -0,0 +1,54 @@ + +package net.sourceforge.guacamole.properties; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import net.sourceforge.guacamole.GuacamoleException; + +/** + * A GuacamoleProperty whose value is a simple string. + * + * @author Michael Jumper + */ +public abstract class StringGuacamoleProperty implements GuacamoleProperty { + + @Override + public String parseValue(String value) throws GuacamoleException { + return value; + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/package-info.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/package-info.java new file mode 100644 index 000000000..1c01c62c4 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/package-info.java @@ -0,0 +1,7 @@ + +/** + * Provides classes for reading properties from the web-application-wide + * guacamole.properties file. + */ +package net.sourceforge.guacamole.properties; + From 18f98464ff9ec7bf9dc64356e10144730721f112 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 31 Jan 2013 10:28:02 -0800 Subject: [PATCH 78/95] Update docs to reflect new guacamole.properties location. --- .../guacamole/properties/GuacamoleProperties.java | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java index 81e2da480..fb478e202 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java @@ -47,7 +47,12 @@ import net.sourceforge.guacamole.GuacamoleServerException; /** * Simple utility class for reading properties from the guacamole.properties - * file in the root of the classpath. + * file. The guacamole.properties file is preferably located in the servlet + * container's user's home directory, in a subdirectory called .guacamole, or + * in the directory set by the system property: guacamole.home. + * + * If none of those locations are possible, guacamole.properties will also + * be read from the root of the classpath. * * @author Michael Jumper */ From 5b9bec33667d4604804beb9b697adbd270b4139d Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 31 Jan 2013 12:56:50 -0800 Subject: [PATCH 79/95] Remove Directory specifics, implement single, generic Directory interface. --- .../guacamole/net/auth/Directory.java | 117 ++++++++++++++++++ .../auth/GuacamoleConfigurationDirectory.java | 117 ------------------ .../guacamole/net/auth/UserContext.java | 6 +- .../guacamole/net/auth/UserDirectory.java | 101 --------------- ...SimpleGuacamoleConfigurationDirectory.java | 29 +++-- .../net/auth/simple/SimpleUserContext.java | 14 +-- .../net/auth/simple/SimpleUserDirectory.java | 18 +-- 7 files changed, 151 insertions(+), 251 deletions(-) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Directory.java delete mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java delete mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserDirectory.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Directory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Directory.java new file mode 100644 index 000000000..a3d3bea19 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Directory.java @@ -0,0 +1,117 @@ +package net.sourceforge.guacamole.net.auth; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import java.util.Set; +import net.sourceforge.guacamole.GuacamoleException; + + +/** + * Provides access to a collection of all objects with associated identifiers, + * and allows user manipulation and removal. Objects stored within a + * Directory are not necessarily returned to the use as references to + * the stored objects, thus updating an object requires calling an update + * function. + * + * @author Michael Jumper + */ +public interface Directory { + + /** + * Returns the object having the given identifier. Note that changes to + * the object returned will not necessarily affect the object stored within + * the Directory. To update an object stored within an + * Directory such that future calls to get() will return the updated + * object, you must call update() on the object after modification. + * + * @param identifier The identifier to use when locating the object to + * return. + * @return The object having the given identifier, or null if no such object + * exists. + * + * @throws GuacamoleException If an error occurs while retrieving the + * object, or if permission for retrieving the + * object is denied. + */ + ObjectType get(IdentifierType identifier) throws GuacamoleException; + + /** + * Returns a Set containing all identifiers for all objects within this + * Directory. + * + * @return A Set of all identifiers. + * @throws GuacamoleException If an error occurs while retrieving + * the identifiers. + */ + Set getIdentifiers() throws GuacamoleException; + + /** + * Adds the given object to the overall set. + * + * @param identifier The identifier to use when adding the object. + * @param object The object to add. + * + * @throws GuacamoleException If an error occurs while adding the object , or + * if adding the object is not allowed. + */ + void add(IdentifierType identifier, ObjectType object) + throws GuacamoleException; + + /** + * Updates the stored object with the data contained in the given object. + * The object to update is identified using the identifier given. + * + * @param identifier The identifier of the object to update. + * @param object The object which will supply the data for the update. + * + * @throws GuacamoleException If an error occurs while updating the object, + * or if updating the object is not allowed. + */ + void update(IdentifierType identifier, ObjectType object) + throws GuacamoleException; + + /** + * Removes the object with the given identifier from the overall set. + * + * @param identifier The identifier of the object to remove. + * + * @throws GuacamoleException If an error occurs while removing the object, + * or if removing object is not allowed. + */ + void remove(IdentifierType identifier) throws GuacamoleException; + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java deleted file mode 100644 index 4bf060b5a..000000000 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/GuacamoleConfigurationDirectory.java +++ /dev/null @@ -1,117 +0,0 @@ - -package net.sourceforge.guacamole.net.auth; - -/* ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is guacamole-ext. - * - * The Initial Developer of the Original Code is - * Michael Jumper. - * Portions created by the Initial Developer are Copyright (C) 2010 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -import java.util.Map; -import net.sourceforge.guacamole.GuacamoleException; -import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; - - -/** - * Provides access to a collection of all configurations, and allows - * configuration manipulation and removal. - * - * @author Michael Jumper - */ -public interface GuacamoleConfigurationDirectory { - - /** - * Returns the GuacamoleConfiguration having the given identifier. - * - * @param identifier The identifier of the GuacamoleConfiguration to - * return. - * @return The GuacamoleConfiguration having the given identifier, or null - * if no such GuacamoleConfiguration exists. - * - * @throws GuacamoleException If an error occurs while retrieving the - * configuration, or if access to the - * configuration is denied. - */ - GuacamoleConfiguration getConfiguration(String identifier) - throws GuacamoleException; - - /** - * Returns a Map containing all GuacamoleConfigurations. The keys of this - * Map are Strings which uniquely identify each configuration. - * - * @return A Map of all configurations visible. - * @throws GuacamoleException If an error occurs while retrieving - * configurations. - */ - Map getConfigurations() - throws GuacamoleException; - - /** - * Adds the given GuacamoleConfiguration to the overall set of available - * GuacamoleConfigurations, using the given unique identifier. - * - * @param identifier The identifier to assign to the configuration. - * @param config The configuration to add. - * @throws GuacamoleException If an error occurs while adding the - * configuration, or if adding the configuration - * is not allowed. - */ - void addConfiguration(String identifier, GuacamoleConfiguration config) - throws GuacamoleException; - - /** - * Updates the GuacamoleConfiguration having the given unique identifier - * with the data contained in the given GuacamoleConfiguration. - * - * @param identifier The identifier to use when locating the configuration - * to update. - * @param config The configuration to use when updating the stored - * configuration. - * @throws GuacamoleException If an error occurs while updating the - * configuration, or if updating the - * configuration is not allowed. - */ - void updateConfiguration(String identifier, GuacamoleConfiguration config) - throws GuacamoleException; - - /** - * Removes the GuacamoleConfiguration having the given unique identifier. - * - * @param identifier The identifier of the configuration to remove. - * @throws GuacamoleException If an error occurs while removing the - * configuration, or if removing the - * configuration is not allowed. - */ - void removeConfiguration(String identifier) throws GuacamoleException; - -} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java index 479d12f36..be2d4441b 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java @@ -38,6 +38,7 @@ package net.sourceforge.guacamole.net.auth; * ***** END LICENSE BLOCK ***** */ import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; /** * The context of an active user. The functions of this class enforce all @@ -67,7 +68,7 @@ public interface UserContext { * @throws GuacamoleException If an error occurs while creating the * UserDirectory. */ - UserDirectory getUserDirectory() throws GuacamoleException; + Directory getUserDirectory() throws GuacamoleException; /** * Retrieves a GuacamoleConfigurationDirectory which can be used to view @@ -80,7 +81,8 @@ public interface UserContext { * @throws GuacamoleException If an error occurs while creating the * GuacamoleConfigurationDirectory. */ - GuacamoleConfigurationDirectory getGuacamoleConfigurationDirectory() + Directory + getGuacamoleConfigurationDirectory() throws GuacamoleException; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserDirectory.java deleted file mode 100644 index 74737049b..000000000 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserDirectory.java +++ /dev/null @@ -1,101 +0,0 @@ -package net.sourceforge.guacamole.net.auth; - -/* ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is guacamole-ext. - * - * The Initial Developer of the Original Code is - * Michael Jumper. - * Portions created by the Initial Developer are Copyright (C) 2010 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -import java.util.Set; -import net.sourceforge.guacamole.GuacamoleException; - - -/** - * Provides access to a collection of all users, and allows user manipulation - * and removal. - * - * @author Michael Jumper - */ -public interface UserDirectory { - - /** - * Returns the User having the given username. - * - * @param username The username of the User to return. - * @return The User having the given username, or null if no such user - * exists. - * - * @throws GuacamoleException If an error occurs while retrieving the user, - * or if permission for retrieving the user is - * denied. - */ - User getUser(String username) throws GuacamoleException; - - /** - * Returns a Set containing all Users. - * - * @return A Set of all users. - * @throws GuacamoleException If an error occurs while retrieving - * users. - */ - Set getUsers() throws GuacamoleException; - - /** - * Adds the given User to the overall set of available Users. - * - * @param user The user to add. - * @throws GuacamoleException If an error occurs while adding the user, or - * if adding the user is not allowed. - */ - void addUser(User user) throws GuacamoleException; - - /** - * Updates the User with the data contained in the given User. The user to - * update is identified using the username of the User given. - * - * @param user The user to use when updating the stored user. - * @throws GuacamoleException If an error occurs while updating the user, - * or if updating the user is not allowed. - */ - void updateUser(User user) throws GuacamoleException; - - /** - * Removes the user with the given username from the overall set of - * available Users. - * - * @throws GuacamoleException If an error occurs while removing the user, - * or if removing user is not allowed. - */ - void removeUser(String username) throws GuacamoleException; - -} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java index 34b804042..686bda3ee 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java @@ -38,21 +38,22 @@ package net.sourceforge.guacamole.net.auth.simple; * ***** END LICENSE BLOCK ***** */ import java.util.Map; +import java.util.Set; import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.GuacamoleSecurityException; -import net.sourceforge.guacamole.net.auth.GuacamoleConfigurationDirectory; +import net.sourceforge.guacamole.net.auth.Directory; import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; /** - * An extremely simple read-only implementation of a - * GuacamoleConfigurationDirectory which provides access to a pre-defined - * Map of GuacamoleConfigurations. + * An extremely simple read-only implementation of a Directory of + * GuacamoleConfigurations which provides access to a pre-defined Map of + * GuacamoleConfigurations. * * @author Michael Jumper */ public class SimpleGuacamoleConfigurationDirectory - implements GuacamoleConfigurationDirectory { + implements Directory { /** * The Map of GuacamoleConfigurations to provide access to. @@ -71,32 +72,30 @@ public class SimpleGuacamoleConfigurationDirectory } @Override - public GuacamoleConfiguration getConfiguration(String identifier) + public GuacamoleConfiguration get(String identifier) throws GuacamoleException { return configs.get(identifier); } @Override - public Map getConfigurations() - throws GuacamoleException { - return configs; + public Set getIdentifiers() throws GuacamoleException { + return configs.keySet(); } @Override - public void addConfiguration(String identifier, - GuacamoleConfiguration config) throws GuacamoleException { + public void add(String identifier, GuacamoleConfiguration config) + throws GuacamoleException { throw new GuacamoleSecurityException("Permission denied."); } @Override - public void updateConfiguration(String identifier, - GuacamoleConfiguration config) throws GuacamoleException { + public void update(String identifier, GuacamoleConfiguration config) + throws GuacamoleException { throw new GuacamoleSecurityException("Permission denied."); } @Override - public void removeConfiguration(String identifier) - throws GuacamoleException { + public void remove(String identifier) throws GuacamoleException { throw new GuacamoleSecurityException("Permission denied."); } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java index c96a00a77..ea2e8cdf0 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java @@ -39,11 +39,9 @@ package net.sourceforge.guacamole.net.auth.simple; import java.util.Map; import net.sourceforge.guacamole.GuacamoleException; -import net.sourceforge.guacamole.GuacamoleSecurityException; -import net.sourceforge.guacamole.net.auth.GuacamoleConfigurationDirectory; +import net.sourceforge.guacamole.net.auth.Directory; import net.sourceforge.guacamole.net.auth.User; import net.sourceforge.guacamole.net.auth.UserContext; -import net.sourceforge.guacamole.net.auth.UserDirectory; import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; /** @@ -66,13 +64,13 @@ public class SimpleUserContext implements UserContext { * configurations that the User associated with this UserContext has * read access to. */ - private final GuacamoleConfigurationDirectory configDirectory; + private final Directory configDirectory; /** * The UserDirectory with access only to the User associated with this * UserContext. */ - private final UserDirectory userDirectory; + private final Directory userDirectory; /** * Creates a new SimpleUserContext which provides access to only those @@ -102,13 +100,15 @@ public class SimpleUserContext implements UserContext { } @Override - public GuacamoleConfigurationDirectory getGuacamoleConfigurationDirectory() + public Directory + getGuacamoleConfigurationDirectory() throws GuacamoleException { return configDirectory; } @Override - public UserDirectory getUserDirectory() throws GuacamoleException { + public Directory getUserDirectory() + throws GuacamoleException { return userDirectory; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserDirectory.java index 9fe3b8a64..baff1ba1c 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserDirectory.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserDirectory.java @@ -41,17 +41,17 @@ import java.util.Collections; import java.util.Set; import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.GuacamoleSecurityException; +import net.sourceforge.guacamole.net.auth.Directory; import net.sourceforge.guacamole.net.auth.User; -import net.sourceforge.guacamole.net.auth.UserDirectory; /** - * An extremely simple read-only implementation of a UserDirectory which + * An extremely simple read-only implementation of a Directory of Users which * provides access to a single pre-defined User. * * @author Michael Jumper */ -public class SimpleUserDirectory implements UserDirectory { +public class SimpleUserDirectory implements Directory { /** * The only user to be contained within this directory. @@ -69,7 +69,7 @@ public class SimpleUserDirectory implements UserDirectory { } @Override - public User getUser(String username) throws GuacamoleException { + public User get(String username) throws GuacamoleException { // If username matches, return the user if (user.getUsername().equals(username)) @@ -81,22 +81,22 @@ public class SimpleUserDirectory implements UserDirectory { } @Override - public Set getUsers() throws GuacamoleException { - return Collections.singleton(user); + public Set getIdentifiers() throws GuacamoleException { + return Collections.singleton(user.getUsername()); } @Override - public void addUser(User user) throws GuacamoleException { + public void add(String username, User user) throws GuacamoleException { throw new GuacamoleSecurityException("Permission denied."); } @Override - public void updateUser(User user) throws GuacamoleException { + public void update(String username, User user) throws GuacamoleException { throw new GuacamoleSecurityException("Permission denied."); } @Override - public void removeUser(String username) throws GuacamoleException { + public void remove(String username) throws GuacamoleException { throw new GuacamoleSecurityException("Permission denied."); } From ef8ec1e123132d4ec2904f45a84747526d137192 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 31 Jan 2013 14:28:38 -0800 Subject: [PATCH 80/95] Create Connection class. --- .../net/auth/AbstractConnection.java | 80 ++++++++++++++ .../guacamole/net/auth/Connection.java | 102 ++++++++++++++++++ 2 files changed, 182 insertions(+) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractConnection.java create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractConnection.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractConnection.java new file mode 100644 index 000000000..e9ba4115f --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractConnection.java @@ -0,0 +1,80 @@ + +package net.sourceforge.guacamole.net.auth; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; + + +/** + * Basic implementation of a Guacamole connection. + * + * @author Michael Jumper + */ +public abstract class AbstractConnection implements Connection { + + /** + * The unique identifier associated with this connection. + */ + private String identifier; + + /** + * The GuacamoleConfiguration associated with this connection. + */ + private GuacamoleConfiguration configuration; + + @Override + public String getIdentifier() { + return identifier; + } + + @Override + public void setIdentifier(String identifier) { + this.identifier = identifier; + } + + @Override + public GuacamoleConfiguration getConfiguration() { + return configuration; + } + + @Override + public void setConfiguration(GuacamoleConfiguration configuration) { + this.configuration = configuration; + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java new file mode 100644 index 000000000..ce3918a25 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java @@ -0,0 +1,102 @@ + +package net.sourceforge.guacamole.net.auth; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.net.GuacamoleSocket; +import net.sourceforge.guacamole.protocol.GuacamoleClientInformation; +import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; + + +/** + * Represents a pairing of a GuacamoleConfiguration with a unique, + * human-readable identifier, and abstracts the connection process. The + * backing GuacamoleConfiguration may be intentionally obfuscated or tokenized + * to protect sensitive configuration information. + * + * @author Michael Jumper + */ +public interface Connection { + + /** + * Returns the unique identifier assigned to this Connection. + * @return The unique identifier assigned to this Connection. + */ + public String getIdentifier(); + + /** + * Sets the identifier assigned to this Connection. + * + * @param identifier The identifier to assign. + */ + public void setIdentifier(String identifier); + + /** + * Returns the GuacamoleConfiguration associated with this Connection. Note + * that because configurations may contain sensitive information, some data + * in this configuration may be omitted or tokenized. + * + * @return The GuacamoleConfiguration associated with this Connection. + */ + public GuacamoleConfiguration getConfiguration(); + + /** + * Sets the GuacamoleConfiguration associated with this Connection. + * + * @param config The GuacamoleConfiguration to associate with this + * Connection. + */ + public void setConfiguration(GuacamoleConfiguration config) + throws GuacamoleException; + + /** + * Establishes a connection to guacd using the GuacamoleConfiguration + * associated with this Connection, and returns the resulting, connected + * GuacamoleSocket. The GuacamoleSocket will be pre-configured and will + * already have passed the handshake stage. + * + * @param info Information associated with the connecting client. + * @return A fully-established GuacamoleSocket. + * + * @throws GuacamoleException If an error occurs while connecting to guacd, + * or if permission to connect is denied. + */ + public GuacamoleSocket connect(GuacamoleClientInformation info) + throws GuacamoleException; + +} From d95fe6fa53723425629ef6e688d46f667d3f3a97 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 31 Jan 2013 14:29:24 -0800 Subject: [PATCH 81/95] Refactor Directory interface to require objects which contain their own identifiers. Refactor to Connection directory rather than GuacamoleConfiguration directory. --- .../guacamole/net/auth/Directory.java | 8 +- .../guacamole/net/auth/UserContext.java | 22 ++-- ...ava => ConnectionDirectoryPermission.java} | 10 +- ...mission.java => ConnectionPermission.java} | 10 +- .../net/auth/simple/SimpleConnection.java | 104 ++++++++++++++++++ ...ry.java => SimpleConnectionDirectory.java} | 33 ++++-- .../guacamole/net/auth/simple/SimpleUser.java | 4 +- .../net/auth/simple/SimpleUserContext.java | 19 ++-- .../net/auth/simple/SimpleUserDirectory.java | 4 +- 9 files changed, 163 insertions(+), 51 deletions(-) rename guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/{GuacamoleConfigurationDirectoryPermission.java => ConnectionDirectoryPermission.java} (88%) rename guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/{GuacamoleConfigurationPermission.java => ConnectionPermission.java} (92%) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleConnection.java rename guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/{SimpleGuacamoleConfigurationDirectory.java => SimpleConnectionDirectory.java} (76%) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Directory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Directory.java index a3d3bea19..fbcef6b5c 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Directory.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Directory.java @@ -48,6 +48,9 @@ import net.sourceforge.guacamole.GuacamoleException; * function. * * @author Michael Jumper + * @param The type of identifier used to identify objects + * stored within this Directory. + * @param The type of objects stored within this Directory. */ public interface Directory { @@ -82,13 +85,12 @@ public interface Directory { /** * Adds the given object to the overall set. * - * @param identifier The identifier to use when adding the object. * @param object The object to add. * * @throws GuacamoleException If an error occurs while adding the object , or * if adding the object is not allowed. */ - void add(IdentifierType identifier, ObjectType object) + void add(ObjectType object) throws GuacamoleException; /** @@ -101,7 +103,7 @@ public interface Directory { * @throws GuacamoleException If an error occurs while updating the object, * or if updating the object is not allowed. */ - void update(IdentifierType identifier, ObjectType object) + void update(ObjectType object) throws GuacamoleException; /** diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java index be2d4441b..0444b7c56 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java @@ -38,7 +38,6 @@ package net.sourceforge.guacamole.net.auth; * ***** END LICENSE BLOCK ***** */ import net.sourceforge.guacamole.GuacamoleException; -import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; /** * The context of an active user. The functions of this class enforce all @@ -58,31 +57,30 @@ public interface UserContext { User self(); /** - * Retrieves a UserDirectory which can be used to view and manipulate other + * Retrieves a Directory which can be used to view and manipulate other * users, but only as allowed by the permissions given to the user of this * UserContext. * - * @return A UserDirectory whose operations are bound by the restrictions + * @return A Directory whose operations are bound by the restrictions * of this UserContext. * * @throws GuacamoleException If an error occurs while creating the - * UserDirectory. + * Directory. */ Directory getUserDirectory() throws GuacamoleException; /** - * Retrieves a GuacamoleConfigurationDirectory which can be used to view - * and manipulate configurations, but only as allowed by the permissions - * given to the user of this UserContext. + * Retrieves a Directory which can be used to view and manipulate + * connections and their configurations, but only as allowed by the + * permissions given to the user of this UserContext. * - * @return A GuacamoleConfigurationdirectory whose operations are bound by - * the restrictions of this UserContext. + * @return A Directory whose operations are bound by the restrictions + * of this UserContext. * * @throws GuacamoleException If an error occurs while creating the - * GuacamoleConfigurationDirectory. + * Directory. */ - Directory - getGuacamoleConfigurationDirectory() + Directory getConnectionDirectory() throws GuacamoleException; } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationDirectoryPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionDirectoryPermission.java similarity index 88% rename from guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationDirectoryPermission.java rename to guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionDirectoryPermission.java index 71a24ffef..54e8dfdd4 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationDirectoryPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionDirectoryPermission.java @@ -43,7 +43,7 @@ package net.sourceforge.guacamole.net.auth.permission; * * @author Michael Jumper */ -public class GuacamoleConfigurationDirectoryPermission +public class ConnectionDirectoryPermission implements SystemPermission { /** @@ -52,12 +52,12 @@ public class GuacamoleConfigurationDirectoryPermission private Type type; /** - * Creates a new GuacamoleConfigurationDirectoryPermission with the given + * Creates a new ConnectionDirectoryPermission with the given * type. * * @param type The type of operation controlled by this permission. */ - public GuacamoleConfigurationDirectoryPermission(Type type) { + public ConnectionDirectoryPermission(Type type) { this.type = type; } @@ -78,8 +78,8 @@ public class GuacamoleConfigurationDirectoryPermission if (obj == null) return false; if (getClass() != obj.getClass()) return false; - final GuacamoleConfigurationDirectoryPermission other = - (GuacamoleConfigurationDirectoryPermission) obj; + final ConnectionDirectoryPermission other = + (ConnectionDirectoryPermission) obj; // Compare types if (type != other.type) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionPermission.java similarity index 92% rename from guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationPermission.java rename to guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionPermission.java index 1661c5c93..bc75f89c4 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/GuacamoleConfigurationPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionPermission.java @@ -46,7 +46,7 @@ package net.sourceforge.guacamole.net.auth.permission; * * @author Michael Jumper */ -public class GuacamoleConfigurationPermission +public class ConnectionPermission implements ObjectPermission { /** @@ -61,7 +61,7 @@ public class GuacamoleConfigurationPermission private Type type; /** - * Creates a new GuacamoleConfigurationPermission having the given type + * Creates a new ConnectionPermission having the given type * and identifier. The identifier must be the unique identifier assigned * to the GuacamoleConfiguration by the AuthenticationProvider in use. * @@ -69,7 +69,7 @@ public class GuacamoleConfigurationPermission * @param identifier The identifier of the GuacamoleConfiguration associated * with the operation affected by this permission. */ - public GuacamoleConfigurationPermission(Type type, String identifier) { + public ConnectionPermission(Type type, String identifier) { this.identifier = identifier; this.type = type; @@ -101,8 +101,8 @@ public class GuacamoleConfigurationPermission if (obj == null) return false; if (getClass() != obj.getClass()) return false; - final GuacamoleConfigurationPermission other = - (GuacamoleConfigurationPermission) obj; + final ConnectionPermission other = + (ConnectionPermission) obj; // Not equal if different type if (this.type != other.type) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleConnection.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleConnection.java new file mode 100644 index 000000000..b85a5b6b9 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleConnection.java @@ -0,0 +1,104 @@ + +package net.sourceforge.guacamole.net.auth.simple; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-auth. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.net.GuacamoleSocket; +import net.sourceforge.guacamole.net.InetGuacamoleSocket; +import net.sourceforge.guacamole.net.auth.AbstractConnection; +import net.sourceforge.guacamole.properties.GuacamoleProperties; +import net.sourceforge.guacamole.protocol.ConfiguredGuacamoleSocket; +import net.sourceforge.guacamole.protocol.GuacamoleClientInformation; +import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; + + +/** + * An extremely basic Connection implementation. + * + * @author Michael Jumper + */ +public class SimpleConnection extends AbstractConnection { + + /** + * Backing configuration, containing all sensitive information. + */ + private GuacamoleConfiguration config; + + /** + * Creates a completely uninitialized SimpleConnection. + */ + public SimpleConnection() { + } + + /** + * Creates a new SimpleConnection having the given identifier and + * GuacamoleConfiguration. + * + * @param identifier The identifier to associated with this connection. + * @param config The configuration describing how to connect to this + * connection. + */ + public SimpleConnection(String identifier, + GuacamoleConfiguration config) { + + // Set identifier + setIdentifier(identifier); + + // Set config + setConfiguration(config); + this.config = config; + + } + + @Override + public GuacamoleSocket connect(GuacamoleClientInformation info) + throws GuacamoleException { + + // Get guacd connection parameters + String hostname = GuacamoleProperties.getProperty(GuacamoleProperties.GUACD_HOSTNAME); + int port = GuacamoleProperties.getProperty(GuacamoleProperties.GUACD_PORT); + + // Return connected socket + return new ConfiguredGuacamoleSocket( + new InetGuacamoleSocket(hostname, port), + config, info + ); + + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleConnectionDirectory.java similarity index 76% rename from guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java rename to guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleConnectionDirectory.java index 686bda3ee..cc5ca3852 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleGuacamoleConfigurationDirectory.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleConnectionDirectory.java @@ -37,10 +37,13 @@ package net.sourceforge.guacamole.net.auth.simple; * * ***** END LICENSE BLOCK ***** */ +import java.util.HashMap; import java.util.Map; +import java.util.Map.Entry; import java.util.Set; import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.GuacamoleSecurityException; +import net.sourceforge.guacamole.net.auth.Connection; import net.sourceforge.guacamole.net.auth.Directory; import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; @@ -52,44 +55,50 @@ import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; * * @author Michael Jumper */ -public class SimpleGuacamoleConfigurationDirectory - implements Directory { +public class SimpleConnectionDirectory + implements Directory { /** - * The Map of GuacamoleConfigurations to provide access to. + * The Map of Connections to provide access to. */ - private Map configs; + private Map connections = + new HashMap(); /** - * Creates a new SimpleGuacamoleConfigurationDirectory which provides + * Creates a new SimpleConnectionDirectory which provides * access to the configurations contained within the given Map. * * @param configs The Map of GuacamoleConfigurations to provide access to. */ - public SimpleGuacamoleConfigurationDirectory( + public SimpleConnectionDirectory( Map configs) { - this.configs = configs; + + // Create connections for each config + for (Entry entry : configs.entrySet()) + connections.put(entry.getKey(), + new SimpleConnection(entry.getKey(), entry.getValue())); + } @Override - public GuacamoleConfiguration get(String identifier) + public Connection get(String identifier) throws GuacamoleException { - return configs.get(identifier); + return connections.get(identifier); } @Override public Set getIdentifiers() throws GuacamoleException { - return configs.keySet(); + return connections.keySet(); } @Override - public void add(String identifier, GuacamoleConfiguration config) + public void add(Connection connection) throws GuacamoleException { throw new GuacamoleSecurityException("Permission denied."); } @Override - public void update(String identifier, GuacamoleConfiguration config) + public void update(Connection connection) throws GuacamoleException { throw new GuacamoleSecurityException("Permission denied."); } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java index 5d0172f40..40596d442 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java @@ -43,7 +43,7 @@ import java.util.Set; import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.GuacamoleSecurityException; import net.sourceforge.guacamole.net.auth.AbstractUser; -import net.sourceforge.guacamole.net.auth.permission.GuacamoleConfigurationPermission; +import net.sourceforge.guacamole.net.auth.permission.ConnectionPermission; import net.sourceforge.guacamole.net.auth.permission.ObjectPermission; import net.sourceforge.guacamole.net.auth.permission.Permission; import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; @@ -83,7 +83,7 @@ public class SimpleUser extends AbstractUser { for (String identifier : configs.keySet()) { // Create permission - Permission permission = new GuacamoleConfigurationPermission( + Permission permission = new ConnectionPermission( ObjectPermission.Type.READ, identifier ); diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java index ea2e8cdf0..7a4201545 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java @@ -39,6 +39,7 @@ package net.sourceforge.guacamole.net.auth.simple; import java.util.Map; import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.net.auth.Connection; import net.sourceforge.guacamole.net.auth.Directory; import net.sourceforge.guacamole.net.auth.User; import net.sourceforge.guacamole.net.auth.UserContext; @@ -60,14 +61,13 @@ public class SimpleUserContext implements UserContext { private final User self; /** - * The GuacamoleConfigurationDirectory with access only to those - * configurations that the User associated with this UserContext has - * read access to. + * The Directory with access only to those Connections that the User + * associated with this UserContext has access to. */ - private final Directory configDirectory; + private final Directory connectionDirectory; /** - * The UserDirectory with access only to the User associated with this + * The Directory with access only to the User associated with this * UserContext. */ private final Directory userDirectory; @@ -87,8 +87,8 @@ public class SimpleUserContext implements UserContext { this.self = self; - this.configDirectory = - new SimpleGuacamoleConfigurationDirectory(configs); + this.connectionDirectory = + new SimpleConnectionDirectory(configs); this.userDirectory = new SimpleUserDirectory(self); @@ -100,10 +100,9 @@ public class SimpleUserContext implements UserContext { } @Override - public Directory - getGuacamoleConfigurationDirectory() + public Directory getConnectionDirectory() throws GuacamoleException { - return configDirectory; + return connectionDirectory; } @Override diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserDirectory.java index baff1ba1c..ccaf23887 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserDirectory.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserDirectory.java @@ -86,12 +86,12 @@ public class SimpleUserDirectory implements Directory { } @Override - public void add(String username, User user) throws GuacamoleException { + public void add(User user) throws GuacamoleException { throw new GuacamoleSecurityException("Permission denied."); } @Override - public void update(String username, User user) throws GuacamoleException { + public void update(User user) throws GuacamoleException { throw new GuacamoleSecurityException("Permission denied."); } From 25108c0a53dc59555f9c0cd1d8cf5a123b919de8 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Mon, 11 Feb 2013 18:38:38 -0800 Subject: [PATCH 82/95] Provide abstract means for retrieving guacamole.home directory (or GUACAMOLE_HOME, or ~/.guacamole). --- .../guacamole/properties/GuacamoleHome.java | 84 +++++++++++++++++++ .../properties/GuacamoleProperties.java | 11 +-- 2 files changed, 85 insertions(+), 10 deletions(-) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleHome.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleHome.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleHome.java new file mode 100644 index 000000000..e66f43eb4 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleHome.java @@ -0,0 +1,84 @@ + +package net.sourceforge.guacamole.properties; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import java.io.File; + +/** + * Abstract representation of the Guacamole configuration directory. + * + * @author Michael Jumper + */ +public class GuacamoleHome { + + private GuacamoleHome() {} + + /** + * Returns the Guacamole home directory by checking, in order: + * the guacamole.home system property, the GUACAMOLE_HOME environment + * variable, and finally the .guacamole directory in the home directory of + * the user running the servlet container. + * + * @return The File representing the Guacamole home directory, which may + * or may not exist, and may turn out to not be a directory. + */ + public static File getDirectory() { + + // Attempt to find Guacamole home + File guacHome; + + // Use system property by default + String desiredDir = System.getProperty("guacamole.home"); + + // Failing that, try the GUACAMOLE_HOME environment variable + if (desiredDir == null) desiredDir = System.getenv("GUACAMOLE_HOME"); + + // If successful, use explicitly specified directory + if (desiredDir != null) + guacHome = new File(desiredDir); + + // If not explicitly specified, use ~/.guacamole + else + guacHome = new File(System.getProperty("user.home"), ".guacamole"); + + // Return discovered directory + return guacHome; + + } + +} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java index fb478e202..002281a71 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java @@ -91,17 +91,8 @@ public class GuacamoleProperties { try { // Attempt to find Guacamole home - File guacHome; + File guacHome = GuacamoleHome.getDirectory(); - // Get explicitly specified directory, if any - String desiredDir = System.getProperty("guacamole.home"); - if (desiredDir != null) - guacHome = new File(desiredDir); - - // If not explicitly-define directory, use ~/.guacamole - else - guacHome = new File(System.getProperty("user.home"), ".guacamole"); - InputStream stream; // If not a directory, load from classpath From f8c8201844ca10312d2829c4d6c81142a6e88d6d Mon Sep 17 00:00:00 2001 From: James Muehlner Date: Tue, 12 Feb 2013 15:35:14 -0800 Subject: [PATCH 83/95] Ticket #266: Fixed equals() logic error - if both identifiers are false the two objects should be equal --- .../guacamole/net/auth/permission/ConnectionPermission.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionPermission.java index bc75f89c4..1463b4bc5 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionPermission.java @@ -111,7 +111,7 @@ public class ConnectionPermission // If null identifier, equality depends on whether other identifier // is null if (identifier == null) - return other.identifier != null; + return other.identifier == null; // Otherwise, equality depends entirely on identifier return identifier.equals(other.identifier); From 20bb937208b3e2cefb6c87986d68907a712e617f Mon Sep 17 00:00:00 2001 From: James Muehlner Date: Tue, 12 Feb 2013 15:35:49 -0800 Subject: [PATCH 84/95] Ticket #267: Fixed equals() logic error - if both identifiers are false the two objects should be equal --- .../guacamole/net/auth/permission/UserPermission.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java index e83000619..5bb347e5b 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java @@ -106,7 +106,7 @@ public class UserPermission implements ObjectPermission { // If null identifier, equality depends on whether other identifier // is null if (identifier == null) - return other.identifier != null; + return other.identifier == null; // Otherwise, equality depends entirely on identifier return identifier.equals(other.identifier); From 8e108ea2fcacae2429a8a7348d1bed2860e73ead Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sat, 16 Feb 2013 02:33:42 -0800 Subject: [PATCH 85/95] Ticket 270: Connection history function and record class. --- .../guacamole/net/auth/Connection.java | 17 ++++ .../guacamole/net/auth/ConnectionRecord.java | 89 +++++++++++++++++++ 2 files changed, 106 insertions(+) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/ConnectionRecord.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java index ce3918a25..de26f2d94 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java @@ -37,6 +37,7 @@ package net.sourceforge.guacamole.net.auth; * * ***** END LICENSE BLOCK ***** */ +import java.util.List; import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.net.GuacamoleSocket; import net.sourceforge.guacamole.protocol.GuacamoleClientInformation; @@ -99,4 +100,20 @@ public interface Connection { public GuacamoleSocket connect(GuacamoleClientInformation info) throws GuacamoleException; + /** + * Returns a list of ConnectionRecords representing the usage history + * of this Connection, including any active users. ConnectionRecords + * in this list will be sorted in descending order of end time (active + * connections are first), and then in descending order of start time + * (newer connections are first). + * + * @return A list of ConnectionRecrods representing the usage history + * of this Connection. + * + * @throws GuacamoleException If an error occurs while reading the history + * of this connection, or if permission is + * denied. + */ + public List getHistory() throws GuacamoleException; + } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/ConnectionRecord.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/ConnectionRecord.java new file mode 100644 index 000000000..12e9ca7a0 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/ConnectionRecord.java @@ -0,0 +1,89 @@ + +package net.sourceforge.guacamole.net.auth; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-auth-mock. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import java.util.Date; + +/** + * A logging record describing when a user started and ended usage of a + * particular connection. + * + * @author Michael Jumper + */ +public interface ConnectionRecord { + + /** + * Returns the date and time the connection began. + * + * @return The date and time the connection began. + */ + public Date getStartDate(); + + /** + * Returns the date and time the connection ended, if applicable. + * + * @return The date and time the connection ended, or null if the + * connection is still running or if the end time is unknown. + */ + public Date getEndDate(); + + /** + * Returns the user who used or is using the connection at the times + * given by this connection record. + * + * @return The user who used or is using the associated connection. + */ + public User getUser(); + + /** + * Returns the connection associated with this record. + * + * @return The connection associated with this record. + */ + public Connection getConnection(); + + /** + * Returns whether the connection associated with this record is still + * active. + * + * @return true if the connection associated with this record is still + * active, false otherwise. + */ + public boolean isActive(); + +} From 009eec14ec333213fb88f77737b747781ca01f54 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sat, 16 Feb 2013 02:57:00 -0800 Subject: [PATCH 86/95] Ticket #270: Add stub for getHistory() in SimpleConnection. --- .../guacamole/net/auth/simple/SimpleConnection.java | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleConnection.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleConnection.java index b85a5b6b9..7cc482704 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleConnection.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleConnection.java @@ -37,10 +37,13 @@ package net.sourceforge.guacamole.net.auth.simple; * * ***** END LICENSE BLOCK ***** */ +import java.util.Collections; +import java.util.List; import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.net.GuacamoleSocket; import net.sourceforge.guacamole.net.InetGuacamoleSocket; import net.sourceforge.guacamole.net.auth.AbstractConnection; +import net.sourceforge.guacamole.net.auth.ConnectionRecord; import net.sourceforge.guacamole.properties.GuacamoleProperties; import net.sourceforge.guacamole.protocol.ConfiguredGuacamoleSocket; import net.sourceforge.guacamole.protocol.GuacamoleClientInformation; @@ -101,4 +104,9 @@ public class SimpleConnection extends AbstractConnection { } + @Override + public List getHistory() throws GuacamoleException { + return Collections.EMPTY_LIST; + } + } From e48630513d3c0cbb38954339fb45f412514c74d4 Mon Sep 17 00:00:00 2001 From: James Muehlner Date: Wed, 20 Feb 2013 00:06:30 -0800 Subject: [PATCH 87/95] Ticket #269: Modified return type of Connection.getHistory to be a List of ConnectionHistory implementors. --- .../java/net/sourceforge/guacamole/net/auth/Connection.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java index de26f2d94..775fa0622 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java @@ -114,6 +114,6 @@ public interface Connection { * of this connection, or if permission is * denied. */ - public List getHistory() throws GuacamoleException; + public List getHistory() throws GuacamoleException; } From 9d3224aaaa538e96f10390c735b119efdd19a829 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 20 Feb 2013 21:53:20 -0800 Subject: [PATCH 88/95] Connection should not throw any exceptions for setConfiguration(). --- .../java/net/sourceforge/guacamole/net/auth/Connection.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java index 775fa0622..1b53758b9 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java @@ -82,8 +82,7 @@ public interface Connection { * @param config The GuacamoleConfiguration to associate with this * Connection. */ - public void setConfiguration(GuacamoleConfiguration config) - throws GuacamoleException; + public void setConfiguration(GuacamoleConfiguration config); /** * Establishes a connection to guacd using the GuacamoleConfiguration From 55f7d1deb322120ba3f8353f6082f72b80cbb8fa Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 20 Feb 2013 21:57:05 -0800 Subject: [PATCH 89/95] Add missing JavaDoc. --- .../sourceforge/guacamole/net/auth/Credentials.java | 3 +++ .../sourceforge/guacamole/net/auth/Directory.java | 2 -- .../guacamole/properties/GuacamoleHome.java | 3 +++ .../guacamole/properties/GuacamoleProperties.java | 12 ++++++++++++ 4 files changed, 18 insertions(+), 2 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java index 26647f8b1..36a2e0afa 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Credentials.java @@ -52,6 +52,9 @@ import javax.servlet.http.HttpSession; */ public class Credentials implements Serializable { + /** + * Unique identifier associated with this specific version of Credentials. + */ private static final long serialVersionUID = 1L; /** diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Directory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Directory.java index fbcef6b5c..9bd9fb48b 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Directory.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Directory.java @@ -95,9 +95,7 @@ public interface Directory { /** * Updates the stored object with the data contained in the given object. - * The object to update is identified using the identifier given. * - * @param identifier The identifier of the object to update. * @param object The object which will supply the data for the update. * * @throws GuacamoleException If an error occurs while updating the object, diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleHome.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleHome.java index e66f43eb4..081c17e57 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleHome.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleHome.java @@ -46,6 +46,9 @@ import java.io.File; */ public class GuacamoleHome { + /** + * GuacamoleHome is a utility class and cannot be instantiated. + */ private GuacamoleHome() {} /** diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java index 002281a71..5d622e502 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java @@ -58,6 +58,9 @@ import net.sourceforge.guacamole.GuacamoleServerException; */ public class GuacamoleProperties { + /** + * GuacamoleProperties is a utility class and cannot be instantiated. + */ private GuacamoleProperties() {} /** @@ -81,7 +84,16 @@ public class GuacamoleProperties { }; + /** + * All properties read from guacamole.properties when this class was first + * used. + */ private static final Properties properties; + + /** + * Any error encountered when reading guacamole.properties was last + * attempted. + */ private static GuacamoleException exception; static { From 03094f9acf78e829721932d90766e6d8f8183b34 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 21 Feb 2013 11:30:22 -0800 Subject: [PATCH 90/95] Remove trailing whitespace from lines. --- .../guacamole/net/auth/AbstractUser.java | 8 ++--- .../net/auth/AuthenticationProvider.java | 6 ++-- .../guacamole/net/auth/Connection.java | 18 +++++------ .../guacamole/net/auth/ConnectionRecord.java | 14 ++++---- .../guacamole/net/auth/Directory.java | 26 +++++++-------- .../sourceforge/guacamole/net/auth/User.java | 32 +++++++++---------- .../guacamole/net/auth/UserContext.java | 16 +++++----- .../ConnectionDirectoryPermission.java | 6 ++-- .../auth/permission/ConnectionPermission.java | 6 ++-- .../net/auth/permission/ObjectPermission.java | 6 ++-- .../net/auth/permission/Permission.java | 6 ++-- .../net/auth/permission/SystemPermission.java | 4 +-- .../permission/UserDirectoryPermission.java | 6 ++-- .../net/auth/permission/UserPermission.java | 4 +-- .../simple/SimpleAuthenticationProvider.java | 12 +++---- .../net/auth/simple/SimpleConnection.java | 12 +++---- .../simple/SimpleConnectionDirectory.java | 10 +++--- .../guacamole/net/auth/simple/SimpleUser.java | 14 ++++---- .../net/auth/simple/SimpleUserContext.java | 14 ++++---- .../net/auth/simple/SimpleUserDirectory.java | 4 +-- .../guacamole/properties/GuacamoleHome.java | 8 ++--- .../properties/GuacamoleProperties.java | 6 ++-- 22 files changed, 119 insertions(+), 119 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java index 6af864410..3cebd0f25 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractUser.java @@ -41,8 +41,8 @@ package net.sourceforge.guacamole.net.auth; /** * Basic implementation of a Guacamole user which uses the username to * determine equality. Username comparison is case-sensitive. - * - * @author Michael Jumper + * + * @author Michael Jumper */ public abstract class AbstractUser implements User { @@ -50,7 +50,7 @@ public abstract class AbstractUser implements User { * The name of this user. */ private String username; - + /** * This user's password. Note that while this provides a means for the * password to be set, the data stored in this String is not necessarily @@ -94,7 +94,7 @@ public abstract class AbstractUser implements User { // Get username String objUsername = ((AbstractUser) obj).username; - // If null, equal only if this username is null + // If null, equal only if this username is null if (objUsername == null) return username == null; // Otherwise, equal only if strings are identical diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java index 6c1e71394..7fd72829c 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AuthenticationProvider.java @@ -51,15 +51,15 @@ public interface AuthenticationProvider { /** * Returns the UserContext of the user authorized by the given credentials. - * + * * @param credentials The credentials to use to retrieve the environment. * @return The UserContext of the user authorized by the given credentials, * or null if the credentials are not authorized. - * + * * @throws GuacamoleException If an error occurs while creating the * UserContext. */ UserContext getUserContext(Credentials credentials) throws GuacamoleException; - + } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java index 1b53758b9..fdfea4577 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Connection.java @@ -49,7 +49,7 @@ import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; * human-readable identifier, and abstracts the connection process. The * backing GuacamoleConfiguration may be intentionally obfuscated or tokenized * to protect sensitive configuration information. - * + * * @author Michael Jumper */ public interface Connection { @@ -62,7 +62,7 @@ public interface Connection { /** * Sets the identifier assigned to this Connection. - * + * * @param identifier The identifier to assign. */ public void setIdentifier(String identifier); @@ -71,14 +71,14 @@ public interface Connection { * Returns the GuacamoleConfiguration associated with this Connection. Note * that because configurations may contain sensitive information, some data * in this configuration may be omitted or tokenized. - * + * * @return The GuacamoleConfiguration associated with this Connection. */ public GuacamoleConfiguration getConfiguration(); /** * Sets the GuacamoleConfiguration associated with this Connection. - * + * * @param config The GuacamoleConfiguration to associate with this * Connection. */ @@ -92,27 +92,27 @@ public interface Connection { * * @param info Information associated with the connecting client. * @return A fully-established GuacamoleSocket. - * + * * @throws GuacamoleException If an error occurs while connecting to guacd, * or if permission to connect is denied. */ public GuacamoleSocket connect(GuacamoleClientInformation info) throws GuacamoleException; - + /** * Returns a list of ConnectionRecords representing the usage history * of this Connection, including any active users. ConnectionRecords * in this list will be sorted in descending order of end time (active * connections are first), and then in descending order of start time * (newer connections are first). - * + * * @return A list of ConnectionRecrods representing the usage history * of this Connection. - * + * * @throws GuacamoleException If an error occurs while reading the history * of this connection, or if permission is * denied. */ public List getHistory() throws GuacamoleException; - + } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/ConnectionRecord.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/ConnectionRecord.java index 12e9ca7a0..29866e8d0 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/ConnectionRecord.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/ConnectionRecord.java @@ -42,21 +42,21 @@ import java.util.Date; /** * A logging record describing when a user started and ended usage of a * particular connection. - * + * * @author Michael Jumper */ public interface ConnectionRecord { /** * Returns the date and time the connection began. - * + * * @return The date and time the connection began. */ public Date getStartDate(); /** * Returns the date and time the connection ended, if applicable. - * + * * @return The date and time the connection ended, or null if the * connection is still running or if the end time is unknown. */ @@ -65,14 +65,14 @@ public interface ConnectionRecord { /** * Returns the user who used or is using the connection at the times * given by this connection record. - * + * * @return The user who used or is using the associated connection. */ public User getUser(); /** * Returns the connection associated with this record. - * + * * @return The connection associated with this record. */ public Connection getConnection(); @@ -80,10 +80,10 @@ public interface ConnectionRecord { /** * Returns whether the connection associated with this record is still * active. - * + * * @return true if the connection associated with this record is still * active, false otherwise. */ public boolean isActive(); - + } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Directory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Directory.java index 9bd9fb48b..0847ede83 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Directory.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/Directory.java @@ -46,7 +46,7 @@ import net.sourceforge.guacamole.GuacamoleException; * Directory are not necessarily returned to the use as references to * the stored objects, thus updating an object requires calling an update * function. - * + * * @author Michael Jumper * @param The type of identifier used to identify objects * stored within this Directory. @@ -60,18 +60,18 @@ public interface Directory { * the Directory. To update an object stored within an * Directory such that future calls to get() will return the updated * object, you must call update() on the object after modification. - * + * * @param identifier The identifier to use when locating the object to * return. * @return The object having the given identifier, or null if no such object * exists. - * + * * @throws GuacamoleException If an error occurs while retrieving the * object, or if permission for retrieving the * object is denied. */ ObjectType get(IdentifierType identifier) throws GuacamoleException; - + /** * Returns a Set containing all identifiers for all objects within this * Directory. @@ -84,34 +84,34 @@ public interface Directory { /** * Adds the given object to the overall set. - * + * * @param object The object to add. - * + * * @throws GuacamoleException If an error occurs while adding the object , or * if adding the object is not allowed. */ void add(ObjectType object) throws GuacamoleException; - + /** * Updates the stored object with the data contained in the given object. - * + * * @param object The object which will supply the data for the update. - * + * * @throws GuacamoleException If an error occurs while updating the object, * or if updating the object is not allowed. */ void update(ObjectType object) throws GuacamoleException; - + /** * Removes the object with the given identifier from the overall set. - * + * * @param identifier The identifier of the object to remove. - * + * * @throws GuacamoleException If an error occurs while removing the object, * or if removing object is not allowed. */ void remove(IdentifierType identifier) throws GuacamoleException; - + } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java index b2f573c65..cb2d9572c 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java @@ -44,21 +44,21 @@ import net.sourceforge.guacamole.net.auth.permission.Permission; /** * A user of the Guacamole web application. - * - * @author Michael Jumper + * + * @author Michael Jumper */ public interface User { /** * Returns the name of this user, which must be unique across all users. - * + * * @return The name of this user. */ public String getUsername(); /** * Sets the name of this user, which must be unique across all users. - * + * * @param username The name of this user. */ public void setUsername(String username); @@ -66,7 +66,7 @@ public interface User { /** * Returns this user's password. Note that the password returned may be * hashed or completely arbitrary. - * + * * @return A String which may (or may not) be the user's password. */ public String getPassword(); @@ -75,39 +75,39 @@ public interface User { * Sets this user's password. Note that while this function is guaranteed * to change the password of this User object, there is no guarantee that * getPassword() will return the value given to setPassword(). - * + * * @param password The password to set. */ public void setPassword(String password); /** * Lists all permissions given to this user. - * + * * @return A Set of all permissions granted to this user. - * + * * @throws GuacamoleException If an error occurs while retrieving * permissions, or if reading all permissions * is not allowed. */ Set getPermissions() throws GuacamoleException; - + /** * Tests whether this user has the specified permission. - * + * * @param permission The permission to check. * @return true if the permission is granted to this user, false otherwise. - * + * * @throws GuacamoleException If an error occurs while checking permissions, * or if permissions cannot be checked due to * lack of permissions to do so. */ boolean hasPermission(Permission permission) throws GuacamoleException; - + /** * Adds the specified permission to this user. - * + * * @param permission The permission to add. - * + * * @throws GuacamoleException If an error occurs while adding the * permission. or if permission to add * permissions is denied. @@ -116,9 +116,9 @@ public interface User { /** * Removes the specified permission from this specified user. - * + * * @param permission The permission to remove. - * + * * @throws GuacamoleException If an error occurs while removing the * permission. or if permission to remove * permissions is denied. diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java index 0444b7c56..26ef62398 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java @@ -42,7 +42,7 @@ import net.sourceforge.guacamole.GuacamoleException; /** * The context of an active user. The functions of this class enforce all * permissions and act only within the rights of the associated user. - * + * * @author Michael Jumper */ public interface UserContext { @@ -50,7 +50,7 @@ public interface UserContext { /** * Returns the User whose access rights control the operations of this * UserContext. - * + * * @return The User whose access rights control the operations of this * UserContext. */ @@ -60,26 +60,26 @@ public interface UserContext { * Retrieves a Directory which can be used to view and manipulate other * users, but only as allowed by the permissions given to the user of this * UserContext. - * + * * @return A Directory whose operations are bound by the restrictions * of this UserContext. - * + * * @throws GuacamoleException If an error occurs while creating the * Directory. */ Directory getUserDirectory() throws GuacamoleException; - + /** * Retrieves a Directory which can be used to view and manipulate * connections and their configurations, but only as allowed by the * permissions given to the user of this UserContext. - * + * * @return A Directory whose operations are bound by the restrictions * of this UserContext. - * + * * @throws GuacamoleException If an error occurs while creating the * Directory. - */ + */ Directory getConnectionDirectory() throws GuacamoleException; diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionDirectoryPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionDirectoryPermission.java index 54e8dfdd4..97058992e 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionDirectoryPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionDirectoryPermission.java @@ -40,7 +40,7 @@ package net.sourceforge.guacamole.net.auth.permission; /** * A permission which controls access to a GuacamoleConfigurationDirectory. - * + * * @author Michael Jumper */ public class ConnectionDirectoryPermission @@ -54,13 +54,13 @@ public class ConnectionDirectoryPermission /** * Creates a new ConnectionDirectoryPermission with the given * type. - * + * * @param type The type of operation controlled by this permission. */ public ConnectionDirectoryPermission(Type type) { this.type = type; } - + @Override public Type getType() { return type; diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionPermission.java index 1463b4bc5..b171fa605 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionPermission.java @@ -43,7 +43,7 @@ package net.sourceforge.guacamole.net.auth.permission; * GuacamoleConfiguration. Note that this permission only refers to the * GuacamoleConfiguration by its identifier. The actual GuacamoleConfiguration * is not stored within. - * + * * @author Michael Jumper */ public class ConnectionPermission @@ -64,13 +64,13 @@ public class ConnectionPermission * Creates a new ConnectionPermission having the given type * and identifier. The identifier must be the unique identifier assigned * to the GuacamoleConfiguration by the AuthenticationProvider in use. - * + * * @param type The type of operation affected by this permission. * @param identifier The identifier of the GuacamoleConfiguration associated * with the operation affected by this permission. */ public ConnectionPermission(Type type, String identifier) { - + this.identifier = identifier; this.type = type; diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ObjectPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ObjectPermission.java index 2c38a32a7..0325ca0d3 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ObjectPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ObjectPermission.java @@ -41,7 +41,7 @@ package net.sourceforge.guacamole.net.auth.permission; /** * A permission which affects a specific object, rather than the system as a * whole. - * + * * @author Michael Jumper * @param The type of identifier used by the object this permission affects. */ @@ -78,10 +78,10 @@ public interface ObjectPermission extends Permission { /** * Returns the identifier of the specific object affected by this * permission. - * + * * @return The identifier of the specific object affected by this * permission. */ public T getObjectIdentifier(); - + } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/Permission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/Permission.java index a17a15f86..af855df9d 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/Permission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/Permission.java @@ -41,17 +41,17 @@ package net.sourceforge.guacamole.net.auth.permission; /** * A permission which affects a specific type of operation, where all available * operation types are defined by an enumeration. - * + * * @author Michael Jumper * @param The enumeration of all available operation types that this * permission can affect. */ public interface Permission { - + /** * Returns the type of operation affected by this permission. * @return The type of operation affected by this permission. */ public Type getType(); - + } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/SystemPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/SystemPermission.java index 08e83c288..aa5ffbcbf 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/SystemPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/SystemPermission.java @@ -41,7 +41,7 @@ package net.sourceforge.guacamole.net.auth.permission; /** * A permission which affects the system as a whole, rather than an individual * object. - * + * * @author Michael Jumper */ public interface SystemPermission extends Permission { @@ -56,7 +56,7 @@ public interface SystemPermission extends Permission { * Create system-level objects. */ CREATE - + } } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserDirectoryPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserDirectoryPermission.java index 52548cb7e..751585b9c 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserDirectoryPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserDirectoryPermission.java @@ -40,7 +40,7 @@ package net.sourceforge.guacamole.net.auth.permission; /** * A permission which controls access to a UserDirectory. - * + * * @author Michael Jumper */ public class UserDirectoryPermission implements SystemPermission { @@ -52,13 +52,13 @@ public class UserDirectoryPermission implements SystemPermission { /** * Creates a new UserDirectoryPermission with the given type. - * + * * @param type The type of operation controlled by this permission. */ public UserDirectoryPermission(Type type) { this.type = type; } - + @Override public Type getType() { return type; diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java index 5bb347e5b..7d18c2b63 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserPermission.java @@ -41,7 +41,7 @@ package net.sourceforge.guacamole.net.auth.permission; /** * A permission which controls operations that directly affect a specific * User. - * + * * @author Michael Jumper */ public class UserPermission implements ObjectPermission { @@ -60,7 +60,7 @@ public class UserPermission implements ObjectPermission { /** * Creates a new UserPermission having the given type and identifier. The * identifier must be the user's username. - * + * * @param type The type of operation affected by this permission. * @param identifier The username of the User associated with the operation * affected by this permission. diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleAuthenticationProvider.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleAuthenticationProvider.java index 451b4d999..ebd9ed331 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleAuthenticationProvider.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleAuthenticationProvider.java @@ -52,13 +52,13 @@ import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; * implementation intended to be easily extended. It is useful for simple * authentication situations where access to web-based administration and * complex users and permissions are not required. - * + * * The interface provided by SimpleAuthenticationProvider is similar to that of * the AuthenticationProvider interface of older Guacamole releases. * * @author Michael Jumper */ -public abstract class SimpleAuthenticationProvider +public abstract class SimpleAuthenticationProvider implements AuthenticationProvider { /** @@ -84,17 +84,17 @@ public abstract class SimpleAuthenticationProvider // Get configurations Map configs = getAuthorizedConfigurations(credentials); - + // Return as unauthorized if not authorized to retrieve configs if (configs == null) return null; - + // Build new user from credentials User user = new SimpleUser(credentials.getUsername(), configs); - + // Return user context restricted to authorized configs return new SimpleUserContext(user, configs); - + } } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleConnection.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleConnection.java index 7cc482704..c033dec41 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleConnection.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleConnection.java @@ -52,7 +52,7 @@ import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; /** * An extremely basic Connection implementation. - * + * * @author Michael Jumper */ public class SimpleConnection extends AbstractConnection { @@ -61,17 +61,17 @@ public class SimpleConnection extends AbstractConnection { * Backing configuration, containing all sensitive information. */ private GuacamoleConfiguration config; - + /** * Creates a completely uninitialized SimpleConnection. */ public SimpleConnection() { } - + /** * Creates a new SimpleConnection having the given identifier and * GuacamoleConfiguration. - * + * * @param identifier The identifier to associated with this connection. * @param config The configuration describing how to connect to this * connection. @@ -95,13 +95,13 @@ public class SimpleConnection extends AbstractConnection { // Get guacd connection parameters String hostname = GuacamoleProperties.getProperty(GuacamoleProperties.GUACD_HOSTNAME); int port = GuacamoleProperties.getProperty(GuacamoleProperties.GUACD_PORT); - + // Return connected socket return new ConfiguredGuacamoleSocket( new InetGuacamoleSocket(hostname, port), config, info ); - + } @Override diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleConnectionDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleConnectionDirectory.java index cc5ca3852..7787ef09c 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleConnectionDirectory.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleConnectionDirectory.java @@ -52,10 +52,10 @@ import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; * An extremely simple read-only implementation of a Directory of * GuacamoleConfigurations which provides access to a pre-defined Map of * GuacamoleConfigurations. - * + * * @author Michael Jumper */ -public class SimpleConnectionDirectory +public class SimpleConnectionDirectory implements Directory { /** @@ -67,7 +67,7 @@ public class SimpleConnectionDirectory /** * Creates a new SimpleConnectionDirectory which provides * access to the configurations contained within the given Map. - * + * * @param configs The Map of GuacamoleConfigurations to provide access to. */ public SimpleConnectionDirectory( @@ -77,9 +77,9 @@ public class SimpleConnectionDirectory for (Entry entry : configs.entrySet()) connections.put(entry.getKey(), new SimpleConnection(entry.getKey(), entry.getValue())); - + } - + @Override public Connection get(String identifier) throws GuacamoleException { diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java index 40596d442..dc6713bad 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java @@ -51,7 +51,7 @@ import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; /** * An extremely basic User implementation. - * + * * @author Michael Jumper */ public class SimpleUser extends AbstractUser { @@ -60,16 +60,16 @@ public class SimpleUser extends AbstractUser { * The set of all permissions available to this user. */ private Set permissions = new HashSet(); - + /** * Creates a completely uninitialized SimpleUser. */ public SimpleUser() { } - + /** * Creates a new SimpleUser having the given username. - * + * * @param username The username to assign to this SimpleUser. * @param configs All configurations this user has read access to. */ @@ -90,9 +90,9 @@ public class SimpleUser extends AbstractUser { // Add to set permissions.add(permission); - + } - + } @Override @@ -114,5 +114,5 @@ public class SimpleUser extends AbstractUser { public void removePermission(Permission permission) throws GuacamoleException { throw new GuacamoleSecurityException("Permission denied."); } - + } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java index 7a4201545..65be77a89 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java @@ -49,7 +49,7 @@ import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; * An extremely simple UserContext implementation which provides access to * a defined and restricted set of GuacamoleConfigurations. Access to * querying or modifying either users or permissions is denied. - * + * * @author Michael Jumper */ public class SimpleUserContext implements UserContext { @@ -59,7 +59,7 @@ public class SimpleUserContext implements UserContext { * accessible within this UserContext. */ private final User self; - + /** * The Directory with access only to those Connections that the User * associated with this UserContext has access to. @@ -71,13 +71,13 @@ public class SimpleUserContext implements UserContext { * UserContext. */ private final Directory userDirectory; - + /** * Creates a new SimpleUserContext which provides access to only those * configurations within the given Map. The User given must be the user * that owns this UserContext, and the Map given must contain only * GuacamoleConfigurations that the given User has read access to. - * + * * @param self The owner of this UserContext. * @param configs A Map of all configurations for which the user associated * with this UserContext has read access. @@ -89,11 +89,11 @@ public class SimpleUserContext implements UserContext { this.connectionDirectory = new SimpleConnectionDirectory(configs); - + this.userDirectory = new SimpleUserDirectory(self); - + } - + @Override public User self() { return self; diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserDirectory.java index ccaf23887..49af4605b 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserDirectory.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserDirectory.java @@ -48,7 +48,7 @@ import net.sourceforge.guacamole.net.auth.User; /** * An extremely simple read-only implementation of a Directory of Users which * provides access to a single pre-defined User. - * + * * @author Michael Jumper */ public class SimpleUserDirectory implements Directory { @@ -61,7 +61,7 @@ public class SimpleUserDirectory implements Directory { /** * Creates a new SimpleUserDirectory which provides access to the single * user provided. - * + * * @param user The user to provide access to. */ public SimpleUserDirectory(User user) { diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleHome.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleHome.java index 081c17e57..e7583c349 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleHome.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleHome.java @@ -41,7 +41,7 @@ import java.io.File; /** * Abstract representation of the Guacamole configuration directory. - * + * * @author Michael Jumper */ public class GuacamoleHome { @@ -50,13 +50,13 @@ public class GuacamoleHome { * GuacamoleHome is a utility class and cannot be instantiated. */ private GuacamoleHome() {} - + /** * Returns the Guacamole home directory by checking, in order: * the guacamole.home system property, the GUACAMOLE_HOME environment * variable, and finally the .guacamole directory in the home directory of * the user running the servlet container. - * + * * @return The File representing the Guacamole home directory, which may * or may not exist, and may turn out to not be a directory. */ @@ -64,7 +64,7 @@ public class GuacamoleHome { // Attempt to find Guacamole home File guacHome; - + // Use system property by default String desiredDir = System.getProperty("guacamole.home"); diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java index 5d622e502..d55e3e6be 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java @@ -50,7 +50,7 @@ import net.sourceforge.guacamole.GuacamoleServerException; * file. The guacamole.properties file is preferably located in the servlet * container's user's home directory, in a subdirectory called .guacamole, or * in the directory set by the system property: guacamole.home. - * + * * If none of those locations are possible, guacamole.properties will also * be read from the root of the classpath. * @@ -104,9 +104,9 @@ public class GuacamoleProperties { // Attempt to find Guacamole home File guacHome = GuacamoleHome.getDirectory(); - + InputStream stream; - + // If not a directory, load from classpath if (!guacHome.isDirectory()) { From 02f75f777be87bd1db666f7a47b407589e2d77fb Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 21 Feb 2013 21:02:11 -0800 Subject: [PATCH 91/95] Implement BooleanGuacamoleProperty. --- .../properties/BooleanGuacamoleProperty.java | 72 +++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/BooleanGuacamoleProperty.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/BooleanGuacamoleProperty.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/BooleanGuacamoleProperty.java new file mode 100644 index 000000000..add1d7e45 --- /dev/null +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/BooleanGuacamoleProperty.java @@ -0,0 +1,72 @@ + +package net.sourceforge.guacamole.properties; + +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is guacamole-ext. + * + * The Initial Developer of the Original Code is + * Michael Jumper. + * Portions created by the Initial Developer are Copyright (C) 2010 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.GuacamoleServerException; + +/** + * A GuacamoleProperty whose value is an boolean. Legal true values are "true", + * or "false". Case does not matter. + * + * @author Michael Jumper + */ +public abstract class BooleanGuacamoleProperty implements GuacamoleProperty { + + @Override + public Boolean parseValue(String value) throws GuacamoleException { + + // If no property provided, return null. + if (value == null) + return null; + + // If "true", return true + if (value.equalsIgnoreCase("true")) + return true; + + // If "false", return false + if (value.equalsIgnoreCase("false")) + return false; + + // Otherwise, fail + throw new GuacamoleServerException("Property \"" + getName() + + "\" must be either \"true\" or \"false\"."); + + } + +} From ecb2c95ac30eece357d414573762e26d5a66409d Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Thu, 21 Feb 2013 21:11:40 -0800 Subject: [PATCH 92/95] Add getProperty() with default value. --- .../properties/GuacamoleProperties.java | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java index d55e3e6be..f152a461d 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/properties/GuacamoleProperties.java @@ -156,6 +156,33 @@ public class GuacamoleProperties { } + /** + * Given a GuacamoleProperty, parses and returns the value set for that + * property in guacamole.properties, if any. If no value is found, the + * provided default value is returned. + * + * @param The type that the given property is parsed into. + * @param property The property to read from guacamole.properties. + * @param defaultValue The value to return if no value was given in + * guacamole.properties. + * @return The parsed value of the property as read from + * guacamole.properties, or the provided default value if no value + * was found. + * @throws GuacamoleException If an error occurs while parsing the value + * for the given property in + * guacamole.properties. + */ + public static Type getProperty(GuacamoleProperty property, + Type defaultValue) throws GuacamoleException { + + Type value = getProperty(property); + if (value == null) + return defaultValue; + + return value; + + } + /** * Given a GuacamoleProperty, parses and returns the value set for that * property in guacamole.properties. An exception is thrown if the value From 21b41190b1dd81240a793a203c46e05530b7b885 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Tue, 26 Feb 2013 20:16:36 -0800 Subject: [PATCH 93/95] Add equals() and hashCode() to AbstractConnection. --- .../net/auth/AbstractConnection.java | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractConnection.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractConnection.java index e9ba4115f..df159183c 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractConnection.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/AbstractConnection.java @@ -77,4 +77,28 @@ public abstract class AbstractConnection implements Connection { this.configuration = configuration; } + @Override + public int hashCode() { + if (identifier == null) return 0; + return identifier.hashCode(); + } + + @Override + public boolean equals(Object obj) { + + // Not equal if null or not a User + if (obj == null) return false; + if (!(obj instanceof AbstractConnection)) return false; + + // Get identifier + String objIdentifier = ((AbstractConnection) obj).identifier; + + // If null, equal only if this identifier is null + if (objIdentifier == null) return identifier == null; + + // Otherwise, equal only if strings are identical + return objIdentifier.equals(identifier); + + } + } From dea47916695641c3f394b553fd7f0ad3f2f824e0 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Wed, 27 Feb 2013 15:49:58 -0800 Subject: [PATCH 94/95] Refactor SystemPermission to concrete class with CREATE_USER, CREATE_CONNECTION, and ADMINISTER permissions. Remove now-obsolete ConnectionDirectoryPermission and UserDirectoryPermission. --- .../ConnectionDirectoryPermission.java | 91 ------------------- .../net/auth/permission/SystemPermission.java | 61 ++++++++++++- .../permission/UserDirectoryPermission.java | 88 ------------------ 3 files changed, 57 insertions(+), 183 deletions(-) delete mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionDirectoryPermission.java delete mode 100644 guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserDirectoryPermission.java diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionDirectoryPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionDirectoryPermission.java deleted file mode 100644 index 97058992e..000000000 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/ConnectionDirectoryPermission.java +++ /dev/null @@ -1,91 +0,0 @@ - -package net.sourceforge.guacamole.net.auth.permission; - -/* ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is guacamole-ext. - * - * The Initial Developer of the Original Code is - * Michael Jumper. - * Portions created by the Initial Developer are Copyright (C) 2010 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - - -/** - * A permission which controls access to a GuacamoleConfigurationDirectory. - * - * @author Michael Jumper - */ -public class ConnectionDirectoryPermission - implements SystemPermission { - - /** - * The type of operation affected by this permission. - */ - private Type type; - - /** - * Creates a new ConnectionDirectoryPermission with the given - * type. - * - * @param type The type of operation controlled by this permission. - */ - public ConnectionDirectoryPermission(Type type) { - this.type = type; - } - - @Override - public Type getType() { - return type; - } - - @Override - public int hashCode() { - return type.hashCode(); - } - - @Override - public boolean equals(Object obj) { - - // Not equal if null or wrong type - if (obj == null) return false; - if (getClass() != obj.getClass()) return false; - - final ConnectionDirectoryPermission other = - (ConnectionDirectoryPermission) obj; - - // Compare types - if (type != other.type) - return false; - - return true; - } - -} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/SystemPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/SystemPermission.java index aa5ffbcbf..6d0ce27ed 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/SystemPermission.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/SystemPermission.java @@ -37,14 +37,13 @@ package net.sourceforge.guacamole.net.auth.permission; * * ***** END LICENSE BLOCK ***** */ - /** * A permission which affects the system as a whole, rather than an individual * object. * * @author Michael Jumper */ -public interface SystemPermission extends Permission { +public class SystemPermission implements Permission { /** * Specific types of system-level permissions. Each permission type is @@ -53,10 +52,64 @@ public interface SystemPermission extends Permission { public enum Type { /** - * Create system-level objects. + * Create users. */ - CREATE + CREATE_USER, + + /** + * Create connections. + */ + CREATE_CONNECTION, + + /** + * Administer the system in general, including adding permissions + * which affect the system (like user creation, connection creation, + * and system administration). + */ + ADMINISTER } + /** + * The type of operation affected by this permission. + */ + private Type type; + + /** + * Creates a new SystemPermission with the given + * type. + * + * @param type The type of operation controlled by this permission. + */ + public SystemPermission(Type type) { + this.type = type; + } + + @Override + public Type getType() { + return type; + } + + @Override + public int hashCode() { + return type.hashCode(); + } + + @Override + public boolean equals(Object obj) { + + // Not equal if null or wrong type + if (obj == null) return false; + if (getClass() != obj.getClass()) return false; + + final SystemPermission other = (SystemPermission) obj; + + // Compare types + if (type != other.type) + return false; + + return true; + } + + } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserDirectoryPermission.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserDirectoryPermission.java deleted file mode 100644 index 751585b9c..000000000 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/permission/UserDirectoryPermission.java +++ /dev/null @@ -1,88 +0,0 @@ - -package net.sourceforge.guacamole.net.auth.permission; - -/* ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is guacamole-ext. - * - * The Initial Developer of the Original Code is - * Michael Jumper. - * Portions created by the Initial Developer are Copyright (C) 2010 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - - -/** - * A permission which controls access to a UserDirectory. - * - * @author Michael Jumper - */ -public class UserDirectoryPermission implements SystemPermission { - - /** - * The type of operation affected by this permission. - */ - private Type type; - - /** - * Creates a new UserDirectoryPermission with the given type. - * - * @param type The type of operation controlled by this permission. - */ - public UserDirectoryPermission(Type type) { - this.type = type; - } - - @Override - public Type getType() { - return type; - } - - @Override - public int hashCode() { - return type.hashCode(); - } - - @Override - public boolean equals(Object obj) { - - // Not equal if null or wrong type - if (obj == null) return false; - if (getClass() != obj.getClass()) return false; - - final UserDirectoryPermission other = (UserDirectoryPermission) obj; - - // Compare types - if (type != other.type) - return false; - - return true; - } - -} From 24fcccc69c4a203b3cc3ec6c51f96f3aa371bfff Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sun, 3 Mar 2013 13:00:43 -0800 Subject: [PATCH 95/95] Use username in connection record, not full-blown user. --- .../guacamole/net/auth/ConnectionRecord.java | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/ConnectionRecord.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/ConnectionRecord.java index 29866e8d0..b9f28ed40 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/ConnectionRecord.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/ConnectionRecord.java @@ -63,19 +63,13 @@ public interface ConnectionRecord { public Date getEndDate(); /** - * Returns the user who used or is using the connection at the times - * given by this connection record. + * Returns the name of the user who used or is using the connection at the + * times given by this connection record. * - * @return The user who used or is using the associated connection. + * @return The name of the user who used or is using the associated + * connection. */ - public User getUser(); - - /** - * Returns the connection associated with this record. - * - * @return The connection associated with this record. - */ - public Connection getConnection(); + public String getUsername(); /** * Returns whether the connection associated with this record is still