Throwing GuacamoleInvalidCredentialsException breaks separation of
concerns (bindAs() shouldn't assume that it's being used during login
and that credentials given are the Guacamole user's credentials), and
has unintended side effects (throwing subclasses of
GuacamoleUnauthorizedException causes implicit session invalidation).
The AudioContext is paused by default in Google Chrome as a defense
against autoplay. It can be explicitly resumed with resume() as long as
there has been enough interaction with the page.
Currently the Regex pares only Header with IPs only.
But some Cloud Services provide Header with “IP:Port” and they are not changeable.
A change in the Line 96 and 101 could may solve this topic.
BG
Sporeno
GUACAMOLE-784: Changed Quantifiers of Port extension in the IP-Regexs
GUACAMOLE-784: Changed IP-Regexs to accept also Ports with 5 Digits (Fix)
GUACAMOLE-784: Separated Port-Regex from IP-Regexes to avoid duplicated Code for IPv4 and IPv6
Created new Constant for Port matching Regex
GUACAMOLE-784: Change Comments according standard formatting for JavaDoc comments
GUACAMOLE-784: Tolerate port number within X-Forwarded-For header
Currently the Regex pares only Header with IPs only.
But some Cloud Services provide Header with “IP:Port” and they are not changeable.
A change in the Line 96 and 101 could may solve this topic.
BG
Sporeno
GUACAMOLE-784: Changed Quantifiers of Port extension in the IP-Regexs
GUACAMOLE-784: Tolerate port number within X-Forwarded-For header
reset/rebase/squash a chaos of commits:
- implement user/group membership search using Apache Directory Ldap module instead of JLDAP
- Retrieve user's group membership if specified by username rather than DN
- New enum 'MemberAttributeType'
- New GuacamoleProperty 'MemberAttributeTypeProperty'
- New configuration property 'ldap-member-attribute-type'
Specifies what the field specified by 'ldap-member-attribute' actually
contains -- "dn" (default) or "uid" or ...
Some browsers suffer from a memory leak when reading image data
repeatedly using the Image object. Reading from Blobs does not exhibit
the same behavior. While reading from Blobs has previously been seen to
perform poorly compared to data URIs, this was observed when reading
using createObjectURL(). The createImageBitmap() function appears to
perform identically to reading data URIs using Image.
Firefox, and perhaps other browsers, does not fire a keyup event for
keys involved in submitting a form. This results in the enter key being
stuck in a pressed state if it is used to submit Guacamole's login
form.
Keyboard state should be reset whenever keyboard state cannot be
reliably maintained. This is already done for loss of window focus, but
should also be done for form submission (this specific case) and
navigation to a different page (generic catch-all).
As described in the discussion surrounding the original pull request:
* An extension throws `GuacamoleInsufficientCredentialsException`
specifically to indicate tentative acceptance of the credentials
passed thus far.
* Just as such an extension that fully accepts credentials takes
priority over an extension that refuses to accept the same, it makes
sense to allow an extension that *tentatively* accepts those credentials
to also take priority.
With the above perspective, authentication result priorities are as
follows, with ties broken by the inherent order of the auth providers:
1. Acceptance (returning an `AuthenticedUser` instance).
2. Tentative acceptance (throwing
`GuacamoleInvalidCredentialsException`).
3. Complete refusal (any other subclass of
`GuacamoleCredentialsException`).
4. Neither refusal nor acceptance (returning `null`).
See: https://github.com/apache/guacamole-client/pull/352
