Merge 1.0.0 changes back to master.
Project: http://git-wip-us.apache.org/repos/asf/guacamole-client/repo Commit: http://git-wip-us.apache.org/repos/asf/guacamole-client/commit/d53b43ce Tree: http://git-wip-us.apache.org/repos/asf/guacamole-client/tree/d53b43ce Diff: http://git-wip-us.apache.org/repos/asf/guacamole-client/diff/d53b43ce Branch: refs/heads/master Commit: d53b43ce2971eb769075481cf7416110bc6433d5 Parents: 7481c18 34faa5d Author: Michael Jumper <[email protected]> Authored: Sun Jul 1 23:18:04 2018 -0700 Committer: Michael Jumper <[email protected]> Committed: Sun Jul 1 23:18:04 2018 -0700 ---------------------------------------------------------------------- .../auth/jdbc/user/ModeledUserContext.java | 2 +- .../auth/jdbc/user/RemoteAuthenticatedUser.java | 58 +------------------- .../apache/guacamole/net/auth/Credentials.java | 40 ++++++++++++++ .../guacamole/rest/auth/TokenRESTService.java | 10 +--- .../guacamole/rest/user/UserResource.java | 9 +-- 5 files changed, 45 insertions(+), 74 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/d53b43ce/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/RemoteAuthenticatedUser.java ---------------------------------------------------------------------- diff --cc extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/RemoteAuthenticatedUser.java index 3b16a99,d68d9a9..4cfceb2 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/RemoteAuthenticatedUser.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/RemoteAuthenticatedUser.java @@@ -19,11 -19,6 +19,8 @@@ package org.apache.guacamole.auth.jdbc.user; +import java.util.HashMap; +import java.util.Map; - import java.util.regex.Matcher; - import java.util.regex.Pattern; - import javax.servlet.http.HttpServletRequest; import org.apache.guacamole.net.auth.AuthenticatedUser; import org.apache.guacamole.net.auth.AuthenticationProvider; import org.apache.guacamole.net.auth.Credentials; @@@ -49,74 -44,6 +46,21 @@@ public abstract class RemoteAuthenticat private final String remoteHost; /** - * Regular expression which matches any IPv4 address. - */ - private static final String IPV4_ADDRESS_REGEX = "([0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})"; - - /** - * Regular expression which matches any IPv6 address. - */ - private static final String IPV6_ADDRESS_REGEX = "([0-9a-fA-F]*(:[0-9a-fA-F]*){0,7})"; - - /** - * Regular expression which matches any IP address, regardless of version. - */ - private static final String IP_ADDRESS_REGEX = "(" + IPV4_ADDRESS_REGEX + "|" + IPV6_ADDRESS_REGEX + ")"; - - /** - * Pattern which matches valid values of the de-facto standard - * "X-Forwarded-For" header. - */ - private static final Pattern X_FORWARDED_FOR = Pattern.compile("^" + IP_ADDRESS_REGEX + "(, " + IP_ADDRESS_REGEX + ")*$"); - - /** + * Arbitrary attributes associated with this RemoteAuthenticatedUser object. + */ + private Map<String, String> attributes = new HashMap<String, String>(); + + @Override + public Map<String, String> getAttributes() { + return attributes; + } + + @Override + public void setAttributes(Map<String, String> attributes) { + this.attributes = attributes; + } + + /** - * Derives the remote host of the authenticating user from the given - * credentials object. The remote host is derived from X-Forwarded-For - * in addition to the actual source IP of the request, and thus is not - * trusted. The derived remote host is really only useful for logging, - * unless the server is configured such that X-Forwarded-For is guaranteed - * to be trustworthy. - * - * @param credentials - * The credentials to derive the remote host from. - * - * @return - * The remote host from which the user with the given credentials is - * authenticating. - */ - private static String getRemoteHost(Credentials credentials) { - - HttpServletRequest request = credentials.getRequest(); - - // Use X-Forwarded-For, if present and valid - String header = request.getHeader("X-Forwarded-For"); - if (header != null) { - Matcher matcher = X_FORWARDED_FOR.matcher(header); - if (matcher.matches()) - return matcher.group(1); - } - - // If header absent or invalid, just use source IP - return request.getRemoteAddr(); - - } - - /** * Creates a new RemoteAuthenticatedUser, deriving the associated remote * host from the given credentials. *
