Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/299#discussion_r194879510 --- Diff: extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/AuthenticationProviderService.java --- @@ -221,21 +230,80 @@ public AuthenticatedUser authenticateUser(Credentials credentials) throw new GuacamoleInvalidCredentialsException("Permission denied.", CredentialsInfo.USERNAME_PASSWORD); try { - // Return AuthenticatedUser if bind succeeds AuthenticatedUser authenticatedUser = authenticatedUserProvider.get(); authenticatedUser.init(credentials); + + // Set attributes + String username = credentials.getUsername(); + Map<String, String> attrs = getLDAPAttributes(ldapConnection, username); + authenticatedUser.setAttributes(attrs); + return authenticatedUser; } - // Always disconnect finally { ldapService.disconnect(ldapConnection); } } + /** + * Returns all custom LDAP attributes on the user currently bound under + * the given LDAP connection. The custom attributes are specified in + * guacamole.properties. + * + * @param ldapConnection + * LDAP connection to find the custom LDAP attributes. + * + * @param username + * The username of the user whose attributes are queried. + * + * @return + * All attributes on the user currently bound under the + * given LDAP connection, as a map of attribute name to + * corresponding attribute value. + * + * @throws LDAPException + * If an error occurs while searching for the user attributes. + * + * @throws GuacamoleException + * If an error occurs retrieving the user DN. --- End diff -- ...or an error occurs retrieving the attributes?
---