jmuehlner commented on code in PR #911:
URL: https://github.com/apache/guacamole-client/pull/911#discussion_r1385741519
##########
extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/UserVerificationService.java:
##########
@@ -71,10 +74,60 @@ public void verifyAuthenticatedUser(AuthenticatedUser
authenticatedUser)
// Pull the original HTTP request used to authenticate
Credentials credentials = authenticatedUser.getCredentials();
HttpServletRequest request = credentials.getRequest();
+ IPAddress clientAddr = new
IPAddressString(request.getRemoteAddr()).getAddress();
// Ignore anonymous users
if
(authenticatedUser.getIdentifier().equals(AuthenticatedUser.ANONYMOUS_IDENTIFIER))
return;
+
+ // We enforce by default
+ boolean enforceHost = true;
Review Comment:
This would also be a nice place to explicitly document the behavior when an
address is on both the bypass _and_ enforce lists.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
