[GitHub] guacamole-client pull request #194: GUACAMOLE-221: Support for Connection Pr...
Github user mike-jumper commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/194#discussion_r161638782 --- Diff: guacamole-ext/src/main/java/org/apache/guacamole/token/PromptEntry.java --- @@ -0,0 +1,124 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.token; + +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import org.apache.guacamole.form.Field; + +/** + * A class that collects all of the information required to + * to display a prompt to the user during client connection. + */ +public class PromptEntry { --- End diff -- > As an example, let's say I want to prompt the user for a folder within their home directory that they want to pass through to a RDP connection - the text in the connection configuration might be: > > /home/${GUAC_USERNAME}/${GUAC_PROMPT} If a malicious user entered "../../" for that, they would gain access to the root directory. > Thus, the user would not be allowed to override everything about that parameter, just provide some input within a scope that the administrator has defined. This may not actually end up being what happens, depending on the semantics of the parameter. I'm still unclear as to why `positions` is necessary, or what its values are intended to be. Can you describe how `positions` would be used in the examples you provided? ---
[GitHub] guacamole-client pull request #227: GUACAMOLE-232: Handle known platform/bro...
Github user mike-jumper commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/227#discussion_r161623546 --- Diff: guacamole-common-js/src/main/webapp/modules/Keyboard.js --- @@ -55,6 +55,47 @@ Guacamole.Keyboard = function(element) { */ this.onkeyup = null; +/** + * Set of known platform-specific or browser-specific quirks which must be + * accounted for to properly interpret key events, even if the only way to + * reliably detect that quirk is to platform/browser-sniff. + * + * @private + * @type {Object.} + */ +var quirks = { + +/** + * Whether keyup events are universally unreliable. + * + * @type {Boolean} + */ +keyupUnreliable: false, + +/** + * Whether the Alt key is actually a modifier for typable keys and is + * thus never used for keyboard shortcuts. + * + * @type {Boolean} + */ +altIsTypableOnly: false + +}; + +// Set quirk flags depending on platform/browser, if such information is +// available +if (navigator && navigator.platform) { + +// All keyup events are unreliable on iOS (sadly) +if (navigator.platform.match(/ipad|iphone|ipod/i)) +quirks.keyupUnreliable = true; + +// The Alt key on Mac is never used for keyboard shortcuts +else if (navigator.platform.match(/^mac/i)) +quirks.altIsTypableOnly = true; + --- End diff -- OK - that should be better. I've updated the way that `Guacamole.Keyboard` resynchronizes modifier state such that it also presses modifiers (it previously only released them), and cleaned things up somewhat to avoid repeating the same series of checks. ---
[GitHub] guacamole-client pull request #227: GUACAMOLE-232: Handle known platform/bro...
Github user mike-jumper commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/227#discussion_r161620053 --- Diff: guacamole-common-js/src/main/webapp/modules/Keyboard.js --- @@ -55,6 +55,47 @@ Guacamole.Keyboard = function(element) { */ this.onkeyup = null; +/** + * Set of known platform-specific or browser-specific quirks which must be + * accounted for to properly interpret key events, even if the only way to + * reliably detect that quirk is to platform/browser-sniff. + * + * @private + * @type {Object.} + */ +var quirks = { + +/** + * Whether keyup events are universally unreliable. + * + * @type {Boolean} + */ +keyupUnreliable: false, + +/** + * Whether the Alt key is actually a modifier for typable keys and is + * thus never used for keyboard shortcuts. + * + * @type {Boolean} + */ +altIsTypableOnly: false + +}; + +// Set quirk flags depending on platform/browser, if such information is +// available +if (navigator && navigator.platform) { + +// All keyup events are unreliable on iOS (sadly) +if (navigator.platform.match(/ipad|iphone|ipod/i)) +quirks.keyupUnreliable = true; + +// The Alt key on Mac is never used for keyboard shortcuts +else if (navigator.platform.match(/^mac/i)) +quirks.altIsTypableOnly = true; + --- End diff -- Apparently, keydown for modifier keys on iOS is not currently properly handled (the key identity is missing from the event), but the tracking of modifier state used `Guacamole.Keyboard` to automatically release modifiers can be used to also properly press them, and things should then work as expected. I'll make the necessary change. ---
[GitHub] guacamole-client pull request #227: GUACAMOLE-232: Handle known platform/bro...
Github user mike-jumper commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/227#discussion_r161618151 --- Diff: guacamole-common-js/src/main/webapp/modules/Keyboard.js --- @@ -55,6 +55,47 @@ Guacamole.Keyboard = function(element) { */ this.onkeyup = null; +/** + * Set of known platform-specific or browser-specific quirks which must be + * accounted for to properly interpret key events, even if the only way to + * reliably detect that quirk is to platform/browser-sniff. + * + * @private + * @type {Object.} + */ +var quirks = { + +/** + * Whether keyup events are universally unreliable. + * + * @type {Boolean} + */ +keyupUnreliable: false, + +/** + * Whether the Alt key is actually a modifier for typable keys and is + * thus never used for keyboard shortcuts. + * + * @type {Boolean} + */ +altIsTypableOnly: false + +}; + +// Set quirk flags depending on platform/browser, if such information is +// available +if (navigator && navigator.platform) { + +// All keyup events are unreliable on iOS (sadly) +if (navigator.platform.match(/ipad|iphone|ipod/i)) +quirks.keyupUnreliable = true; + +// The Alt key on Mac is never used for keyboard shortcuts +else if (navigator.platform.match(/^mac/i)) +quirks.altIsTypableOnly = true; + --- End diff -- This particular one shouldn't have any impact, as it's actually just a refactored approach to the same behavior handled previously: https://github.com/apache/guacamole-client/blob/c4ba495cca96f9823742083a8ecbaafb6be3c704/guacamole-common-js/src/main/webapp/modules/Keyboard.js#L187-L189 vs. https://github.com/apache/guacamole-client/blob/960e83f780425d93bf064f0187fd481cb848b150/guacamole-common-js/src/main/webapp/modules/Keyboard.js#L241-L242 The other `keyupUnreliable` quirk for iOS might impact keyboard shortcuts in general, though. I'll retest. ---
[GitHub] guacamole-client pull request #227: GUACAMOLE-232: Handle known platform/bro...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/227#discussion_r161612019 --- Diff: guacamole-common-js/src/main/webapp/modules/Keyboard.js --- @@ -55,6 +55,47 @@ Guacamole.Keyboard = function(element) { */ this.onkeyup = null; +/** + * Set of known platform-specific or browser-specific quirks which must be + * accounted for to properly interpret key events, even if the only way to + * reliably detect that quirk is to platform/browser-sniff. + * + * @private + * @type {Object.} + */ +var quirks = { + +/** + * Whether keyup events are universally unreliable. + * + * @type {Boolean} + */ +keyupUnreliable: false, + +/** + * Whether the Alt key is actually a modifier for typable keys and is + * thus never used for keyboard shortcuts. + * + * @type {Boolean} + */ +altIsTypableOnly: false + +}; + +// Set quirk flags depending on platform/browser, if such information is +// available +if (navigator && navigator.platform) { + +// All keyup events are unreliable on iOS (sadly) +if (navigator.platform.match(/ipad|iphone|ipod/i)) +quirks.keyupUnreliable = true; + +// The Alt key on Mac is never used for keyboard shortcuts +else if (navigator.platform.match(/^mac/i)) +quirks.altIsTypableOnly = true; + --- End diff -- What kind of impact does this have on Ctrl-Alt-Shift for accessing the Guacamole Client menu, and the recently-added Ctrl-Alt-End for sending Ctrl-Alt-Delete? ---
[GitHub] guacamole-client pull request #226: GUACAMOLE-447: Add UIKit key constants s...
Github user asfgit closed the pull request at: https://github.com/apache/guacamole-client/pull/226 ---
[GitHub] guacamole-client pull request #194: GUACAMOLE-221: Support for Connection Pr...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/194#discussion_r161610676 --- Diff: guacamole-ext/src/main/java/org/apache/guacamole/token/PromptEntry.java --- @@ -0,0 +1,124 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.token; + +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import org.apache.guacamole.form.Field; + +/** + * A class that collects all of the information required to + * to display a prompt to the user during client connection. + */ +public class PromptEntry { --- End diff -- So, the main point is to provide a data structure that can then be presented by the REST API such that the front-end application can provide a list of fields where prompts are necessary. The `Field` is tracked so that we know both the name and the type of entry this should be (text vs. password vs. number, etc.), and the `positions` is so that you can cope with the following possible scenarios: - The entire field (e.g. username) is being prompted. - One or more positions within a field are being prompted. The idea here is that there may be some text within a parameter, such as a filesystem location or directory path, that I want to hard-code as the administrator, while I want the user to be able to provide some sort of input to the field. As an example, let's say I want to prompt the user for a folder within their home directory that they want to pass through to a RDP connection - the text in the connection configuration might be: `/home/${GUAC_USERNAME}/${GUAC_PROMPT}` Or, perhaps you want to allow them to enter a hostname for a server, but within a defined range of servers. You might do: `vdi-${GUAC_PROMPT}.example.com` or: `${GUAC_PROMPT}.vdi.example.com` Thus, the user would not be allowed to override everything about that parameter, just provide some input within a scope that the administrator has defined. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161606361 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/form/RadiusStateField.java --- @@ -0,0 +1,63 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius.form; + +import org.apache.guacamole.form.Field; +import org.codehaus.jackson.annotate.JsonProperty; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The invisible field that stores the state of the RADIUS + * connection. The state is simply a placeholder that helps + * the client and server pick back up the conversation + * at the correct spot during challenge/response. + */ +public class RadiusStateField extends Field { + +/** + * The parameter returned by the RADIUS state. + */ +public static final String PARAMETER_NAME = "guac-radius-state"; + +/** + * The type of field to initialize for the state. + */ +private static final String RADIUS_FIELD_TYPE = "GUAC_RADIUS_STATE"; + +/** + * The state of the connection passed by the previous RADIUS attempt. + */ +private final String radiusState; + +/** + * Initialize the field with the reply message and the state. + */ +public RadiusStateField(String radiusState) { +super(PARAMETER_NAME, RADIUS_FIELD_TYPE); +this.radiusState = radiusState; + +} + +public String getRadiusState() { --- End diff -- Done. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161606204 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/form/RadiusChallengeResponseField.java --- @@ -0,0 +1,64 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius.form; + +import org.apache.guacamole.form.Field; +import org.codehaus.jackson.annotate.JsonProperty; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * A form used to prompt the user for additional information when + * the RADIUS server sends a challenge back to the user with a reply + * message. + */ +public class RadiusChallengeResponseField extends Field { + +/** + * The field returned by the RADIUS challenge/response. + */ +public static final String PARAMETER_NAME = "guac-radius-challenge-response"; + +/** + * The type of field to initialize for the challenge/response. + */ +private static final String RADIUS_FIELD_TYPE = "GUAC_RADIUS_CHALLENGE_RESPONSE"; + +/** + * The message the RADIUS server sent back in the challenge. + */ +private final String replyMsg; + +/** + * Initialize the field with the reply message and the state. --- End diff -- Removed and changed things to "challenge" instead of replyMsg. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161606259 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/form/RadiusChallengeResponseField.java --- @@ -0,0 +1,64 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius.form; + +import org.apache.guacamole.form.Field; +import org.codehaus.jackson.annotate.JsonProperty; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * A form used to prompt the user for additional information when + * the RADIUS server sends a challenge back to the user with a reply + * message. + */ +public class RadiusChallengeResponseField extends Field { + +/** + * The field returned by the RADIUS challenge/response. + */ +public static final String PARAMETER_NAME = "guac-radius-challenge-response"; + +/** + * The type of field to initialize for the challenge/response. + */ +private static final String RADIUS_FIELD_TYPE = "GUAC_RADIUS_CHALLENGE_RESPONSE"; + +/** + * The message the RADIUS server sent back in the challenge. + */ +private final String replyMsg; + +/** + * Initialize the field with the reply message and the state. + */ +public RadiusChallengeResponseField(String replyMsg) { +super(PARAMETER_NAME, RADIUS_FIELD_TYPE); +this.replyMsg = replyMsg; + +} + +/** + * Get the value of the replyMsg field. --- End diff -- Fixed. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161606312 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/form/RadiusStateField.java --- @@ -0,0 +1,63 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius.form; + +import org.apache.guacamole.form.Field; +import org.codehaus.jackson.annotate.JsonProperty; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The invisible field that stores the state of the RADIUS + * connection. The state is simply a placeholder that helps + * the client and server pick back up the conversation + * at the correct spot during challenge/response. + */ +public class RadiusStateField extends Field { + +/** + * The parameter returned by the RADIUS state. + */ +public static final String PARAMETER_NAME = "guac-radius-state"; + +/** + * The type of field to initialize for the state. + */ +private static final String RADIUS_FIELD_TYPE = "GUAC_RADIUS_STATE"; + +/** + * The state of the connection passed by the previous RADIUS attempt. + */ +private final String radiusState; + +/** + * Initialize the field with the reply message and the state. + */ +public RadiusStateField(String radiusState) { --- End diff -- Done. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161606288 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/form/RadiusChallengeResponseField.java --- @@ -0,0 +1,64 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius.form; + +import org.apache.guacamole.form.Field; +import org.codehaus.jackson.annotate.JsonProperty; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * A form used to prompt the user for additional information when + * the RADIUS server sends a challenge back to the user with a reply + * message. + */ +public class RadiusChallengeResponseField extends Field { + +/** + * The field returned by the RADIUS challenge/response. + */ +public static final String PARAMETER_NAME = "guac-radius-challenge-response"; + +/** + * The type of field to initialize for the challenge/response. + */ +private static final String RADIUS_FIELD_TYPE = "GUAC_RADIUS_CHALLENGE_RESPONSE"; + +/** + * The message the RADIUS server sent back in the challenge. + */ +private final String replyMsg; + +/** + * Initialize the field with the reply message and the state. + */ +public RadiusChallengeResponseField(String replyMsg) { +super(PARAMETER_NAME, RADIUS_FIELD_TYPE); +this.replyMsg = replyMsg; + +} + +/** + * Get the value of the replyMsg field. + */ +public String getReplyMsg() { --- End diff -- Changed to getChallenge. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161606232 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/form/RadiusChallengeResponseField.java --- @@ -0,0 +1,64 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius.form; + +import org.apache.guacamole.form.Field; +import org.codehaus.jackson.annotate.JsonProperty; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * A form used to prompt the user for additional information when + * the RADIUS server sends a challenge back to the user with a reply + * message. + */ +public class RadiusChallengeResponseField extends Field { + +/** + * The field returned by the RADIUS challenge/response. + */ +public static final String PARAMETER_NAME = "guac-radius-challenge-response"; + +/** + * The type of field to initialize for the challenge/response. + */ +private static final String RADIUS_FIELD_TYPE = "GUAC_RADIUS_CHALLENGE_RESPONSE"; + +/** + * The message the RADIUS server sent back in the challenge. + */ +private final String replyMsg; + +/** + * Initialize the field with the reply message and the state. + */ +public RadiusChallengeResponseField(String replyMsg) { --- End diff -- Changed to challenge, and documented. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161606104 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java --- @@ -0,0 +1,276 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.io.File; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.InetAddress; +import java.net.UnknownHostException; +import java.security.NoSuchAlgorithmException; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.GuacamoleUnsupportedException; +import org.apache.guacamole.environment.LocalEnvironment; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import net.jradius.client.RadiusClient; +import net.jradius.exception.RadiusException; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.AccessRequest; +import net.jradius.dictionary.*; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.client.auth.EAPTLSAuthenticator; +import net.jradius.client.auth.EAPTTLSAuthenticator; +import net.jradius.client.auth.RadiusAuthenticator; +import net.jradius.client.auth.PEAPAuthenticator; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.AccessChallenge; +import net.jradius.packet.RadiusResponse; + +/** + * Service for creating and managing connections to RADIUS servers. + */ +public class RadiusConnectionService { + +/** + * Logger for this class. + */ +private final Logger logger = LoggerFactory.getLogger(RadiusConnectionService.class); + +/** + * Service for retrieving RADIUS server configuration information. + */ +@Inject +private ConfigurationService confService; + + +/** + * Creates a new instance of RadiusClient, configured with parameters + * from guacamole.properties. + * + * @throws GuacamoleException + * If an error occurs while parsing guacamole.properties, or if the + * configuration of RadiusClient fails. + */ +private RadiusClient createRadiusConnection() { + +// Create the RADIUS client with the configuration parameters +try { +return new RadiusClient(InetAddress.getByName(confService.getRadiusServer()), + confService.getRadiusSharedSecret(), + confService.getRadiusAuthPort(), + confService.getRadiusAcctPort(), + confService.getRadiusTimeout()); +} +catch (GuacamoleException e) { +logger.error("Unable to initialize RADIUS client: {}", e.getMessage()); +logger.debug("Failed to init RADIUS client.", e); +} +catch (UnknownHostException e) { +logger.error("Unable to resolve host: {}", e.getMessage()); +logger.debug("Failed to resolve host.", e); +} +catch (IOException e) { +logger.error("Unable to communicate with host: {}", e.getMessage()); +logger.debug("Failed to communicate with host.", e); +} + +return null; + +} + +/** + * Creates a new instance of RadiusAuthentictor, configured with + * parameters specified within guacamole.properties. + * + * @return + * A new RadiusAuthenticator instance which has been configured + * with parameters from guacamole.properties, or null if + * configuration fails. + */ +private Rad
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161606156 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusGuacamoleProperties.java --- @@ -0,0 +1,191 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import org.apache.guacamole.properties.BooleanGuacamoleProperty; +import org.apache.guacamole.properties.IntegerGuacamoleProperty; +import org.apache.guacamole.properties.StringGuacamoleProperty; + + +/** + * Provides properties required for use of the RADIUS authentication provider. + * These properties will be read from guacamole.properties when the RADIUS + * authentication provider is used. + */ +public class RadiusGuacamoleProperties { + +/** + * This class should not be instantiated. + */ +private RadiusGuacamoleProperties() {} + +/** + * The port on the RADIUS server to connect to when authenticating users. + */ +public static final IntegerGuacamoleProperty RADIUS_AUTH_PORT = new IntegerGuacamoleProperty() { + +@Override +public String getName() { return "radius-auth-port"; } + +}; + +/** + * The port on the server to connect to when performing RADIUS accounting. + */ +public static final IntegerGuacamoleProperty RADIUS_ACCT_PORT = new IntegerGuacamoleProperty() { + +@Override +public String getName() { return "radius-acct-port"; } + +}; + + +/** + * The hostname or ip of the RADIUS server to connect to when authenticating users. + */ +public static final StringGuacamoleProperty RADIUS_SERVER = new StringGuacamoleProperty() { + +@Override +public String getName() { return "radius-server"; } + +}; + +/** + * The shared secret to use when connecting to the RADIUS server. + */ +public static final StringGuacamoleProperty RADIUS_SHARED_SECRET = new StringGuacamoleProperty() { + +@Override +public String getName() { return "radius-shared-secret"; } + +}; + +/** + * The authentication protocol of the RADIUS server to connect to when authenticating users. + */ +public static final StringGuacamoleProperty RADIUS_AUTH_PROTOCOL = new StringGuacamoleProperty() { + +@Override +public String getName() { return "radius-auth-protocol"; } + +}; + +/** + * The number of retries when attempting a RADIUS packet transaction. + */ +public static final IntegerGuacamoleProperty RADIUS_RETRIES = new IntegerGuacamoleProperty() { + +@Override +public String getName() { return "radius-retries"; } + +}; + +/** + * The network timeout when attempting a RADIUS packet transaction. --- End diff -- Documented. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161606140 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusGuacamoleProperties.java --- @@ -0,0 +1,191 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import org.apache.guacamole.properties.BooleanGuacamoleProperty; +import org.apache.guacamole.properties.IntegerGuacamoleProperty; +import org.apache.guacamole.properties.StringGuacamoleProperty; + + +/** + * Provides properties required for use of the RADIUS authentication provider. + * These properties will be read from guacamole.properties when the RADIUS + * authentication provider is used. + */ +public class RadiusGuacamoleProperties { + +/** + * This class should not be instantiated. + */ +private RadiusGuacamoleProperties() {} + +/** + * The port on the RADIUS server to connect to when authenticating users. + */ +public static final IntegerGuacamoleProperty RADIUS_AUTH_PORT = new IntegerGuacamoleProperty() { + +@Override +public String getName() { return "radius-auth-port"; } + +}; + +/** + * The port on the server to connect to when performing RADIUS accounting. + */ +public static final IntegerGuacamoleProperty RADIUS_ACCT_PORT = new IntegerGuacamoleProperty() { + +@Override +public String getName() { return "radius-acct-port"; } + +}; + + +/** + * The hostname or ip of the RADIUS server to connect to when authenticating users. + */ +public static final StringGuacamoleProperty RADIUS_SERVER = new StringGuacamoleProperty() { + +@Override +public String getName() { return "radius-server"; } + +}; + +/** + * The shared secret to use when connecting to the RADIUS server. + */ +public static final StringGuacamoleProperty RADIUS_SHARED_SECRET = new StringGuacamoleProperty() { + +@Override +public String getName() { return "radius-shared-secret"; } + +}; + +/** + * The authentication protocol of the RADIUS server to connect to when authenticating users. + */ +public static final StringGuacamoleProperty RADIUS_AUTH_PROTOCOL = new StringGuacamoleProperty() { + +@Override +public String getName() { return "radius-auth-protocol"; } + +}; + +/** + * The number of retries when attempting a RADIUS packet transaction. + */ +public static final IntegerGuacamoleProperty RADIUS_RETRIES = new IntegerGuacamoleProperty() { + +@Override +public String getName() { return "radius-retries"; } --- End diff -- Renamed. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161606116 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java --- @@ -0,0 +1,276 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.io.File; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.InetAddress; +import java.net.UnknownHostException; +import java.security.NoSuchAlgorithmException; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.GuacamoleUnsupportedException; +import org.apache.guacamole.environment.LocalEnvironment; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import net.jradius.client.RadiusClient; +import net.jradius.exception.RadiusException; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.AccessRequest; +import net.jradius.dictionary.*; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.client.auth.EAPTLSAuthenticator; +import net.jradius.client.auth.EAPTTLSAuthenticator; +import net.jradius.client.auth.RadiusAuthenticator; +import net.jradius.client.auth.PEAPAuthenticator; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.AccessChallenge; +import net.jradius.packet.RadiusResponse; + +/** + * Service for creating and managing connections to RADIUS servers. + */ +public class RadiusConnectionService { + +/** + * Logger for this class. + */ +private final Logger logger = LoggerFactory.getLogger(RadiusConnectionService.class); + +/** + * Service for retrieving RADIUS server configuration information. + */ +@Inject +private ConfigurationService confService; + + +/** + * Creates a new instance of RadiusClient, configured with parameters + * from guacamole.properties. + * + * @throws GuacamoleException + * If an error occurs while parsing guacamole.properties, or if the + * configuration of RadiusClient fails. + */ +private RadiusClient createRadiusConnection() { + +// Create the RADIUS client with the configuration parameters +try { +return new RadiusClient(InetAddress.getByName(confService.getRadiusServer()), + confService.getRadiusSharedSecret(), + confService.getRadiusAuthPort(), + confService.getRadiusAcctPort(), + confService.getRadiusTimeout()); +} +catch (GuacamoleException e) { +logger.error("Unable to initialize RADIUS client: {}", e.getMessage()); +logger.debug("Failed to init RADIUS client.", e); +} +catch (UnknownHostException e) { +logger.error("Unable to resolve host: {}", e.getMessage()); +logger.debug("Failed to resolve host.", e); +} +catch (IOException e) { +logger.error("Unable to communicate with host: {}", e.getMessage()); +logger.debug("Failed to communicate with host.", e); +} + +return null; + +} + +/** + * Creates a new instance of RadiusAuthentictor, configured with + * parameters specified within guacamole.properties. + * + * @return + * A new RadiusAuthenticator instance which has been configured + * with parameters from guacamole.properties, or null if + * configuration fails. + */ +private Rad
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161606090 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java --- @@ -0,0 +1,276 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.io.File; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.InetAddress; +import java.net.UnknownHostException; +import java.security.NoSuchAlgorithmException; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.GuacamoleUnsupportedException; +import org.apache.guacamole.environment.LocalEnvironment; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import net.jradius.client.RadiusClient; +import net.jradius.exception.RadiusException; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.AccessRequest; +import net.jradius.dictionary.*; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.client.auth.EAPTLSAuthenticator; +import net.jradius.client.auth.EAPTTLSAuthenticator; +import net.jradius.client.auth.RadiusAuthenticator; +import net.jradius.client.auth.PEAPAuthenticator; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.AccessChallenge; +import net.jradius.packet.RadiusResponse; + +/** + * Service for creating and managing connections to RADIUS servers. + */ +public class RadiusConnectionService { + +/** + * Logger for this class. + */ +private final Logger logger = LoggerFactory.getLogger(RadiusConnectionService.class); + +/** + * Service for retrieving RADIUS server configuration information. + */ +@Inject +private ConfigurationService confService; + + +/** + * Creates a new instance of RadiusClient, configured with parameters + * from guacamole.properties. + * + * @throws GuacamoleException + * If an error occurs while parsing guacamole.properties, or if the + * configuration of RadiusClient fails. + */ +private RadiusClient createRadiusConnection() { + +// Create the RADIUS client with the configuration parameters +try { +return new RadiusClient(InetAddress.getByName(confService.getRadiusServer()), + confService.getRadiusSharedSecret(), + confService.getRadiusAuthPort(), + confService.getRadiusAcctPort(), + confService.getRadiusTimeout()); +} +catch (GuacamoleException e) { +logger.error("Unable to initialize RADIUS client: {}", e.getMessage()); +logger.debug("Failed to init RADIUS client.", e); +} +catch (UnknownHostException e) { +logger.error("Unable to resolve host: {}", e.getMessage()); +logger.debug("Failed to resolve host.", e); +} +catch (IOException e) { +logger.error("Unable to communicate with host: {}", e.getMessage()); +logger.debug("Failed to communicate with host.", e); +} + +return null; + +} + +/** + * Creates a new instance of RadiusAuthentictor, configured with + * parameters specified within guacamole.properties. + * + * @return + * A new RadiusAuthenticator instance which has been configured + * with parameters from guacamole.properties, or null if + * configuration fails. + */ +private Rad
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161606074 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java --- @@ -0,0 +1,276 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.io.File; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.InetAddress; +import java.net.UnknownHostException; +import java.security.NoSuchAlgorithmException; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.GuacamoleUnsupportedException; +import org.apache.guacamole.environment.LocalEnvironment; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import net.jradius.client.RadiusClient; +import net.jradius.exception.RadiusException; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.AccessRequest; +import net.jradius.dictionary.*; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.client.auth.EAPTLSAuthenticator; +import net.jradius.client.auth.EAPTTLSAuthenticator; +import net.jradius.client.auth.RadiusAuthenticator; +import net.jradius.client.auth.PEAPAuthenticator; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.AccessChallenge; +import net.jradius.packet.RadiusResponse; + +/** + * Service for creating and managing connections to RADIUS servers. + */ +public class RadiusConnectionService { + +/** + * Logger for this class. + */ +private final Logger logger = LoggerFactory.getLogger(RadiusConnectionService.class); + +/** + * Service for retrieving RADIUS server configuration information. + */ +@Inject +private ConfigurationService confService; + + +/** + * Creates a new instance of RadiusClient, configured with parameters + * from guacamole.properties. + * + * @throws GuacamoleException + * If an error occurs while parsing guacamole.properties, or if the + * configuration of RadiusClient fails. + */ +private RadiusClient createRadiusConnection() { + +// Create the RADIUS client with the configuration parameters +try { +return new RadiusClient(InetAddress.getByName(confService.getRadiusServer()), + confService.getRadiusSharedSecret(), + confService.getRadiusAuthPort(), + confService.getRadiusAcctPort(), + confService.getRadiusTimeout()); +} +catch (GuacamoleException e) { +logger.error("Unable to initialize RADIUS client: {}", e.getMessage()); +logger.debug("Failed to init RADIUS client.", e); +} +catch (UnknownHostException e) { +logger.error("Unable to resolve host: {}", e.getMessage()); +logger.debug("Failed to resolve host.", e); +} +catch (IOException e) { +logger.error("Unable to communicate with host: {}", e.getMessage()); +logger.debug("Failed to communicate with host.", e); +} + +return null; + +} + +/** + * Creates a new instance of RadiusAuthentictor, configured with + * parameters specified within guacamole.properties. + * + * @return + * A new RadiusAuthenticator instance which has been configured + * with parameters from guacamole.properties, or null if + * configuration fails. + */ +private Rad
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161606060 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java --- @@ -0,0 +1,276 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.io.File; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.InetAddress; +import java.net.UnknownHostException; +import java.security.NoSuchAlgorithmException; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.GuacamoleUnsupportedException; +import org.apache.guacamole.environment.LocalEnvironment; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import net.jradius.client.RadiusClient; +import net.jradius.exception.RadiusException; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.AccessRequest; +import net.jradius.dictionary.*; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.client.auth.EAPTLSAuthenticator; +import net.jradius.client.auth.EAPTTLSAuthenticator; +import net.jradius.client.auth.RadiusAuthenticator; +import net.jradius.client.auth.PEAPAuthenticator; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.AccessChallenge; +import net.jradius.packet.RadiusResponse; + +/** + * Service for creating and managing connections to RADIUS servers. + */ +public class RadiusConnectionService { + +/** + * Logger for this class. + */ +private final Logger logger = LoggerFactory.getLogger(RadiusConnectionService.class); + +/** + * Service for retrieving RADIUS server configuration information. + */ +@Inject +private ConfigurationService confService; + + +/** + * Creates a new instance of RadiusClient, configured with parameters + * from guacamole.properties. + * + * @throws GuacamoleException + * If an error occurs while parsing guacamole.properties, or if the + * configuration of RadiusClient fails. + */ +private RadiusClient createRadiusConnection() { --- End diff -- Done. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161606040 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java --- @@ -0,0 +1,276 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.io.File; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.InetAddress; +import java.net.UnknownHostException; +import java.security.NoSuchAlgorithmException; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.GuacamoleUnsupportedException; +import org.apache.guacamole.environment.LocalEnvironment; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import net.jradius.client.RadiusClient; +import net.jradius.exception.RadiusException; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.AccessRequest; +import net.jradius.dictionary.*; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; +import net.jradius.client.auth.EAPTLSAuthenticator; +import net.jradius.client.auth.EAPTTLSAuthenticator; +import net.jradius.client.auth.RadiusAuthenticator; +import net.jradius.client.auth.PEAPAuthenticator; +import net.jradius.packet.attribute.AttributeFactory; +import net.jradius.packet.AccessChallenge; +import net.jradius.packet.RadiusResponse; + +/** + * Service for creating and managing connections to RADIUS servers. + */ +public class RadiusConnectionService { + +/** + * Logger for this class. + */ +private final Logger logger = LoggerFactory.getLogger(RadiusConnectionService.class); + +/** + * Service for retrieving RADIUS server configuration information. + */ +@Inject +private ConfigurationService confService; + + +/** + * Creates a new instance of RadiusClient, configured with parameters + * from guacamole.properties. + * + * @throws GuacamoleException --- End diff -- Fixed. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161605962 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/ConfigurationService.java --- @@ -0,0 +1,308 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.util.Collections; +import java.util.List; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.environment.Environment; + +/** + * Service for retrieving configuration information regarding the RADIUS server. + */ +public class ConfigurationService { + +/** + * The Guacamole server environment. + */ +@Inject +private Environment environment; + +/** + * Returns the hostname of the RADIUS server as configured with + * guacamole.properties. By default, this will be "localhost". + * + * @return + * The hostname of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusServer() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_SERVER, +"localhost" +); +} + +/** + * Returns the authentication port of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The authentication port of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public int getRadiusAuthPort() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_AUTH_PORT, +1812 +); +} + +/** + * Returns the accounting port of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The accouting port of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public int getRadiusAcctPort() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_ACCT_PORT, +1813 +); +} + +/** + * Returns the shared secret of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The shared secret of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusSharedSecret() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_SHARED_SECRET +); +} + +/** + * Returns the authentication protocol of the RADIUS server + * from guacamole.properties. + * + * @return + * The authentication protocol of the RADIUS server, + * from guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusAuthProtocol() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_AUTH_PROTOCOL +); +} + +/** + * Returns the number of retries for connecting to the RADIUS server + * from guacamole.properti
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161605947 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/ConfigurationService.java --- @@ -0,0 +1,308 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.util.Collections; +import java.util.List; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.environment.Environment; + +/** + * Service for retrieving configuration information regarding the RADIUS server. + */ +public class ConfigurationService { + +/** + * The Guacamole server environment. + */ +@Inject +private Environment environment; + +/** + * Returns the hostname of the RADIUS server as configured with + * guacamole.properties. By default, this will be "localhost". + * + * @return + * The hostname of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusServer() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_SERVER, +"localhost" +); +} + +/** + * Returns the authentication port of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The authentication port of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public int getRadiusAuthPort() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_AUTH_PORT, +1812 +); +} + +/** + * Returns the accounting port of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The accouting port of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public int getRadiusAcctPort() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_ACCT_PORT, +1813 +); +} + +/** + * Returns the shared secret of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The shared secret of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusSharedSecret() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_SHARED_SECRET +); +} + +/** + * Returns the authentication protocol of the RADIUS server + * from guacamole.properties. + * + * @return + * The authentication protocol of the RADIUS server, + * from guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusAuthProtocol() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_AUTH_PROTOCOL +); +} + +/** + * Returns the number of retries for connecting to the RADIUS server + * from guacamole.properti
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161605982 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/ConfigurationService.java --- @@ -0,0 +1,308 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.util.Collections; +import java.util.List; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.environment.Environment; + +/** + * Service for retrieving configuration information regarding the RADIUS server. + */ +public class ConfigurationService { + +/** + * The Guacamole server environment. + */ +@Inject +private Environment environment; + +/** + * Returns the hostname of the RADIUS server as configured with + * guacamole.properties. By default, this will be "localhost". + * + * @return + * The hostname of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusServer() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_SERVER, +"localhost" +); +} + +/** + * Returns the authentication port of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The authentication port of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public int getRadiusAuthPort() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_AUTH_PORT, +1812 +); +} + +/** + * Returns the accounting port of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The accouting port of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public int getRadiusAcctPort() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_ACCT_PORT, +1813 +); +} + +/** + * Returns the shared secret of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The shared secret of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusSharedSecret() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_SHARED_SECRET +); +} + +/** + * Returns the authentication protocol of the RADIUS server + * from guacamole.properties. + * + * @return + * The authentication protocol of the RADIUS server, + * from guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusAuthProtocol() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_AUTH_PROTOCOL +); +} + +/** + * Returns the number of retries for connecting to the RADIUS server + * from guacamole.properti
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161605998 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/ConfigurationService.java --- @@ -0,0 +1,308 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.util.Collections; +import java.util.List; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.environment.Environment; + +/** + * Service for retrieving configuration information regarding the RADIUS server. + */ +public class ConfigurationService { + +/** + * The Guacamole server environment. + */ +@Inject +private Environment environment; + +/** + * Returns the hostname of the RADIUS server as configured with + * guacamole.properties. By default, this will be "localhost". + * + * @return + * The hostname of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusServer() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_SERVER, +"localhost" +); +} + +/** + * Returns the authentication port of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The authentication port of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public int getRadiusAuthPort() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_AUTH_PORT, +1812 +); +} + +/** + * Returns the accounting port of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The accouting port of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public int getRadiusAcctPort() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_ACCT_PORT, +1813 +); +} + +/** + * Returns the shared secret of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The shared secret of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusSharedSecret() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_SHARED_SECRET +); +} + +/** + * Returns the authentication protocol of the RADIUS server + * from guacamole.properties. + * + * @return + * The authentication protocol of the RADIUS server, + * from guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusAuthProtocol() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_AUTH_PROTOCOL +); +} + +/** + * Returns the number of retries for connecting to the RADIUS server + * from guacamole.properti
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161605920 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/ConfigurationService.java --- @@ -0,0 +1,308 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.util.Collections; +import java.util.List; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.environment.Environment; + +/** + * Service for retrieving configuration information regarding the RADIUS server. + */ +public class ConfigurationService { + +/** + * The Guacamole server environment. + */ +@Inject +private Environment environment; + +/** + * Returns the hostname of the RADIUS server as configured with + * guacamole.properties. By default, this will be "localhost". + * + * @return + * The hostname of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusServer() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_SERVER, +"localhost" +); +} + +/** + * Returns the authentication port of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The authentication port of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public int getRadiusAuthPort() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_AUTH_PORT, +1812 +); +} + +/** + * Returns the accounting port of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The accouting port of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public int getRadiusAcctPort() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_ACCT_PORT, +1813 +); +} + +/** + * Returns the shared secret of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The shared secret of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusSharedSecret() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_SHARED_SECRET +); +} + +/** + * Returns the authentication protocol of the RADIUS server + * from guacamole.properties. + * + * @return + * The authentication protocol of the RADIUS server, + * from guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusAuthProtocol() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_AUTH_PROTOCOL +); +} + +/** + * Returns the number of retries for connecting to the RADIUS server + * from guacamole.properti
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161605894 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/ConfigurationService.java --- @@ -0,0 +1,308 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.util.Collections; +import java.util.List; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.environment.Environment; + +/** + * Service for retrieving configuration information regarding the RADIUS server. + */ +public class ConfigurationService { + +/** + * The Guacamole server environment. + */ +@Inject +private Environment environment; + +/** + * Returns the hostname of the RADIUS server as configured with + * guacamole.properties. By default, this will be "localhost". + * + * @return + * The hostname of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusServer() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_SERVER, +"localhost" +); +} + +/** + * Returns the authentication port of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The authentication port of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public int getRadiusAuthPort() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_AUTH_PORT, +1812 +); +} + +/** + * Returns the accounting port of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The accouting port of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public int getRadiusAcctPort() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_ACCT_PORT, +1813 +); +} + +/** + * Returns the shared secret of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The shared secret of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusSharedSecret() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_SHARED_SECRET +); +} + +/** + * Returns the authentication protocol of the RADIUS server + * from guacamole.properties. + * + * @return + * The authentication protocol of the RADIUS server, + * from guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusAuthProtocol() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_AUTH_PROTOCOL +); +} + +/** + * Returns the number of retries for connecting to the RADIUS server + * from guacamole.properti
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161605850 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/ConfigurationService.java --- @@ -0,0 +1,308 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.util.Collections; +import java.util.List; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.environment.Environment; + +/** + * Service for retrieving configuration information regarding the RADIUS server. + */ +public class ConfigurationService { + +/** + * The Guacamole server environment. + */ +@Inject +private Environment environment; + +/** + * Returns the hostname of the RADIUS server as configured with + * guacamole.properties. By default, this will be "localhost". + * + * @return + * The hostname of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusServer() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_SERVER, +"localhost" +); +} + +/** + * Returns the authentication port of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The authentication port of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public int getRadiusAuthPort() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_AUTH_PORT, +1812 +); +} + +/** + * Returns the accounting port of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The accouting port of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public int getRadiusAcctPort() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_ACCT_PORT, +1813 +); +} + +/** + * Returns the shared secret of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The shared secret of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusSharedSecret() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_SHARED_SECRET +); +} + +/** + * Returns the authentication protocol of the RADIUS server --- End diff -- Cleaned up several of these - let me know if there are any other specifics that need attention. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161605791 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/ConfigurationService.java --- @@ -0,0 +1,308 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.util.Collections; +import java.util.List; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.environment.Environment; + +/** + * Service for retrieving configuration information regarding the RADIUS server. + */ +public class ConfigurationService { + +/** + * The Guacamole server environment. + */ +@Inject +private Environment environment; + +/** + * Returns the hostname of the RADIUS server as configured with + * guacamole.properties. By default, this will be "localhost". + * + * @return + * The hostname of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusServer() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_SERVER, +"localhost" +); +} + +/** + * Returns the authentication port of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The authentication port of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public int getRadiusAuthPort() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_AUTH_PORT, +1812 --- End diff -- Done. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161605801 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/ConfigurationService.java --- @@ -0,0 +1,308 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.util.Collections; +import java.util.List; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.environment.Environment; + +/** + * Service for retrieving configuration information regarding the RADIUS server. + */ +public class ConfigurationService { + +/** + * The Guacamole server environment. + */ +@Inject +private Environment environment; + +/** + * Returns the hostname of the RADIUS server as configured with + * guacamole.properties. By default, this will be "localhost". + * + * @return + * The hostname of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public String getRadiusServer() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_SERVER, +"localhost" +); +} + +/** + * Returns the authentication port of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The authentication port of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public int getRadiusAuthPort() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_AUTH_PORT, +1812 +); +} + +/** + * Returns the accounting port of the RADIUS server configured with + * guacamole.properties. + * + * @return + * The accouting port of the RADIUS server, as configured with + * guacamole.properties. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ +public int getRadiusAcctPort() throws GuacamoleException { +return environment.getProperty( +RadiusGuacamoleProperties.RADIUS_ACCT_PORT, +1813 --- End diff -- Done. ---
[GitHub] guacamole-client pull request #204: GUACAMOLE-234: Migration from JLDAP to A...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/204#discussion_r161591522 --- Diff: extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/connection/ConnectionService.java --- @@ -113,56 +123,65 @@ // looking for direct membership in the guacConfigGroup // and possibly any groups the user is a member of that are // referred to in the seeAlso attribute of the guacConfigGroup. -LDAPSearchResults results = ldapConnection.search( -configurationBaseDN, -LDAPConnection.SCOPE_SUB, -connectionSearchFilter, -null, -false, -confService.getLDAPSearchConstraints() -); +SearchRequest request = new SearchRequestImpl(); +request.setBase(configurationBaseDN); +request.setDerefAliases(confService.getDereferenceAliases()); +request.setScope(SearchScope.SUBTREE); +request.setFilter(connectionSearchFilter); +request.setSizeLimit(confService.getMaxResults()); +request.setTimeLimit(confService.getOperationTimeout()); +request.setTypesOnly(false); + +if(confService.getFollowReferrals()) +request.followReferrals(); + +SearchCursor results = ldapConnection.search(request); // Build token filter containing credential tokens TokenFilter tokenFilter = new TokenFilter(); StandardTokens.addStandardTokens(tokenFilter, user); // Produce connections for each readable configuration Map connections = new HashMap(); -while (results.hasMore()) { - -try { - -LDAPEntry entry = results.next(); - -// Get common name (CN) -LDAPAttribute cn = entry.getAttribute("cn"); -if (cn == null) { -logger.warn("guacConfigGroup is missing a cn."); -continue; -} +while (results.next()) { + +// Get the entry +Response response = results.get(); +Entry entry; +if (response instanceof SearchResultEntry) +entry = ((SearchResultEntry)results).getEntry(); +else +continue; + +// Get common name (CN) +Attribute cn = entry.get("cn"); +if (cn == null) { +logger.warn("guacConfigGroup is missing a cn."); +continue; +} -// Get associated protocol -LDAPAttribute protocol = entry.getAttribute("guacConfigProtocol"); -if (protocol == null) { -logger.warn("guacConfigGroup \"{}\" is missing the " - + "required \"guacConfigProtocol\" attribute.", -cn.getStringValue()); -continue; -} +// Get associated protocol +Attribute protocol = entry.get("guacConfigProtocol"); +if (protocol == null) { +logger.warn("guacConfigGroup \"{}\" is missing the " + + "required \"guacConfigProtocol\" attribute.", +cn.getString()); +continue; +} -// Set protocol -GuacamoleConfiguration config = new GuacamoleConfiguration(); -config.setProtocol(protocol.getStringValue()); +// Set protocol +GuacamoleConfiguration config = new GuacamoleConfiguration(); +config.setProtocol(protocol.getString()); -// Get parameters, if any -LDAPAttribute parameterAttribute = entry.getAttribute("guacConfigParameter"); -if (parameterAttribute != null) { +// Get parameters, if any +Attribute parameterAttribute = entry.get("guacConfigParameter"); +if (parameterAttribute != null) { -// For each parameter -Enumeration parameters = parameterAttribute.getStringValues(); -while (parameters.hasMoreElements()) { +// For each parameter
[GitHub] guacamole-client pull request #204: GUACAMOLE-234: Migration from JLDAP to A...
Github user mike-jumper commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/204#discussion_r161587484 --- Diff: extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/connection/ConnectionService.java --- @@ -113,56 +123,65 @@ // looking for direct membership in the guacConfigGroup // and possibly any groups the user is a member of that are // referred to in the seeAlso attribute of the guacConfigGroup. -LDAPSearchResults results = ldapConnection.search( -configurationBaseDN, -LDAPConnection.SCOPE_SUB, -connectionSearchFilter, -null, -false, -confService.getLDAPSearchConstraints() -); +SearchRequest request = new SearchRequestImpl(); +request.setBase(configurationBaseDN); +request.setDerefAliases(confService.getDereferenceAliases()); +request.setScope(SearchScope.SUBTREE); +request.setFilter(connectionSearchFilter); +request.setSizeLimit(confService.getMaxResults()); +request.setTimeLimit(confService.getOperationTimeout()); +request.setTypesOnly(false); + +if(confService.getFollowReferrals()) +request.followReferrals(); + +SearchCursor results = ldapConnection.search(request); // Build token filter containing credential tokens TokenFilter tokenFilter = new TokenFilter(); StandardTokens.addStandardTokens(tokenFilter, user); // Produce connections for each readable configuration Map connections = new HashMap(); -while (results.hasMore()) { - -try { - -LDAPEntry entry = results.next(); - -// Get common name (CN) -LDAPAttribute cn = entry.getAttribute("cn"); -if (cn == null) { -logger.warn("guacConfigGroup is missing a cn."); -continue; -} +while (results.next()) { + +// Get the entry +Response response = results.get(); +Entry entry; +if (response instanceof SearchResultEntry) +entry = ((SearchResultEntry)results).getEntry(); +else +continue; + +// Get common name (CN) +Attribute cn = entry.get("cn"); +if (cn == null) { +logger.warn("guacConfigGroup is missing a cn."); +continue; +} -// Get associated protocol -LDAPAttribute protocol = entry.getAttribute("guacConfigProtocol"); -if (protocol == null) { -logger.warn("guacConfigGroup \"{}\" is missing the " - + "required \"guacConfigProtocol\" attribute.", -cn.getStringValue()); -continue; -} +// Get associated protocol +Attribute protocol = entry.get("guacConfigProtocol"); +if (protocol == null) { +logger.warn("guacConfigGroup \"{}\" is missing the " + + "required \"guacConfigProtocol\" attribute.", +cn.getString()); +continue; +} -// Set protocol -GuacamoleConfiguration config = new GuacamoleConfiguration(); -config.setProtocol(protocol.getStringValue()); +// Set protocol +GuacamoleConfiguration config = new GuacamoleConfiguration(); +config.setProtocol(protocol.getString()); -// Get parameters, if any -LDAPAttribute parameterAttribute = entry.getAttribute("guacConfigParameter"); -if (parameterAttribute != null) { +// Get parameters, if any +Attribute parameterAttribute = entry.get("guacConfigParameter"); +if (parameterAttribute != null) { -// For each parameter -Enumeration parameters = parameterAttribute.getStringValues(); -while (parameters.hasMoreElements()) { +// For each parameter
[GitHub] guacamole-client pull request #204: GUACAMOLE-234: Migration from JLDAP to A...
Github user mike-jumper commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/204#discussion_r161586442 --- Diff: extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/connection/ConnectionService.java --- @@ -113,56 +123,65 @@ // looking for direct membership in the guacConfigGroup // and possibly any groups the user is a member of that are // referred to in the seeAlso attribute of the guacConfigGroup. -LDAPSearchResults results = ldapConnection.search( -configurationBaseDN, -LDAPConnection.SCOPE_SUB, -connectionSearchFilter, -null, -false, -confService.getLDAPSearchConstraints() -); +SearchRequest request = new SearchRequestImpl(); +request.setBase(configurationBaseDN); +request.setDerefAliases(confService.getDereferenceAliases()); +request.setScope(SearchScope.SUBTREE); +request.setFilter(connectionSearchFilter); +request.setSizeLimit(confService.getMaxResults()); +request.setTimeLimit(confService.getOperationTimeout()); +request.setTypesOnly(false); + +if(confService.getFollowReferrals()) +request.followReferrals(); + +SearchCursor results = ldapConnection.search(request); // Build token filter containing credential tokens TokenFilter tokenFilter = new TokenFilter(); StandardTokens.addStandardTokens(tokenFilter, user); // Produce connections for each readable configuration Map connections = new HashMap(); -while (results.hasMore()) { - -try { - -LDAPEntry entry = results.next(); - -// Get common name (CN) -LDAPAttribute cn = entry.getAttribute("cn"); -if (cn == null) { -logger.warn("guacConfigGroup is missing a cn."); -continue; -} +while (results.next()) { + +// Get the entry +Response response = results.get(); +Entry entry; +if (response instanceof SearchResultEntry) +entry = ((SearchResultEntry)results).getEntry(); +else +continue; + +// Get common name (CN) +Attribute cn = entry.get("cn"); +if (cn == null) { +logger.warn("guacConfigGroup is missing a cn."); +continue; +} -// Get associated protocol -LDAPAttribute protocol = entry.getAttribute("guacConfigProtocol"); -if (protocol == null) { -logger.warn("guacConfigGroup \"{}\" is missing the " - + "required \"guacConfigProtocol\" attribute.", -cn.getStringValue()); -continue; -} +// Get associated protocol +Attribute protocol = entry.get("guacConfigProtocol"); +if (protocol == null) { +logger.warn("guacConfigGroup \"{}\" is missing the " + + "required \"guacConfigProtocol\" attribute.", +cn.getString()); +continue; +} -// Set protocol -GuacamoleConfiguration config = new GuacamoleConfiguration(); -config.setProtocol(protocol.getStringValue()); +// Set protocol +GuacamoleConfiguration config = new GuacamoleConfiguration(); +config.setProtocol(protocol.getString()); -// Get parameters, if any -LDAPAttribute parameterAttribute = entry.getAttribute("guacConfigParameter"); -if (parameterAttribute != null) { +// Get parameters, if any +Attribute parameterAttribute = entry.get("guacConfigParameter"); +if (parameterAttribute != null) { -// For each parameter -Enumeration parameters = parameterAttribute.getStringValues(); -while (parameters.hasMoreElements()) { +// For each parameter
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161553177 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java --- @@ -0,0 +1,276 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.io.File; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.InetAddress; +import java.net.UnknownHostException; +import java.security.NoSuchAlgorithmException; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.GuacamoleUnsupportedException; +import org.apache.guacamole.environment.LocalEnvironment; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import net.jradius.client.RadiusClient; +import net.jradius.exception.RadiusException; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.AccessRequest; +import net.jradius.dictionary.*; --- End diff -- Cleaned up. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161553195 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java --- @@ -0,0 +1,276 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.io.File; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.InetAddress; +import java.net.UnknownHostException; +import java.security.NoSuchAlgorithmException; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.GuacamoleUnsupportedException; --- End diff -- Removed. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161553151 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java --- @@ -0,0 +1,276 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.io.File; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.InetAddress; +import java.net.UnknownHostException; +import java.security.NoSuchAlgorithmException; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.GuacamoleUnsupportedException; +import org.apache.guacamole.environment.LocalEnvironment; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import net.jradius.client.RadiusClient; +import net.jradius.exception.RadiusException; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.AccessRequest; +import net.jradius.dictionary.*; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; --- End diff -- Removed. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161553220 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java --- @@ -0,0 +1,276 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.io.File; +import java.io.IOException; +import java.io.UnsupportedEncodingException; --- End diff -- Removed. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161553074 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/form/RadiusChallengeResponseField.java --- @@ -0,0 +1,64 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius.form; + +import org.apache.guacamole.form.Field; +import org.codehaus.jackson.annotate.JsonProperty; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; --- End diff -- Removed. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161552770 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/form/RadiusStateField.java --- @@ -0,0 +1,63 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius.form; + +import org.apache.guacamole.form.Field; +import org.codehaus.jackson.annotate.JsonProperty; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; --- End diff -- Removed. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161549538 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/ConfigurationService.java --- @@ -0,0 +1,308 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import java.util.Collections; +import java.util.List; --- End diff -- Removed. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161549557 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java --- @@ -0,0 +1,216 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import com.google.inject.Provider; +import java.util.Arrays; +import javax.servlet.http.HttpServletRequest; +import org.apache.guacamole.auth.radius.user.AuthenticatedUser; +import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField; +import org.apache.guacamole.auth.radius.form.RadiusStateField; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.form.Field; +import org.apache.guacamole.net.auth.Credentials; +import org.apache.guacamole.net.auth.credentials.CredentialsInfo; +import org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException; +import org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import net.jradius.dictionary.Attr_State; +import net.jradius.dictionary.Attr_ReplyMessage; +import net.jradius.exception.UnknownAttributeException; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.AccessAccept; +import net.jradius.packet.AccessChallenge; +import net.jradius.packet.AccessReject; +import net.jradius.packet.AccessRequest; +import net.jradius.packet.AccessResponse; +import net.jradius.packet.attribute.AttributeList; +import net.jradius.packet.attribute.RadiusAttribute; + +/** + * Service providing convenience functions for the RADIUS AuthenticationProvider + * implementation. + */ +public class AuthenticationProviderService { + +/** + * Logger for this class. + */ +private final Logger logger = LoggerFactory.getLogger(AuthenticationProviderService.class); + +/** + * Service for creating and managing connections to RADIUS servers. + */ +@Inject +private RadiusConnectionService radiusService; + +/** + * Service for retrieving RADIUS server configuration information. + */ +@Inject +private ConfigurationService confService; --- End diff -- Removed. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161549227 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java --- @@ -0,0 +1,216 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import com.google.inject.Provider; +import java.util.Arrays; +import javax.servlet.http.HttpServletRequest; +import org.apache.guacamole.auth.radius.user.AuthenticatedUser; +import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField; +import org.apache.guacamole.auth.radius.form.RadiusStateField; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.form.Field; +import org.apache.guacamole.net.auth.Credentials; +import org.apache.guacamole.net.auth.credentials.CredentialsInfo; +import org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException; +import org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import net.jradius.dictionary.Attr_State; +import net.jradius.dictionary.Attr_ReplyMessage; +import net.jradius.exception.UnknownAttributeException; +import net.jradius.packet.RadiusPacket; +import net.jradius.packet.AccessAccept; +import net.jradius.packet.AccessChallenge; +import net.jradius.packet.AccessReject; +import net.jradius.packet.AccessRequest; +import net.jradius.packet.AccessResponse; +import net.jradius.packet.attribute.AttributeList; --- End diff -- Removed. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161549198 --- Diff: extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java --- @@ -0,0 +1,216 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.guacamole.auth.radius; + +import com.google.inject.Inject; +import com.google.inject.Provider; +import java.util.Arrays; +import javax.servlet.http.HttpServletRequest; +import org.apache.guacamole.auth.radius.user.AuthenticatedUser; +import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField; +import org.apache.guacamole.auth.radius.form.RadiusStateField; +import org.apache.guacamole.GuacamoleException; +import org.apache.guacamole.form.Field; +import org.apache.guacamole.net.auth.Credentials; +import org.apache.guacamole.net.auth.credentials.CredentialsInfo; +import org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException; +import org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import net.jradius.dictionary.Attr_State; +import net.jradius.dictionary.Attr_ReplyMessage; +import net.jradius.exception.UnknownAttributeException; --- End diff -- Removed. ---
[GitHub] guacamole-client pull request #122: GUACAMOLE-197: Implement Support for RAD...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/122#discussion_r161548490 --- Diff: extensions/guacamole-auth-radius/pom.xml --- @@ -0,0 +1,248 @@ + + +http://maven.apache.org/POM/4.0.0"; +xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; +xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 +http://maven.apache.org/maven-v4_0_0.xsd";> + +4.0.0 +org.apache.guacamole +guacamole-auth-radius +jar +0.9.14 +guacamole-auth-radius +http://guacamole.incubator.apache.org/ --- End diff -- Fixed. ---
[GitHub] guacamole-client pull request #204: GUACAMOLE-234: Migration from JLDAP to A...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/204#discussion_r161546250 --- Diff: extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/connection/ConnectionService.java --- @@ -113,56 +123,65 @@ // looking for direct membership in the guacConfigGroup // and possibly any groups the user is a member of that are // referred to in the seeAlso attribute of the guacConfigGroup. -LDAPSearchResults results = ldapConnection.search( -configurationBaseDN, -LDAPConnection.SCOPE_SUB, -connectionSearchFilter, -null, -false, -confService.getLDAPSearchConstraints() -); +SearchRequest request = new SearchRequestImpl(); +request.setBase(configurationBaseDN); +request.setDerefAliases(confService.getDereferenceAliases()); +request.setScope(SearchScope.SUBTREE); +request.setFilter(connectionSearchFilter); +request.setSizeLimit(confService.getMaxResults()); +request.setTimeLimit(confService.getOperationTimeout()); +request.setTypesOnly(false); + +if(confService.getFollowReferrals()) +request.followReferrals(); + +SearchCursor results = ldapConnection.search(request); // Build token filter containing credential tokens TokenFilter tokenFilter = new TokenFilter(); StandardTokens.addStandardTokens(tokenFilter, user); // Produce connections for each readable configuration Map connections = new HashMap(); -while (results.hasMore()) { - -try { - -LDAPEntry entry = results.next(); - -// Get common name (CN) -LDAPAttribute cn = entry.getAttribute("cn"); -if (cn == null) { -logger.warn("guacConfigGroup is missing a cn."); -continue; -} +while (results.next()) { + +// Get the entry +Response response = results.get(); +Entry entry; +if (response instanceof SearchResultEntry) +entry = ((SearchResultEntry)results).getEntry(); +else +continue; + +// Get common name (CN) +Attribute cn = entry.get("cn"); +if (cn == null) { +logger.warn("guacConfigGroup is missing a cn."); +continue; +} -// Get associated protocol -LDAPAttribute protocol = entry.getAttribute("guacConfigProtocol"); -if (protocol == null) { -logger.warn("guacConfigGroup \"{}\" is missing the " - + "required \"guacConfigProtocol\" attribute.", -cn.getStringValue()); -continue; -} +// Get associated protocol +Attribute protocol = entry.get("guacConfigProtocol"); +if (protocol == null) { +logger.warn("guacConfigGroup \"{}\" is missing the " + + "required \"guacConfigProtocol\" attribute.", +cn.getString()); +continue; +} -// Set protocol -GuacamoleConfiguration config = new GuacamoleConfiguration(); -config.setProtocol(protocol.getStringValue()); +// Set protocol +GuacamoleConfiguration config = new GuacamoleConfiguration(); +config.setProtocol(protocol.getString()); -// Get parameters, if any -LDAPAttribute parameterAttribute = entry.getAttribute("guacConfigParameter"); -if (parameterAttribute != null) { +// Get parameters, if any +Attribute parameterAttribute = entry.get("guacConfigParameter"); +if (parameterAttribute != null) { -// For each parameter -Enumeration parameters = parameterAttribute.getStringValues(); -while (parameters.hasMoreElements()) { +// For each parameter
[GitHub] guacamole-client pull request #204: GUACAMOLE-234: Migration from JLDAP to A...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/204#discussion_r161545408 --- Diff: extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPGuacamoleProperties.java --- @@ -176,32 +176,22 @@ private LDAPGuacamoleProperties() {} }; /** - * Whether or not we should follow referrals. + * A time limit on LDAP operations. */ -public static final BooleanGuacamoleProperty LDAP_FOLLOW_REFERRALS = new BooleanGuacamoleProperty() { - -@Override -public String getName() { return "ldap-follow-referrals"; } - -}; - -/** - * Maximum number of referral hops to follow. - */ -public static final IntegerGuacamoleProperty LDAP_MAX_REFERRAL_HOPS = new IntegerGuacamoleProperty() { +public static final IntegerGuacamoleProperty LDAP_OPERATION_TIMEOUT = new IntegerGuacamoleProperty() { @Override -public String getName() { return "ldap-max-referral-hops"; } +public String getName() { return "ldap-operation-timeout"; } }; /** - * Number of seconds to wait for LDAP operations to complete. + * Whether or not to follow referrals. */ -public static final IntegerGuacamoleProperty LDAP_OPERATION_TIMEOUT = new IntegerGuacamoleProperty() { +public static final BooleanGuacamoleProperty LDAP_FOLLOW_REFERRALS = new BooleanGuacamoleProperty() { --- End diff -- Reverted. ---
[GitHub] guacamole-client pull request #204: GUACAMOLE-234: Migration from JLDAP to A...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/204#discussion_r161545288 --- Diff: extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPGuacamoleProperties.java --- @@ -176,32 +176,22 @@ private LDAPGuacamoleProperties() {} }; /** - * Whether or not we should follow referrals. + * A time limit on LDAP operations. --- End diff -- Reverted. ---
[GitHub] guacamole-client pull request #204: GUACAMOLE-234: Migration from JLDAP to A...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/204#discussion_r161544784 --- Diff: extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/AuthenticationProviderService.java --- @@ -124,10 +126,15 @@ private String getUserBindDN(String username) } // Return the single possible DN -return userDNs.get(0); +return new Dn(userDNs.get(0)); --- End diff -- Done - pretty simple change and no apparent downsides. ---
[GitHub] guacamole-client pull request #204: GUACAMOLE-234: Migration from JLDAP to A...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/204#discussion_r161536678 --- Diff: extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/connection/ConnectionService.java --- @@ -189,30 +208,24 @@ connection.setParentIdentifier(LDAPAuthenticationProvider.ROOT_CONNECTION_GROUP); connections.put(name, connection); -} - -// Deal with issues following LDAP referrals -catch (LDAPReferralException e) { --- End diff -- Added back. ---
[GitHub] guacamole-client pull request #204: GUACAMOLE-234: Migration from JLDAP to A...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/204#discussion_r161535344 --- Diff: extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPGuacamoleProperties.java --- @@ -176,32 +176,22 @@ private LDAPGuacamoleProperties() {} }; /** - * Whether or not we should follow referrals. + * A time limit on LDAP operations. */ -public static final BooleanGuacamoleProperty LDAP_FOLLOW_REFERRALS = new BooleanGuacamoleProperty() { - -@Override -public String getName() { return "ldap-follow-referrals"; } - -}; - -/** - * Maximum number of referral hops to follow. - */ -public static final IntegerGuacamoleProperty LDAP_MAX_REFERRAL_HOPS = new IntegerGuacamoleProperty() { --- End diff -- Not that I can tell - let me know if you can find something on it, but I'm unable to find any details on how to do it. ---
[GitHub] guacamole-client pull request #204: GUACAMOLE-234: Migration from JLDAP to A...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/guacamole-client/pull/204#discussion_r161533525 --- Diff: extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/connection/ConnectionService.java --- @@ -189,30 +208,24 @@ connection.setParentIdentifier(LDAPAuthenticationProvider.ROOT_CONNECTION_GROUP); connections.put(name, connection); -} - -// Deal with issues following LDAP referrals -catch (LDAPReferralException e) { --- End diff -- Not sure why it got removed and did not get added back. Added it back and cleaned up some of the other error messages. ---