On Sat, Oct 7, 2017 at 12:03 AM, shaykeren <sha...@quali.com> wrote: > Our extension inherit from AuthenticationProvider > In authenticateUser method We are validating credentials.getRequest(). > in case the request(HttpServletRequest) contains invalid parameter an > exception is raised (GuacamoleException) with the right message. > > Basically our users are being redirected to guacamole in order to SSH/RDP. > Our custom AuthenticationProvider sets GuacamoleConfiguration with the > pre-selected protocol parameters. > Thanks! > > Any Idea? > > If you throw the lowest-level, Guacamole-specific exception available (GuacamoleException), there is no semantic information surrounding that exception for the web application to handle that error in a way which makes sense. It will be converted to a hard HTTP 500 status code, and authentication will abort.
Depending on what exactly you're looking for, there are other exceptions available for: * Notifying the user that something they've entered is invalid (GuacamoleClientException). Example: [1] * Requesting that the user provide entirely new credentials (GuacamoleInvalidCredentialsException). Example: [2] * Requesting that the user provide additional credentials (GuacamoleInsufficientCredentialsException). Example: [3] Error handling within the web application will not necessarily have the effect you're looking for, though. If you're only using Guacamole to service individual connections, you should probably look into building your own application using the Guacamole API. It's still unclear exactly what you're aiming for, what the intended user experience is, etc. It's clear that you are validating HTTP parameters during authentication, and that you wish to display an error, but the context of that error is unknown; Guacamole performs authentication on absolutely all pages, so this parameter could be coming from anywhere. It would be helpful if you could walk through the user experience, starting from what they see within the non-Guacamole part of your application. - Mike [1] https://github.com/apache/incubator-guacamole-client/blob/728d9b937c80bbf61ac79dd563dc1775203b34e6/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java#L98-L100 [2] https://github.com/apache/incubator-guacamole-client/blob/728d9b937c80bbf61ac79dd563dc1775203b34e6/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java#L79-L80 [3] https://github.com/apache/incubator-guacamole-client/blob/728d9b937c80bbf61ac79dd563dc1775203b34e6/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java#L434-L438