1 package net.sourceforge.guacamole.net.basic;
4 * Guacamole - Clientless Remote Desktop
5 * Copyright (C) 2010 Michael Jumper
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU Affero General Public License as published by
9 * the Free Software Foundation, either version 3 of the License, or
10 * (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU Affero General Public License for more details.
17 * You should have received a copy of the GNU Affero General Public License
18 * along with this program. If not, see <http://www.gnu.org/licenses/>.
21 import net.sourceforge.guacamole.net.auth.AuthenticationProvider;
22 import java.io.IOException;
24 import javax.servlet.ServletException;
25 import javax.servlet.http.HttpServlet;
26 import javax.servlet.http.HttpServletRequest;
27 import javax.servlet.http.HttpServletResponse;
28 import javax.servlet.http.HttpSession;
29 import net.sourceforge.guacamole.GuacamoleException;
30 import net.sourceforge.guacamole.net.auth.Credentials;
31 import net.sourceforge.guacamole.properties.GuacamoleProperties;
32 import net.sourceforge.guacamole.net.basic.properties.BasicGuacamoleProperties;
33 import net.sourceforge.guacamole.protocol.GuacamoleConfiguration;
34 import org.slf4j.Logger;
35 import org.slf4j.LoggerFactory;
38 * Retrieves the authorized configurations associated with a given
39 * username/password pair using the authentication provider defined in
40 * guacamole.properties.
42 * All authorized configurations will be stored in the current HttpSession.
44 * Success and failure are logged.
46 * @author Michael Jumper
48 public class BasicLogin extends HttpServlet {
50 private Logger logger = LoggerFactory.getLogger(BasicLogin.class);
52 private AuthenticationProvider authProvider;
55 public void init() throws ServletException {
57 // Get auth provider instance
59 authProvider = GuacamoleProperties.getRequiredProperty(BasicGuacamoleProperties.AUTH_PROVIDER);
61 catch (GuacamoleException e) {
62 logger.error("Error getting authentication provider from properties.", e);
63 throw new ServletException(e);
69 protected void service(HttpServletRequest request, HttpServletResponse response)
72 HttpSession httpSession = request.getSession(true);
74 // Retrieve username and password from parms
75 String username = request.getParameter("username");
76 String password = request.getParameter("password");
78 // Build credentials object
79 Credentials credentials = new Credentials ();
80 credentials.setSession(httpSession);
81 credentials.setRequest(request);
82 credentials.setUsername(username);
83 credentials.setPassword(password);
85 // Get authorized configs
86 Map<String, GuacamoleConfiguration> configs;
88 configs = authProvider.getAuthorizedConfigurations(credentials);
90 catch (GuacamoleException e) {
91 logger.error("Error retrieving configuration(s) for user {}.", username);
92 response.sendError(HttpServletResponse.SC_FORBIDDEN);
96 if (configs == null) {
97 logger.warn("Failed login from {} for user \"{}\".", request.getRemoteAddr(), username);
98 response.sendError(HttpServletResponse.SC_FORBIDDEN);
102 logger.info("Successful login from {} for user \"{}\".", request.getRemoteAddr(), username);
104 // Associate configs with session
105 httpSession.setAttribute("GUAC_CONFIGS", configs);