private Logger logger = LoggerFactory.getLogger(AuthenticatingHttpServlet.class);
/**
+ * The session attribute holding the map of configurations.
+ */
+ private static final String CONFIGURATIONS_ATTRIBUTE = "GUAC_CONFIGS";
+
+ /**
+ * The session attribute holding the credentials authorizing this session.
+ */
+ private static final String CREDENTIALS_ATTRIBUTE = "GUAC_CREDS";
+
+ /**
* The error message to be provided to the client user if authentication
* fails for ANY REASON.
*/
* @throws IOException If an error occurs while sending the error.
*/
private void failAuthentication(HttpServletResponse response) throws IOException {
- response.setHeader("X-Guacamole-Error-Message", AUTH_ERROR_MESSAGE);
response.sendError(HttpServletResponse.SC_FORBIDDEN);
}
+ /**
+ * Returns the credentials associated with the given session.
+ *
+ * @param session The session to retrieve credentials from.
+ * @return The credentials associated with the given session.
+ */
+ protected Credentials getCredentials(HttpSession session) {
+ return (Credentials) session.getAttribute(CREDENTIALS_ATTRIBUTE);
+ }
+
+ /**
+ * Returns the configurations associated with the given session.
+ *
+ * @param session The session to retrieve configurations from.
+ * @return The configurations associated with the given session.
+ */
+ protected Map<String, GuacamoleConfiguration> getConfigurations(HttpSession session) {
+ return (Map<String, GuacamoleConfiguration>) session.getAttribute(CONFIGURATIONS_ATTRIBUTE);
+ }
+
@Override
protected void service(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
HttpSession httpSession = request.getSession(true);
// Try to get configs from session
- Map<String, GuacamoleConfiguration> configs =
- (Map<String, GuacamoleConfiguration>) httpSession.getAttribute("GUAC_CONFIGS");
+ Map<String, GuacamoleConfiguration> configs = getConfigurations(httpSession);
// If no configs, try to authenticate the user to get the configs using
// this request.
String password = request.getParameter("password");
// Build credentials object
- Credentials credentials = new Credentials ();
+ Credentials credentials = new Credentials();
credentials.setSession(httpSession);
credentials.setRequest(request);
credentials.setUsername(username);
credentials.setPassword(password);
-
+
// Get authorized configs
try {
configs = authProvider.getAuthorizedConfigurations(credentials);
// If error retrieving configs, fail authentication, notify listeners
catch (GuacamoleException e) {
- logger.error("Error retrieving configuration(s) for user \"{}\".", username);
+ logger.error("Error retrieving configuration(s) for user \"{}\".",
+ credentials.getUsername());
notifyFailed(listeners, credentials);
failAuthentication(response);
// If no configs, fail authentication, notify listeners
if (configs == null) {
logger.warn("Authentication attempt from {} for user \"{}\" failed.",
- request.getRemoteAddr(), username);
+ request.getRemoteAddr(), credentials.getUsername());
notifyFailed(listeners, credentials);
failAuthentication(response);
// Otherwise, authentication has been succesful
logger.info("User \"{}\" successfully authenticated from {}.",
- username, request.getRemoteAddr());
+ credentials.getUsername(), request.getRemoteAddr());
// Notify of success, cancel if requested
if (!notifySuccess(listeners, credentials)) {
}
- // Associate configs with session
- httpSession.setAttribute("GUAC_CONFIGS", configs);
+ // Associate configs and credentials with session
+ httpSession.setAttribute(CONFIGURATIONS_ATTRIBUTE, configs);
+ httpSession.setAttribute(CREDENTIALS_ATTRIBUTE, credentials);
}
projects / guacamole.git / blobdiff