You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@guacamole.apache.org by mj...@apache.org on 2018/01/30 23:44:40 UTC
[28/50] guacamole-client git commit: GUACAMOLE-197: Reorganize
authenticateUser to remove some duplicate code and make it easier to follow.
GUACAMOLE-197: Reorganize authenticateUser to remove some duplicate code and make it easier to follow.
Project: http://git-wip-us.apache.org/repos/asf/guacamole-client/repo
Commit: http://git-wip-us.apache.org/repos/asf/guacamole-client/commit/6acf0322
Tree: http://git-wip-us.apache.org/repos/asf/guacamole-client/tree/6acf0322
Diff: http://git-wip-us.apache.org/repos/asf/guacamole-client/diff/6acf0322
Branch: refs/heads/master
Commit: 6acf032247dc9b5c5ba54fd02fbf34d550e98554
Parents: 015cb4a
Author: Nick Couchman <vn...@apache.org>
Authored: Fri Jul 14 22:35:31 2017 -0400
Committer: Nick Couchman <vn...@apache.org>
Committed: Mon Jan 29 17:08:11 2018 -0500
----------------------------------------------------------------------
.../radius/AuthenticationProviderService.java | 90 ++++++++------------
1 file changed, 37 insertions(+), 53 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/6acf0322/extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java b/extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
index ad1ac06..fdb7737 100644
--- a/extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
+++ b/extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
@@ -160,51 +160,13 @@ public class AuthenticationProviderService {
logger.debug("Error configuring RADIUS server.", e);
throw new GuacamoleInvalidCredentialsException("Authentication error.", CredentialsInfo.USERNAME_PASSWORD);
}
-
- // No RadiusPacket is returned, we've encountered an error.
- if (radPack == null) {
- logger.debug("Nothing in the RADIUS packet.");
- throw new GuacamoleInvalidCredentialsException("Authentication error.", CredentialsInfo.USERNAME_PASSWORD);
- }
-
- // Received AccessReject packet, login is denied.
- else if (radPack instanceof AccessReject) {
- logger.debug("Login has been rejected by RADIUS server.");
- throw new GuacamoleInvalidCredentialsException("Authentication failed.", CredentialsInfo.USERNAME_PASSWORD);
- }
-
- // Received AccessChallenge packet, more credentials required to complete authentication
- else if (radPack instanceof AccessChallenge) {
- CredentialsInfo expectedCredentials = getRadiusChallenge(radPack);
-
- if (expectedCredentials == null)
- throw new GuacamoleInvalidCredentialsException("Authentication error.", CredentialsInfo.USERNAME_PASSWORD);
-
- throw new GuacamoleInsufficientCredentialsException("LOGIN.INFO_RADIUS_ADDL_REQUIRED", expectedCredentials);
- }
-
- // Received AccessAccept, authentication has succeeded
- else if (radPack instanceof AccessAccept) {
- try {
- AuthenticatedUser authenticatedUser = authenticatedUserProvider.get();
- authenticatedUser.init(credentials);
- return authenticatedUser;
- }
- finally {
- radiusService.disconnect();
- }
- }
-
- // Something unanticipated happened, so panic and go back to login.
- else {
- logger.error("Unexpected failure authenticating with RADIUS server.");
- throw new GuacamoleInvalidCredentialsException("Unknown error trying to authenticate.", CredentialsInfo.USERNAME_PASSWORD);
+ finally {
+ radiusService.disconnect();
}
}
- // This is a response to a challenge, so authenticate with that response
+ // This is a response to a previous challenge, authenticate with that.
else {
-
try {
radPack = radiusService.authenticate(credentials.getUsername(),
request.getParameter(RadiusStateField.PARAMETER_NAME),
@@ -218,21 +180,43 @@ public class AuthenticationProviderService {
finally {
radiusService.disconnect();
}
+ }
- // Received AccessAccept, authentication succeeded.
- if (radPack instanceof AccessAccept) {
- AuthenticatedUser authenticatedUser = authenticatedUserProvider.get();
- authenticatedUser.init(credentials);
- return authenticatedUser;
- }
+ // No RadiusPacket is returned, we've encountered an error.
+ if (radPack == null) {
+ logger.debug("Nothing in the RADIUS packet.");
+ throw new GuacamoleInvalidCredentialsException("Authentication error.", CredentialsInfo.USERNAME_PASSWORD);
+ }
- // Authentication failed.
- else {
- logger.warn("RADIUS Challenge/Response authentication failed.");
- logger.debug("Received something other than AccessAccept packet from the RADIUS server.");
- throw new GuacamoleInvalidCredentialsException("Authentication failed.", CredentialsInfo.USERNAME_PASSWORD);
- }
+ // Received AccessReject packet, login is denied.
+ else if (radPack instanceof AccessReject) {
+ logger.debug("Login has been rejected by RADIUS server.");
+ throw new GuacamoleInvalidCredentialsException("Authentication failed.", CredentialsInfo.USERNAME_PASSWORD);
}
+
+ // Received AccessAccept, authentication has succeeded
+ else if (radPack instanceof AccessAccept) {
+ AuthenticatedUser authenticatedUser = authenticatedUserProvider.get();
+ authenticatedUser.init(credentials);
+ return authenticatedUser;
+ }
+
+ // Received AccessChallenge packet, more credentials required to complete authentication
+ else if (radPack instanceof AccessChallenge) {
+ CredentialsInfo expectedCredentials = getRadiusChallenge(radPack);
+
+ if (expectedCredentials == null)
+ throw new GuacamoleInvalidCredentialsException("Authentication error.", CredentialsInfo.USERNAME_PASSWORD);
+
+ throw new GuacamoleInsufficientCredentialsException("LOGIN.INFO_RADIUS_ADDL_REQUIRED", expectedCredentials);
+ }
+
+ // Something unanticipated happened, so panic and go back to login.
+ else {
+ logger.error("Unexpected failure authenticating with RADIUS server.");
+ throw new GuacamoleInvalidCredentialsException("Unknown error trying to authenticate.", CredentialsInfo.USERNAME_PASSWORD);
+ }
+
}
}