You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@guacamole.apache.org by jm...@apache.org on 2016/07/30 18:22:32 UTC
[3/5] incubator-guacamole-client git commit: GUACAMOLE-5: Establish
distinction between the AuthenticationProvider storing a user's data and the
AuthenticationProvider which authenticated the user.
GUACAMOLE-5: Establish distinction between the AuthenticationProvider storing a user's data and the AuthenticationProvider which authenticated the user.
Project: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/commit/ad697c4f
Tree: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/tree/ad697c4f
Diff: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/diff/ad697c4f
Branch: refs/heads/master
Commit: ad697c4fc5d09a21cda0a939b43b8b26ad3850b3
Parents: 872aac3
Author: Michael Jumper <mj...@apache.org>
Authored: Thu Jul 28 21:42:55 2016 -0700
Committer: Michael Jumper <mj...@apache.org>
Committed: Fri Jul 29 21:55:19 2016 -0700
----------------------------------------------------------------------
.../jdbc/AuthenticationProviderService.java | 8 ++-
.../jdbc/InjectedAuthenticationProvider.java | 2 +-
.../jdbc/JDBCAuthenticationProviderService.java | 4 +-
.../SharedAuthenticationProviderService.java | 1 +
.../auth/jdbc/user/AuthenticatedUser.java | 61 ++++++++++++++++++--
.../guacamole/auth/jdbc/user/UserContext.java | 2 +-
.../guacamole/auth/jdbc/user/UserService.java | 10 +++-
7 files changed, 75 insertions(+), 13 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/ad697c4f/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/AuthenticationProviderService.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/AuthenticationProviderService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/AuthenticationProviderService.java
index a821bfa..625006b 100644
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/AuthenticationProviderService.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/AuthenticationProviderService.java
@@ -63,6 +63,10 @@ public interface AuthenticationProviderService {
* user. A new placeholder account will be created for any user that does
* not already exist within the database.
*
+ * @param authenticationProvider
+ * The AuthenticationProvider on behalf of which the UserContext is
+ * being produced.
+ *
* @param authenticatedUser
* The credentials to use to produce the UserContext.
*
@@ -74,7 +78,7 @@ public interface AuthenticationProviderService {
* If an error occurs during authentication, or if the given
* credentials are invalid or expired.
*/
- public UserContext getUserContext(AuthenticatedUser authenticatedUser)
- throws GuacamoleException;
+ public UserContext getUserContext(AuthenticationProvider authenticationProvider,
+ AuthenticatedUser authenticatedUser) throws GuacamoleException;
}
http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/ad697c4f/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/InjectedAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/InjectedAuthenticationProvider.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/InjectedAuthenticationProvider.java
index cc25e4a..e33dcf3 100644
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/InjectedAuthenticationProvider.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/InjectedAuthenticationProvider.java
@@ -90,7 +90,7 @@ public abstract class InjectedAuthenticationProvider implements AuthenticationPr
@Override
public UserContext getUserContext(AuthenticatedUser authenticatedUser)
throws GuacamoleException {
- return authProviderService.getUserContext(authenticatedUser);
+ return authProviderService.getUserContext(this, authenticatedUser);
}
@Override
http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/ad697c4f/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java
index 07b7382..e5743f4 100644
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java
@@ -67,11 +67,11 @@ public class JDBCAuthenticationProviderService implements AuthenticationProvider
}
@Override
- public org.apache.guacamole.net.auth.UserContext getUserContext(
+ public UserContext getUserContext(AuthenticationProvider authenticationProvider,
AuthenticatedUser authenticatedUser) throws GuacamoleException {
// Retrieve user account for already-authenticated user
- ModeledUser user = userService.retrieveUser(authenticatedUser);
+ ModeledUser user = userService.retrieveUser(authenticationProvider, authenticatedUser);
if (user == null)
return null;
http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/ad697c4f/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SharedAuthenticationProviderService.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SharedAuthenticationProviderService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SharedAuthenticationProviderService.java
index 1ca667a..cd4e6c2 100644
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SharedAuthenticationProviderService.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharing/SharedAuthenticationProviderService.java
@@ -67,6 +67,7 @@ public class SharedAuthenticationProviderService implements AuthenticationProvid
@Override
public org.apache.guacamole.net.auth.UserContext getUserContext(
+ AuthenticationProvider authenticationProvider,
AuthenticatedUser authenticatedUser) throws GuacamoleException {
// Produce sharing-specific user context if this is the user of a shared connection
http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/ad697c4f/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/AuthenticatedUser.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/AuthenticatedUser.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/AuthenticatedUser.java
index d58c2e3..377606b 100644
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/AuthenticatedUser.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/AuthenticatedUser.java
@@ -33,11 +33,18 @@ import org.apache.guacamole.net.auth.Credentials;
public class AuthenticatedUser extends RemoteAuthenticatedUser {
/**
- * The user that authenticated.
+ * The ModeledUser object which is backed by the data associated with this
+ * user in the database.
*/
private final ModeledUser user;
/**
+ * The AuthenticationProvider that is associated with this user's
+ * corresponding ModeledUser.
+ */
+ private final AuthenticationProvider modelAuthenticationProvider;
+
+ /**
* The connections which have been committed for use by this user in the
* context of a balancing connection group. Balancing connection groups
* will preferentially choose connections within this set, unless those
@@ -49,14 +56,41 @@ public class AuthenticatedUser extends RemoteAuthenticatedUser {
Collections.newSetFromMap(new ConcurrentHashMap<String, Boolean>());
/**
+ * Creates a copy of the given AuthenticatedUser which is associated with
+ * the data stored in the provided ModeledUser. The AuthenticatedUser need
+ * not have come from the same AuthenticationProvider which produced the
+ * given ModeledUser.
+ *
+ * @param authenticatedUser
+ * An existing AuthenticatedUser representing the user that
+ * authenticated.
+ *
+ * @param modelAuthenticationProvider
+ * The AuthenticationProvider that is associated with the given user's
+ * corresponding ModeledUser.
+ *
+ * @param user
+ * A ModeledUser object which is backed by the data associated with
+ * this user in the database.
+ */
+ public AuthenticatedUser(org.apache.guacamole.net.auth.AuthenticatedUser authenticatedUser,
+ AuthenticationProvider modelAuthenticationProvider, ModeledUser user) {
+ super(authenticatedUser.getAuthenticationProvider(), authenticatedUser.getCredentials());
+ this.modelAuthenticationProvider = modelAuthenticationProvider;
+ this.user = user;
+ }
+
+ /**
* Creates a new AuthenticatedUser associating the given user with their
* corresponding credentials.
*
* @param authenticationProvider
- * The AuthenticationProvider that has authenticated the given user.
+ * The AuthenticationProvider that has authenticated the given user
+ * and which produced the given ModeledUser.
*
* @param user
- * The user this object should represent.
+ * A ModeledUser object which is backed by the data associated with
+ * this user in the database.
*
* @param credentials
* The credentials given by the user when they authenticated.
@@ -64,20 +98,37 @@ public class AuthenticatedUser extends RemoteAuthenticatedUser {
public AuthenticatedUser(AuthenticationProvider authenticationProvider,
ModeledUser user, Credentials credentials) {
super(authenticationProvider, credentials);
+ this.modelAuthenticationProvider = authenticationProvider;
this.user = user;
}
/**
- * Returns the user that authenticated.
+ * Returns a ModeledUser object which is backed by the data associated with
+ * this user within the database.
*
* @return
- * The user that authenticated.
+ * A ModeledUser object which is backed by the data associated with
+ * this user in the database.
*/
public ModeledUser getUser() {
return user;
}
/**
+ * Returns the AuthenticationProvider which produced the ModeledUser
+ * retrievable via getUser(). This is not necessarily the same as the
+ * AuthenticationProvider which authenticated that user, which can be
+ * retrieved with getAuthenticationProvider().
+ *
+ * @return
+ * The AuthenticationProvider which produced the ModeledUser
+ * retrievable via getUser().
+ */
+ public AuthenticationProvider getModelAuthenticationProvider() {
+ return modelAuthenticationProvider;
+ }
+
+ /**
* Returns whether the connection having the given identifier has been
* marked as preferred for this user's current Guacamole session. A
* preferred connection is always chosen in favor of other connections when
http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/ad697c4f/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserContext.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserContext.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserContext.java
index a3c646f..a6a1f76 100644
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserContext.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserContext.java
@@ -121,7 +121,7 @@ public class UserContext extends RestrictedObject
@Override
public AuthenticationProvider getAuthenticationProvider() {
- return getCurrentUser().getAuthenticationProvider();
+ return getCurrentUser().getModelAuthenticationProvider();
}
@Override
http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/ad697c4f/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java
index 3d5a9e5..3727f39 100644
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java
@@ -353,6 +353,10 @@ public class UserService extends ModeledDirectoryObjectService<ModeledUser, User
* Retrieves the user corresponding to the given AuthenticatedUser from the
* database.
*
+ * @param authenticationProvider
+ * The AuthenticationProvider on behalf of which the user is being
+ * retrieved.
+ *
* @param authenticatedUser
* The AuthenticatedUser to retrieve the corresponding ModeledUser of.
*
@@ -360,7 +364,8 @@ public class UserService extends ModeledDirectoryObjectService<ModeledUser, User
* The ModeledUser which corresponds to the given AuthenticatedUser, or
* null if no such user exists.
*/
- public ModeledUser retrieveUser(org.apache.guacamole.net.auth.AuthenticatedUser authenticatedUser) {
+ public ModeledUser retrieveUser(AuthenticationProvider authenticationProvider,
+ org.apache.guacamole.net.auth.AuthenticatedUser authenticatedUser) {
// If we already queried this user, return that rather than querying again
if (authenticatedUser instanceof AuthenticatedUser)
@@ -376,7 +381,8 @@ public class UserService extends ModeledDirectoryObjectService<ModeledUser, User
// Create corresponding user object, set up cyclic reference
ModeledUser user = getObjectInstance(null, userModel);
- user.setCurrentUser(new AuthenticatedUser(authenticatedUser.getAuthenticationProvider(), user, authenticatedUser.getCredentials()));
+ user.setCurrentUser(new AuthenticatedUser(authenticatedUser,
+ authenticationProvider, user));
// Return already-authenticated user
return user;