You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@guacamole.apache.org by vn...@apache.org on 2023/03/08 02:00:04 UTC
[guacamole-client] branch master updated (b28334184 -> 23a5c9476)
This is an automated email from the ASF dual-hosted git repository.
vnick pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/guacamole-client.git
from b28334184 GUACAMOLE-1740: Merge corrections to breadth of clipboard editor CSS.
add 1015df6b4 GUACAMOLE-839: Move nonce-generation service to internal common SSO library.
add f2c7d746e GUACAMOLE-839: Move authentication session management service to internal common SSO library.
add 841190df5 GUACAMOLE-839: Generate case-insensitive nonce values that can safely be used in domains.
add e51d54899 GUACAMOLE-839: Ensure each NonceService instance has its own context (will not validate the nonces of other contexts).
add 2e8cf8223 GUACAMOLE-839: As with NonceService, ensure each auth session manager instance has its own context and will not validate the sessions of other session managers.
add 6bf0b8cf6 GUACAMOLE-839: Allow testing of null nonce values.
add e2a6947ff GUACAMOLE-839: Implement base support for SSO using SSL/TLS authentication (certificates / smart cards).
add 9177cac3c GUACAMOLE-839: Allow authenticationService to affect login screen even if not invoked by login screen.
add b6ce47762 GUACAMOLE-839: Support deferred retrieval of authentication parameters.
add 38f1360de GUACAMOLE-839: Ensure SSL/TLS client auth failures are reflected in the Guacamole UI.
add 825532651 GUACAMOLE-839: Move SSL/TLS client auth logic to separate service.
add 0b5b82cc4 GUACAMOLE-839: Allow accepted subject DNs to be restricted via configuration.
add b9958fa33 GUACAMOLE-839: Include SSL/TLS auth support within SSO dist archive.
add d0574f8d8 GUACAMOLE-839: Use BouncyCastle for retrieval of certificate details.
add 9f8bb71b0 GUACAMOLE-839: Correct JavaDoc for parameters of getUsername().
add 82073a597 GUACAMOLE-839: Correct typo in JavaDoc of decode() - "valid", not "value".
new 23a5c9476 GUACAMOLE-839: Merge add webapp SSO support for certificates / smart cards.
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../LICENSE | 0
.../README | 6 +-
.../dep-coordinates.txt | 1 +
.../guacamole/auth/sso/AuthenticationSession.java | 58 +++
.../auth/sso}/AuthenticationSessionManager.java | 72 ++--
.../guacamole/auth/sso/IdentifierGenerator.java | 106 +++++
.../apache/guacamole/auth/sso}/NonceService.java | 36 +-
.../src/main/resources/translations/en.json | 5 +
.../modules/guacamole-auth-sso-dist/pom.xml | 7 +
.../src/main/assembly/dist.xml | 9 +
.../auth/openid/AuthenticationProviderService.java | 2 +-
.../openid/OpenIDAuthenticationProviderModule.java | 5 +-
.../auth/openid/token/TokenValidationService.java | 1 +
.../auth/saml/AuthenticationProviderService.java | 4 +-
.../saml/SAMLAuthenticationProviderModule.java | 6 +-
.../saml/acs/AssertionConsumerServiceResource.java | 4 +-
.../auth/saml/acs/IdentifierGenerator.java | 54 ---
...Session.java => SAMLAuthenticationSession.java} | 28 +-
.../saml/acs/SAMLAuthenticationSessionManager.java | 59 +++
.../guacamole/auth/saml/acs/SAMLService.java | 14 +-
.../.gitignore | 0
.../modules/guacamole-auth-sso-ssl}/.ratignore | 0
.../pom.xml | 21 +-
.../auth/ssl/AuthenticationProviderService.java | 171 ++++++++
.../auth/ssl/OpaqueAuthenticationResult.java | 65 +++
.../auth/ssl/SSLAuthenticationProvider.java} | 31 +-
.../auth/ssl/SSLAuthenticationProviderModule.java} | 15 +-
.../auth/ssl/SSLAuthenticationSession.java | 64 +++
.../auth/ssl/SSLAuthenticationSessionManager.java | 60 +++
.../auth/ssl/SSLClientAuthenticationResource.java | 412 +++++++++++++++++++
.../auth/ssl/conf/ConfigurationService.java | 440 +++++++++++++++++++++
.../auth/ssl}/conf/LdapNameGuacamoleProperty.java | 19 +-
.../ssl/conf/WildcardURIGuacamoleProperty.java | 66 ++++
.../src/main/resources/directives/guacSslAuth.js} | 50 ++-
.../src/main/resources/guac-manifest.json | 12 +-
.../src/main/resources/html/sso-provider-ssl.html | 4 +
.../src/main/resources/license.txt | 0
.../main/resources/services/clientAuthService.js | 43 +-
.../src/main/resources/sslModule.js | 9 +-
extensions/guacamole-auth-sso/pom.xml | 1 +
.../src/app/auth/service/authenticationService.js | 149 ++++---
.../frontend/src/app/login/directives/login.js | 88 ++---
42 files changed, 1862 insertions(+), 335 deletions(-)
copy doc/licenses/{bouncycastle-fips-1.0.2.3 => bouncycastle-pkix-fips-1.0.7}/LICENSE (100%)
copy doc/licenses/{bouncycastle-fips-1.0.2.3 => bouncycastle-pkix-fips-1.0.7}/README (50%)
create mode 100644 doc/licenses/bouncycastle-pkix-fips-1.0.7/dep-coordinates.txt
create mode 100644 extensions/guacamole-auth-sso/modules/guacamole-auth-sso-base/src/main/java/org/apache/guacamole/auth/sso/AuthenticationSession.java
rename extensions/guacamole-auth-sso/modules/{guacamole-auth-sso-saml/src/main/java/org/apache/guacamole/auth/saml/acs => guacamole-auth-sso-base/src/main/java/org/apache/guacamole/auth/sso}/AuthenticationSessionManager.java (72%)
create mode 100644 extensions/guacamole-auth-sso/modules/guacamole-auth-sso-base/src/main/java/org/apache/guacamole/auth/sso/IdentifierGenerator.java
rename extensions/guacamole-auth-sso/modules/{guacamole-auth-sso-openid/src/main/java/org/apache/guacamole/auth/openid/token => guacamole-auth-sso-base/src/main/java/org/apache/guacamole/auth/sso}/NonceService.java (80%)
delete mode 100644 extensions/guacamole-auth-sso/modules/guacamole-auth-sso-saml/src/main/java/org/apache/guacamole/auth/saml/acs/IdentifierGenerator.java
rename extensions/guacamole-auth-sso/modules/guacamole-auth-sso-saml/src/main/java/org/apache/guacamole/auth/saml/acs/{AuthenticationSession.java => SAMLAuthenticationSession.java} (77%)
create mode 100644 extensions/guacamole-auth-sso/modules/guacamole-auth-sso-saml/src/main/java/org/apache/guacamole/auth/saml/acs/SAMLAuthenticationSessionManager.java
copy extensions/guacamole-auth-sso/modules/{guacamole-auth-sso-cas => guacamole-auth-sso-ssl}/.gitignore (100%)
copy extensions/{guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base => guacamole-auth-sso/modules/guacamole-auth-sso-ssl}/.ratignore (100%)
copy extensions/guacamole-auth-sso/modules/{guacamole-auth-sso-openid => guacamole-auth-sso-ssl}/pom.xml (92%)
create mode 100644 extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/AuthenticationProviderService.java
create mode 100644 extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/OpaqueAuthenticationResult.java
copy extensions/guacamole-auth-sso/modules/{guacamole-auth-sso-cas/src/main/java/org/apache/guacamole/auth/cas/CASAuthenticationProvider.java => guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/SSLAuthenticationProvider.java} (55%)
copy extensions/guacamole-auth-sso/modules/{guacamole-auth-sso-cas/src/main/java/org/apache/guacamole/auth/cas/CASAuthenticationProviderModule.java => guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/SSLAuthenticationProviderModule.java} (67%)
create mode 100644 extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/SSLAuthenticationSession.java
create mode 100644 extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/SSLAuthenticationSessionManager.java
create mode 100644 extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/SSLClientAuthenticationResource.java
create mode 100644 extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/conf/ConfigurationService.java
copy extensions/guacamole-auth-sso/modules/{guacamole-auth-sso-cas/src/main/java/org/apache/guacamole/auth/cas => guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl}/conf/LdapNameGuacamoleProperty.java (74%)
create mode 100644 extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/conf/WildcardURIGuacamoleProperty.java
copy extensions/{guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/security/PasswordRequiresSymbolException.java => guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/resources/directives/guacSslAuth.js} (53%)
copy extensions/guacamole-auth-sso/modules/{guacamole-auth-sso-cas => guacamole-auth-sso-ssl}/src/main/resources/guac-manifest.json (70%)
create mode 100644 extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/resources/html/sso-provider-ssl.html
copy extensions/{guacamole-auth-duo => guacamole-auth-sso/modules/guacamole-auth-sso-ssl}/src/main/resources/license.txt (100%)
copy guacamole/src/main/frontend/src/app/rest/services/languageService.js => extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/resources/services/clientAuthService.js (50%)
copy guacamole/src/main/frontend/src/app/navigation/navigationModule.js => extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/resources/sslModule.js (78%)
[guacamole-client] 01/01: GUACAMOLE-839: Merge add webapp SSO support for certificates / smart cards.
Posted by vn...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
vnick pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/guacamole-client.git
commit 23a5c9476f22f7f2ef4f30323e522b77d7149e11
Merge: b28334184 82073a597
Author: Virtually Nick <ne...@users.noreply.github.com>
AuthorDate: Tue Mar 7 20:59:57 2023 -0500
GUACAMOLE-839: Merge add webapp SSO support for certificates / smart cards.
doc/licenses/bouncycastle-pkix-fips-1.0.7/LICENSE | 20 +
doc/licenses/bouncycastle-pkix-fips-1.0.7/README | 8 +
.../dep-coordinates.txt | 1 +
.../guacamole/auth/sso/AuthenticationSession.java | 58 +++
.../auth/sso}/AuthenticationSessionManager.java | 72 ++--
.../guacamole/auth/sso/IdentifierGenerator.java | 106 +++++
.../apache/guacamole/auth/sso}/NonceService.java | 36 +-
.../src/main/resources/translations/en.json | 5 +
.../modules/guacamole-auth-sso-dist/pom.xml | 7 +
.../src/main/assembly/dist.xml | 9 +
.../auth/openid/AuthenticationProviderService.java | 2 +-
.../openid/OpenIDAuthenticationProviderModule.java | 5 +-
.../auth/openid/token/TokenValidationService.java | 1 +
.../auth/saml/AuthenticationProviderService.java | 4 +-
.../saml/SAMLAuthenticationProviderModule.java | 6 +-
.../saml/acs/AssertionConsumerServiceResource.java | 4 +-
.../auth/saml/acs/IdentifierGenerator.java | 54 ---
...Session.java => SAMLAuthenticationSession.java} | 28 +-
.../saml/acs/SAMLAuthenticationSessionManager.java | 59 +++
.../guacamole/auth/saml/acs/SAMLService.java | 14 +-
.../modules/guacamole-auth-sso-ssl/.gitignore | 3 +
.../modules/guacamole-auth-sso-ssl/.ratignore | 1 +
.../modules/guacamole-auth-sso-ssl/pom.xml | 131 ++++++
.../auth/ssl/AuthenticationProviderService.java | 171 ++++++++
.../auth/ssl/OpaqueAuthenticationResult.java | 65 +++
.../auth/ssl/SSLAuthenticationProvider.java | 48 +++
.../auth/ssl/SSLAuthenticationProviderModule.java} | 17 +-
.../auth/ssl/SSLAuthenticationSession.java | 64 +++
.../auth/ssl/SSLAuthenticationSessionManager.java | 60 +++
.../auth/ssl/SSLClientAuthenticationResource.java | 412 +++++++++++++++++++
.../auth/ssl/conf/ConfigurationService.java | 440 +++++++++++++++++++++
.../auth/ssl/conf/LdapNameGuacamoleProperty.java} | 37 +-
.../ssl/conf/WildcardURIGuacamoleProperty.java | 66 ++++
.../src/main/resources/directives/guacSslAuth.js | 51 +++
.../src/main/resources/guac-manifest.json | 35 ++
.../src/main/resources/html/sso-provider-ssl.html | 4 +
.../src/main/resources/license.txt} | 21 -
.../main/resources/services/clientAuthService.js | 58 +++
.../src/main/resources/sslModule.js} | 24 +-
extensions/guacamole-auth-sso/pom.xml | 1 +
.../src/app/auth/service/authenticationService.js | 149 ++++---
.../frontend/src/app/login/directives/login.js | 88 ++---
42 files changed, 2142 insertions(+), 303 deletions(-)