You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@guacamole.apache.org by necouchman <gi...@git.apache.org> on 2017/08/16 00:00:38 UTC
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
GitHub user necouchman opened a pull request:
https://github.com/apache/incubator-guacamole-client/pull/182
GUACAMOLE-363: Add support for SQL Server authentication
This pull request implements a SQL Server (sqlserver) module for the JDBC authentication backend, allowing the Guacamole database to be hosted in SQL Server.
I went the route of creating a guacamole schema and renaming the tables a bit - I have a feeling I'll end up changing that to be more consistent with the other modules, but SQL Server uses a default "dbo" schema that's just different, anyway, so I took a stab at it this way.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/necouchman/incubator-guacamole-client GUACAMOLE-363
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/incubator-guacamole-client/pull/182.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #182
----
commit 3b8c802e239645e4ff31f4b86b781f1da58d312f
Author: Nick Couchman <vn...@apache.org>
Date: 2017-08-15T02:14:15Z
GUACAMOLE-363: Initial commit of SQLServer authentication module for JDBC.
commit b95fb938e6edf89fff1252c1fa931dcea2d13374
Author: Nick Couchman <vn...@apache.org>
Date: 2017-08-15T18:28:20Z
GUACAMOLE-363: Fix up JDBC maps for proper SQL Server syntax.
commit c9d4adef7c493b675325fda5e8f4dff362185139
Author: Nick Couchman <vn...@apache.org>
Date: 2017-08-15T21:03:25Z
GUACAMOLE-363: Fix style, order, and batching in SQL Server schema scripts.
commit 765d0812c8386a7563ad7b4f75b5309c94e43ec9
Author: Nick Couchman <vn...@apache.org>
Date: 2017-08-15T23:56:00Z
GUACAMOLE-363: Fix encoding of SQL file
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r135953509
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerAuthenticationProviderModule.java ---
@@ -0,0 +1,91 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import com.google.inject.Binder;
+import com.google.inject.Module;
+import com.google.inject.name.Names;
+import java.util.Properties;
+import org.apache.guacamole.GuacamoleException;
+import org.mybatis.guice.datasource.helper.JdbcHelper;
+
+/**
+ * Guice module which configures SQLServer-specific injections.
+ */
+public class SQLServerAuthenticationProviderModule implements Module {
+
+ /**
+ * MyBatis-specific configuration properties.
+ */
+ private final Properties myBatisProperties = new Properties();
+
+ /**
+ * SQLServer-specific driver configuration properties.
+ */
+ private final Properties driverProperties = new Properties();
+
+ /**
+ * Creates a new SQLServer authentication provider module that configures
+ * driver and MyBatis properties using the given environment.
+ *
+ * @param environment
+ * The environment to use when configuring MyBatis and the underlying
+ * JDBC driver.
+ *
+ * @throws GuacamoleException
+ * If a required property is missing, or an error occurs while parsing
+ * a property.
+ */
+ public SQLServerAuthenticationProviderModule(SQLServerEnvironment environment)
+ throws GuacamoleException {
+
+ // Set the SQLServer-specific properties for MyBatis.
+ myBatisProperties.setProperty("mybatis.environment.id", "guacamole");
+ myBatisProperties.setProperty("JDBC.host", environment.getSQLServerHostname());
+ myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getSQLServerPort()));
+ myBatisProperties.setProperty("JDBC.schema", environment.getSQLServerDatabase());
+ myBatisProperties.setProperty("JDBC.username", environment.getSQLServerUsername());
+ myBatisProperties.setProperty("JDBC.password", environment.getSQLServerPassword());
+ myBatisProperties.setProperty("JDBC.autoCommit", "false");
+ myBatisProperties.setProperty("mybatis.pooled.pingEnabled", "true");
+ myBatisProperties.setProperty("mybatis.pooled.pingQuery", "SELECT 1");
+
+ // Use UTF-8 in database
+ driverProperties.setProperty("characterEncoding", "UTF-8");
+
+ }
+
+ @Override
+ public void configure(Binder binder) {
+
+ // Bind SQLServer-specific properties
+ JdbcHelper.SQL_Server_2005_MS_Driver.configure(binder);
--- End diff --
So, I tried a route that allows for both of them - added another option to the configuration to specify the JTDS driver instead of the Microsoft one, but kept the Microsoft one as the default. How's that look?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r141345122
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/schema/002-create-admin-user.sql ---
@@ -0,0 +1,46 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * Create the default admin user account and set up full privileges.
+ */
+INSERT INTO [guacamole_user] (username, password_hash, password_date)
+VALUES ('guacadmin', HASHBYTES('SHA2_256', 'guacadmin'), getdate());
--- End diff --
Well, whatever I did last time was wrong, but I think I got it this time.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138401399
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerEnvironment.java ---
@@ -0,0 +1,357 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.apache.guacamole.auth.jdbc.security.PasswordPolicy;
+
+/**
+ * A SQLServer-specific implementation of JDBCEnvironment provides database
+ * properties specifically for SQLServer.
+ */
+public class SQLServerEnvironment extends JDBCEnvironment {
+
+ /**
+ * Logger for this class.
+ */
+ private static final Logger logger = LoggerFactory.getLogger(SQLServerEnvironment.class);
+
+ /**
+ * The default host to connect to, if SQLSERVER_HOSTNAME is not specified.
+ */
+ private static final String DEFAULT_HOSTNAME = "localhost";
+
+ /**
+ * The default port to connect to, if SQLSERVER_PORT is not specified.
+ */
+ private static final int DEFAULT_PORT = 1433;
+
+ /**
+ * Whether a database user account is required by default for authentication
+ * to succeed.
+ */
+ private static final boolean DEFAULT_USER_REQUIRED = true;
+
+ /**
+ * The default value for the maximum number of connections to be
+ * allowed to the Guacamole server overall.
+ */
+ private final int DEFAULT_ABSOLUTE_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection group. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection group. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the open source JTDS driver.
+ */
+ public final static String SQLSERVER_DRIVER_JTDS = "jtds";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the DataDirect JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_DATADIRECT = "datadirect";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the older Microsoft JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_MS = "microsoft";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the Microsoft JDBC driver. This is the default.
+ */
+ public final static String SQLSERVER_DRIVER_MS_2005 = "microsoft2005";
+
+ /**
+ * Constructs a new SQLServerEnvironment, providing access to SQLServer-specific
+ * configuration options.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while setting up the underlying JDBCEnvironment
+ * or while parsing legacy SQLServer configuration options.
+ */
+ public SQLServerEnvironment() throws GuacamoleException {
+
+ // Init underlying JDBC environment
+ super();
+
+ // Read legacy concurrency-related property
+ Boolean disallowSimultaneous = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS);
+ Boolean disallowDuplicate = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS);
+
+ // Legacy "simultaneous" property dictates only the maximum number of
+ // connections per connection
+ if (disallowSimultaneous != null) {
+
+ // Translate legacy property
+ if (disallowSimultaneous) {
+ DEFAULT_MAX_CONNECTIONS = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
--- End diff --
Okay, will remove them.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138416405
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/schema/001-create-schema.sql ---
@@ -0,0 +1,558 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * List for permission data type.
+ */
+CREATE RULE [guacamole_permission_list]
+ AS
+ @list IN ('READ','UPDATE','DELETE','ADMINISTER');
+GO;
+
+/**
+ * List for system permission data type.
+ */
+CREATE RULE [guacamole_system_permission_list]
+ AS
+ @list IN ('CREATE_CONNECTION',
+ 'CREATE_CONNECTION_GROUP',
+ 'CREATE_SHARING_PROFILE',
+ 'CREATE_USER',
+ 'ADMINISTER');
+GO;
+
+/**
+ * The permission data type.
+ */
+CREATE TYPE [guacamole_permission] FROM [nvarchar](10) NOT NULL;
+
+/**
+ * The system permission data type.
+ */
+CREATE TYPE [guacamole_system_permission] FROM [nvarchar](32) NOT NULL;
+GO;
+
+/**
+ * The connection_group table stores organizational and balancing groups.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_connection_group](
+ [connection_group_id] [int] IDENTITY(1,1) NOT NULL,
+ [parent_id] [int] NULL,
+ [connection_group_name] [nvarchar](128) NOT NULL,
+ [type] [nvarchar](32) NOT NULL,
+ [max_connections] [int] NULL,
+ [max_connections_per_user] [int] NULL,
+ [enable_session_affinity] [bit] NOT NULL,
+
+ CONSTRAINT [PK_guacmaole_connection_group] PRIMARY KEY CLUSTERED
+ ([connection_group_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+/**
+ * Foreign keys for connection_group table.
+ */
+ALTER TABLE [guacamole_connection_group]
+ WITH CHECK ADD CONSTRAINT [FK_guacamole_connection_group_connection_group_id] FOREIGN KEY([parent_id])
+ REFERENCES [guacamole_connection_group] ([connection_group_id]);
+ALTER TABLE [guacamole_connection_group]
+ CHECK CONSTRAINT [FK_guacamole_connection_group_connection_group_id];
+ALTER TABLE [guacamole_connection_group]
+ WITH CHECK ADD CONSTRAINT [CK_guacamole_connection_group_type]
+ CHECK (([type]='BALANCING' OR [type]='ORGANIZATIONAL'));
+ALTER TABLE [guacamole_connection_group]
+ CHECK CONSTRAINT [CK_guacamole_connection_group_type];
+
+/**
+ * Default values for connection_group table.
+ */
+ALTER TABLE [guacamole_connection_group]
+ ADD CONSTRAINT [DF_guacamole_connection_group_type] DEFAULT (N'ORGANIZATIONAL') FOR [type];
+ALTER TABLE [guacamole_connection_group]
+ ADD CONSTRAINT [DF_guacamole_connection_group_enable_session_affinity] DEFAULT ((0)) FOR [enable_session_affinity];
+GO;
+
+/**
+ * The connection table, for storing connections and attributes.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_connection](
+ [connection_id] [int] IDENTITY(1,1) NOT NULL,
+ [connection_name] [nvarchar](128) NOT NULL,
+ [parent_id] [int] NULL,
+ [protocol] [nvarchar](32) NOT NULL,
+ [proxy_port] [int] NULL,
+ [proxy_hostname] [nvarchar](512) NULL,
+ [proxy_encryption_method] [nvarchar](4) NULL,
+ [max_connections] [int] NULL,
+ [max_connections_per_user] [int] NULL,
+ [connection_weight] [int] NULL,
+ [failover_only] [bit] NOT NULL,
+
+ CONSTRAINT [PK_guacamole_connection] PRIMARY KEY CLUSTERED
+ ([connection_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+ALTER TABLE [guacamole_connection]
+ WITH CHECK ADD CONSTRAINT [FK_guacamole_connection_connection_group] FOREIGN KEY([parent_id])
+ REFERENCES [guacamole_connection_group] ([connection_group_id]);
+ALTER TABLE [guacamole_connection]
+ CHECK CONSTRAINT [FK_guacamole_connection_connection_group];
+ALTER TABLE [guacamole_connection]
+ WITH CHECK ADD CONSTRAINT [CK_proxy_encryption_method]
+ CHECK (([proxy_encryption_method]='SSL' OR [proxy_encryption_method]='NONE'));
+ALTER TABLE [guacamole_connection]
+ CHECK CONSTRAINT [CK_proxy_encryption_method];
+ALTER TABLE [guacamole_connection]
+ ADD CONSTRAINT [DF_guacamole_connection_failover_only] DEFAULT ((0)) FOR [failover_only];
+GO;
+
+/**
+ * The user table stores user accounts, passwords, and properties.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_user](
+ [user_id] [int] IDENTITY(1,1) NOT NULL,
+ [username] [nvarchar](128) NOT NULL,
+ [password_hash] [binary](32) NOT NULL,
+ [password_salt] [binary](32) NULL,
+ [password_date] [datetime] NOT NULL,
+ [disabled] [bit] NOT NULL,
+ [expired] [bit] NOT NULL,
+ [access_window_start] [time](7) NULL,
+ [access_window_end] [time](7) NULL,
+ [valid_from] [date] NULL,
+ [valid_until] [date] NULL,
+ [timezone] [nvarchar](64) NULL,
+ [full_name] [nvarchar](256) NULL,
+ [email_address] [nvarchar](256) NULL,
+ [organization] [nvarchar](256) NULL,
+ [organizational_role] [nvarchar](256) NULL,
+
+ CONSTRAINT [PK_guacamole_user] PRIMARY KEY CLUSTERED
+ ([user_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+/**
+ * Defaults for user table
+ */
+ALTER TABLE [guacamole_user]
+ ADD CONSTRAINT [DF_guacamole_user_disabled] DEFAULT ((0)) FOR [disabled];
+ALTER TABLE [guacamole_user]
+ ADD CONSTRAINT [DF_guacamole_user_expired] DEFAULT ((0)) FOR [expired];
+GO;
+
+/**
+ * The sharing_profile table stores profiles that allow
+ * connections to be shared amongst multiple users.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_sharing_profile](
+ [sharing_profile_id] [int] IDENTITY(1,1) NOT NULL,
+ [sharing_profile_name] [nvarchar](128) NOT NULL,
+ [primary_connection_id] [int] NOT NULL,
+
+ CONSTRAINT [PK_guacamole_sharing_profile] PRIMARY KEY CLUSTERED
+ ([sharing_profile_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+/**
+ * Foreign keys for sharing_profile table.
+ */
+ALTER TABLE [guacamole_sharing_profile]
+ WITH CHECK ADD CONSTRAINT [FK_guacamole_sharing_profile_connection] FOREIGN KEY([primary_connection_id])
+ REFERENCES [guacamole_connection] ([connection_id])
+ ON UPDATE CASCADE
+ ON DELETE CASCADE;
+ALTER TABLE [guacamole_sharing_profile]
+ CHECK CONSTRAINT [FK_guacamole_sharing_profile_connection];
+GO;
+
+/**
+ * The connection_parameter table stores parameters for
+ * connection objects.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_connection_parameter](
+ [connection_id] [int] NOT NULL,
+ [parameter_name] [nvarchar](128) NOT NULL,
+ [parameter_value] [nvarchar](max) NOT NULL,
--- End diff --
Ah, actually, the issue is that I'm using nvarchar instead of varchar, because nvarchar supports storing unicode values.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r135948405
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/schema/001-create-schema.sql ---
@@ -0,0 +1,558 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * List for permission data type.
+ */
+CREATE RULE [dbo].[guacamole_permission_list]
+ AS
+ @list IN ('READ','UPDATE','DELETE','ADMINISTER')
+GO
+
+/**
+ * List for system permission data type.
+ */
+CREATE RULE [dbo].[guacamole_system_permission_list]
+ AS
+ @list IN ('CREATE_CONNECTION',
+ 'CREATE_CONNECTION_GROUP',
+ 'CREATE_SHARING_PROFILE',
+ 'CREATE_USER',
+ 'ADMINISTER')
+GO
+
+/**
+ * The permission data type.
+ */
+CREATE TYPE [dbo].[guacamole_permission] FROM [nvarchar](10) NOT NULL
+
+/**
+ * The system permission data type.
+ */
+CREATE TYPE [dbo].[guacamole_system_permission] FROM [nvarchar](32) NOT NULL
+GO
+
+/**
+ * The connection_group table stores organizational and balancing groups.
+ */
+SET ANSI_NULLS ON
+SET QUOTED_IDENTIFIER ON
--- End diff --
So, most of the actual text here, minus the formatting, came from using SQL Server Management Studio to generate the output of the database minus any actual data. As such, I took the file they spit out, re-arranged it, styled it to match Guacamole style, and that's what the .sql files you see here are. I'm not entirely certain why SSMS found it necessary to spit this out so frequently, but I think that at least some of those options are only good in the current batch (up until the next "GO" statement), and I did run into issues trying to batch too many things together (got messages from SQL Server that certain queries had to be in their own batch).
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r135950314
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/schema/001-create-schema.sql ---
@@ -0,0 +1,558 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * List for permission data type.
+ */
+CREATE RULE [dbo].[guacamole_permission_list]
+ AS
+ @list IN ('READ','UPDATE','DELETE','ADMINISTER')
+GO
+
+/**
+ * List for system permission data type.
+ */
+CREATE RULE [dbo].[guacamole_system_permission_list]
+ AS
+ @list IN ('CREATE_CONNECTION',
+ 'CREATE_CONNECTION_GROUP',
+ 'CREATE_SHARING_PROFILE',
+ 'CREATE_USER',
+ 'ADMINISTER')
+GO
+
+/**
+ * The permission data type.
+ */
+CREATE TYPE [dbo].[guacamole_permission] FROM [nvarchar](10) NOT NULL
+
+/**
+ * The system permission data type.
+ */
+CREATE TYPE [dbo].[guacamole_system_permission] FROM [nvarchar](32) NOT NULL
+GO
+
+/**
+ * The connection_group table stores organizational and balancing groups.
+ */
+SET ANSI_NULLS ON
+SET QUOTED_IDENTIFIER ON
+CREATE TABLE [dbo].[guacamole_connection_group](
+ [connection_group_id] [int] IDENTITY(1,1) NOT NULL,
+ [parent_id] [int] NULL,
+ [connection_group_name] [nvarchar](128) NOT NULL,
+ [type] [nvarchar](32) NOT NULL,
+ [max_connections] [int] NULL,
+ [max_connections_per_user] [int] NULL,
+ [enable_session_affinity] [bit] NOT NULL,
+
+ CONSTRAINT [PK_guacmaole_connection_group] PRIMARY KEY CLUSTERED
+ ([connection_group_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY]
--- End diff --
Okay, I've added those to the code. You know, it's almost hard to believe that I was just using Microsoft-generated code - that Microsoft would do something that didn't conform to standards!
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by asfgit <gi...@git.apache.org>.
Github user asfgit closed the pull request at:
https://github.com/apache/incubator-guacamole-client/pull/182
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r141254723
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerGuacamoleProperties.java ---
@@ -0,0 +1,211 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import org.apache.guacamole.properties.BooleanGuacamoleProperty;
+import org.apache.guacamole.properties.IntegerGuacamoleProperty;
+import org.apache.guacamole.properties.StringGuacamoleProperty;
+
+/**
+ * Properties used by the SQLServer Authentication plugin.
+ */
+public class SQLServerGuacamoleProperties {
+
+ /**
+ * This class should not be instantiated.
+ */
+ private SQLServerGuacamoleProperties() {}
+
+ /**
+ * The URL of the SQLServer server hosting the Guacamole authentication tables.
+ */
+ public static final StringGuacamoleProperty SQLSERVER_HOSTNAME =
+ new StringGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-hostname"; }
+
+ };
+
+ /**
+ * The port of the SQLServer server hosting the Guacamole authentication
+ * tables.
+ */
+ public static final IntegerGuacamoleProperty SQLSERVER_PORT =
+ new IntegerGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-port"; }
+
+ };
+
+ /**
+ * The name of the SQLServer database containing the Guacamole
+ * authentication tables.
+ */
+ public static final StringGuacamoleProperty SQLSERVER_DATABASE =
+ new StringGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-database"; }
+
+ };
+
+ /**
+ * The username used to authenticate to the SQLServer database containing
+ * the Guacamole authentication tables.
+ */
+ public static final StringGuacamoleProperty SQLSERVER_USERNAME =
+ new StringGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-username"; }
+
+ };
+
+ /**
+ * The password used to authenticate to the SQLServer database containing
+ * the Guacamole authentication tables.
+ */
+ public static final StringGuacamoleProperty SQLSERVER_PASSWORD =
+ new StringGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-password"; }
+
+ };
+
+ /**
+ * Whether a user account within the database is required for authentication
+ * to succeed, even if the user has been authenticated via another
+ * authentication provider.
+ */
+ public static final BooleanGuacamoleProperty
+ SQLSERVER_USER_REQUIRED = new BooleanGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-user-required"; }
+
+ };
+
+ /**
+ * Whether or not multiple users accessing the same connection at the same
+ * time should be disallowed.
+ */
+ public static final BooleanGuacamoleProperty
+ SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS =
+ new BooleanGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-disallow-simultaneous-connections"; }
+
+ };
+
+ /**
+ * Whether or not the same user accessing the same connection or connection
+ * group at the same time should be disallowed.
+ */
+ public static final BooleanGuacamoleProperty
+ SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS =
--- End diff --
Same here - since this property is unused, it shouldn't be defined.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138399309
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerEnvironment.java ---
@@ -0,0 +1,357 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.apache.guacamole.auth.jdbc.security.PasswordPolicy;
+
+/**
+ * A SQLServer-specific implementation of JDBCEnvironment provides database
+ * properties specifically for SQLServer.
+ */
+public class SQLServerEnvironment extends JDBCEnvironment {
+
+ /**
+ * Logger for this class.
+ */
+ private static final Logger logger = LoggerFactory.getLogger(SQLServerEnvironment.class);
+
+ /**
+ * The default host to connect to, if SQLSERVER_HOSTNAME is not specified.
+ */
+ private static final String DEFAULT_HOSTNAME = "localhost";
+
+ /**
+ * The default port to connect to, if SQLSERVER_PORT is not specified.
+ */
+ private static final int DEFAULT_PORT = 1433;
+
+ /**
+ * Whether a database user account is required by default for authentication
+ * to succeed.
+ */
+ private static final boolean DEFAULT_USER_REQUIRED = true;
+
+ /**
+ * The default value for the maximum number of connections to be
+ * allowed to the Guacamole server overall.
+ */
+ private final int DEFAULT_ABSOLUTE_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection group. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection group. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the open source JTDS driver.
+ */
+ public final static String SQLSERVER_DRIVER_JTDS = "jtds";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the DataDirect JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_DATADIRECT = "datadirect";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the older Microsoft JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_MS = "microsoft";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the Microsoft JDBC driver. This is the default.
+ */
+ public final static String SQLSERVER_DRIVER_MS_2005 = "microsoft2005";
+
+ /**
+ * Constructs a new SQLServerEnvironment, providing access to SQLServer-specific
+ * configuration options.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while setting up the underlying JDBCEnvironment
+ * or while parsing legacy SQLServer configuration options.
+ */
+ public SQLServerEnvironment() throws GuacamoleException {
+
+ // Init underlying JDBC environment
+ super();
+
+ // Read legacy concurrency-related property
+ Boolean disallowSimultaneous = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS);
+ Boolean disallowDuplicate = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS);
+
+ // Legacy "simultaneous" property dictates only the maximum number of
+ // connections per connection
+ if (disallowSimultaneous != null) {
+
+ // Translate legacy property
+ if (disallowSimultaneous) {
+ DEFAULT_MAX_CONNECTIONS = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
+
+ // Inform of new equivalent
+ logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(), disallowSimultaneous,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS.getName(), DEFAULT_MAX_CONNECTIONS,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName(), DEFAULT_MAX_GROUP_CONNECTIONS);
+
+ }
+
+ // Legacy "duplicate" property dictates whether connections and groups
+ // may be used concurrently only by different users
+ if (disallowDuplicate != null) {
+
+ // Translate legacy property
+ if (disallowDuplicate) {
+ DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS_PER_USER = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
+
+ // Inform of new equivalent
+ logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS.getName(), disallowDuplicate,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_CONNECTIONS_PER_USER,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER);
+
+ }
+
+ // Check driver property is one of the acceptable values.
+ String driver = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DRIVER);
+ if (driver != null && !(driver.equals(SQLSERVER_DRIVER_JTDS) ||
+ driver.equals(SQLSERVER_DRIVER_DATADIRECT) ||
+ driver.equals(SQLSERVER_DRIVER_MS) ||
+ driver.equals(SQLSERVER_DRIVER_MS_2005)))
+ logger.warn("{} property has been set to an invalid value. The default Microsoft 2005 driver will be used.",
+ SQLServerGuacamoleProperties.SQLSERVER_DRIVER.getName());
+
+ }
+
+ @Override
+ public boolean isUserRequired() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_USER_REQUIRED,
+ DEFAULT_USER_REQUIRED
+ );
+ }
+
+ @Override
+ public int getAbsoluteMaxConnections() throws GuacamoleException {
+ return getProperty(SQLServerGuacamoleProperties.SQLSERVER_ABSOLUTE_MAX_CONNECTIONS,
+ DEFAULT_ABSOLUTE_MAX_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxConnections() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS,
+ DEFAULT_MAX_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxGroupConnections() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS,
+ DEFAULT_MAX_GROUP_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxConnectionsPerUser() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER,
+ DEFAULT_MAX_CONNECTIONS_PER_USER
+ );
+ }
+
+ @Override
+ public int getDefaultMaxGroupConnectionsPerUser() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER,
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER
+ );
+ }
+
+ @Override
+ public PasswordPolicy getPasswordPolicy() {
+ return new SQLServerPasswordPolicy(this);
+ }
+
+ /**
+ * Returns the hostname of the SQLServer server hosting the Guacamole
+ * authentication tables. If unspecified, this will be "localhost".
+ *
+ * @return
+ * The URL of the SQLServer server.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value.
+ */
+ public String getSQLServerHostname() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_HOSTNAME,
+ DEFAULT_HOSTNAME
+ );
+ }
+
+ /**
+ * Returns the port number of the SQLServer server hosting the Guacamole
+ * authentication tables. If unspecified, this will be the default
+ * SQLServer port of 5432.
+ *
+ * @return
+ * The port number of the SQLServer server.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value.
+ */
+ public int getSQLServerPort() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_PORT,
+ DEFAULT_PORT
+ );
+ }
+
+ /**
+ * Returns the name of the SQLServer database containing the Guacamole
+ * authentication tables.
+ *
+ * @return
+ * The name of the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerDatabase() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_DATABASE);
+ }
+
+ /**
+ * Returns the username that should be used when authenticating with the
+ * SQLServer database containing the Guacamole authentication tables.
+ *
+ * @return
+ * The username for the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerUsername() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_USERNAME);
+ }
+
+ /**
+ * Returns the password that should be used when authenticating with the
+ * SQLServer database containing the Guacamole authentication tables.
+ *
+ * @return
+ * The password for the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerPassword() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_PASSWORD);
+ }
+
+ /**
+ * Returns whether or not to use the SourceForge JTDS driver for more
+ * generic JTDS connections instead of the Microsoft-provided JDBC driver.
+ *
+ * @return
+ * True if the JTDS driver should be used; false by default.
--- End diff --
This (and the rest of this comment) is no longer correct due to the migration to a generalized property covering all supported SQL Server drivers.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138412335
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerEnvironment.java ---
@@ -0,0 +1,357 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.apache.guacamole.auth.jdbc.security.PasswordPolicy;
+
+/**
+ * A SQLServer-specific implementation of JDBCEnvironment provides database
+ * properties specifically for SQLServer.
+ */
+public class SQLServerEnvironment extends JDBCEnvironment {
+
+ /**
+ * Logger for this class.
+ */
+ private static final Logger logger = LoggerFactory.getLogger(SQLServerEnvironment.class);
+
+ /**
+ * The default host to connect to, if SQLSERVER_HOSTNAME is not specified.
+ */
+ private static final String DEFAULT_HOSTNAME = "localhost";
+
+ /**
+ * The default port to connect to, if SQLSERVER_PORT is not specified.
+ */
+ private static final int DEFAULT_PORT = 1433;
+
+ /**
+ * Whether a database user account is required by default for authentication
+ * to succeed.
+ */
+ private static final boolean DEFAULT_USER_REQUIRED = true;
+
+ /**
+ * The default value for the maximum number of connections to be
+ * allowed to the Guacamole server overall.
+ */
+ private final int DEFAULT_ABSOLUTE_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection group. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection group. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the open source JTDS driver.
+ */
+ public final static String SQLSERVER_DRIVER_JTDS = "jtds";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the DataDirect JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_DATADIRECT = "datadirect";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the older Microsoft JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_MS = "microsoft";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the Microsoft JDBC driver. This is the default.
+ */
+ public final static String SQLSERVER_DRIVER_MS_2005 = "microsoft2005";
+
+ /**
+ * Constructs a new SQLServerEnvironment, providing access to SQLServer-specific
+ * configuration options.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while setting up the underlying JDBCEnvironment
+ * or while parsing legacy SQLServer configuration options.
+ */
+ public SQLServerEnvironment() throws GuacamoleException {
+
+ // Init underlying JDBC environment
+ super();
+
+ // Read legacy concurrency-related property
+ Boolean disallowSimultaneous = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS);
+ Boolean disallowDuplicate = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS);
+
+ // Legacy "simultaneous" property dictates only the maximum number of
+ // connections per connection
+ if (disallowSimultaneous != null) {
+
+ // Translate legacy property
+ if (disallowSimultaneous) {
+ DEFAULT_MAX_CONNECTIONS = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
+
+ // Inform of new equivalent
+ logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(), disallowSimultaneous,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS.getName(), DEFAULT_MAX_CONNECTIONS,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName(), DEFAULT_MAX_GROUP_CONNECTIONS);
+
+ }
+
+ // Legacy "duplicate" property dictates whether connections and groups
+ // may be used concurrently only by different users
+ if (disallowDuplicate != null) {
+
+ // Translate legacy property
+ if (disallowDuplicate) {
+ DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS_PER_USER = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
+
+ // Inform of new equivalent
+ logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS.getName(), disallowDuplicate,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_CONNECTIONS_PER_USER,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER);
+
+ }
+
+ // Check driver property is one of the acceptable values.
+ String driver = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DRIVER);
+ if (driver != null && !(driver.equals(SQLSERVER_DRIVER_JTDS) ||
+ driver.equals(SQLSERVER_DRIVER_DATADIRECT) ||
+ driver.equals(SQLSERVER_DRIVER_MS) ||
+ driver.equals(SQLSERVER_DRIVER_MS_2005)))
+ logger.warn("{} property has been set to an invalid value. The default Microsoft 2005 driver will be used.",
+ SQLServerGuacamoleProperties.SQLSERVER_DRIVER.getName());
+
+ }
+
+ @Override
+ public boolean isUserRequired() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_USER_REQUIRED,
+ DEFAULT_USER_REQUIRED
+ );
+ }
+
+ @Override
+ public int getAbsoluteMaxConnections() throws GuacamoleException {
+ return getProperty(SQLServerGuacamoleProperties.SQLSERVER_ABSOLUTE_MAX_CONNECTIONS,
+ DEFAULT_ABSOLUTE_MAX_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxConnections() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS,
+ DEFAULT_MAX_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxGroupConnections() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS,
+ DEFAULT_MAX_GROUP_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxConnectionsPerUser() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER,
+ DEFAULT_MAX_CONNECTIONS_PER_USER
+ );
+ }
+
+ @Override
+ public int getDefaultMaxGroupConnectionsPerUser() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER,
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER
+ );
+ }
+
+ @Override
+ public PasswordPolicy getPasswordPolicy() {
+ return new SQLServerPasswordPolicy(this);
+ }
+
+ /**
+ * Returns the hostname of the SQLServer server hosting the Guacamole
+ * authentication tables. If unspecified, this will be "localhost".
+ *
+ * @return
+ * The URL of the SQLServer server.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value.
+ */
+ public String getSQLServerHostname() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_HOSTNAME,
+ DEFAULT_HOSTNAME
+ );
+ }
+
+ /**
+ * Returns the port number of the SQLServer server hosting the Guacamole
+ * authentication tables. If unspecified, this will be the default
+ * SQLServer port of 5432.
+ *
+ * @return
+ * The port number of the SQLServer server.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value.
+ */
+ public int getSQLServerPort() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_PORT,
+ DEFAULT_PORT
+ );
+ }
+
+ /**
+ * Returns the name of the SQLServer database containing the Guacamole
+ * authentication tables.
+ *
+ * @return
+ * The name of the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerDatabase() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_DATABASE);
+ }
+
+ /**
+ * Returns the username that should be used when authenticating with the
+ * SQLServer database containing the Guacamole authentication tables.
+ *
+ * @return
+ * The username for the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerUsername() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_USERNAME);
+ }
+
+ /**
+ * Returns the password that should be used when authenticating with the
+ * SQLServer database containing the Guacamole authentication tables.
+ *
+ * @return
+ * The password for the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerPassword() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_PASSWORD);
+ }
+
+ /**
+ * Returns whether or not to use the SourceForge JTDS driver for more
+ * generic JTDS connections instead of the Microsoft-provided JDBC driver.
+ *
+ * @return
+ * True if the JTDS driver should be used; false by default.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerDriver() throws GuacamoleException {
--- End diff --
Implemented.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138404746
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/schema/001-create-schema.sql ---
@@ -0,0 +1,558 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * List for permission data type.
+ */
+CREATE RULE [guacamole_permission_list]
+ AS
+ @list IN ('READ','UPDATE','DELETE','ADMINISTER');
+GO;
+
+/**
+ * List for system permission data type.
+ */
+CREATE RULE [guacamole_system_permission_list]
+ AS
+ @list IN ('CREATE_CONNECTION',
+ 'CREATE_CONNECTION_GROUP',
+ 'CREATE_SHARING_PROFILE',
+ 'CREATE_USER',
+ 'ADMINISTER');
+GO;
+
+/**
+ * The permission data type.
+ */
+CREATE TYPE [guacamole_permission] FROM [nvarchar](10) NOT NULL;
+
+/**
+ * The system permission data type.
+ */
+CREATE TYPE [guacamole_system_permission] FROM [nvarchar](32) NOT NULL;
+GO;
+
+/**
+ * The connection_group table stores organizational and balancing groups.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_connection_group](
+ [connection_group_id] [int] IDENTITY(1,1) NOT NULL,
+ [parent_id] [int] NULL,
+ [connection_group_name] [nvarchar](128) NOT NULL,
+ [type] [nvarchar](32) NOT NULL,
+ [max_connections] [int] NULL,
+ [max_connections_per_user] [int] NULL,
+ [enable_session_affinity] [bit] NOT NULL,
+
+ CONSTRAINT [PK_guacmaole_connection_group] PRIMARY KEY CLUSTERED
+ ([connection_group_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+/**
+ * Foreign keys for connection_group table.
+ */
+ALTER TABLE [guacamole_connection_group]
+ WITH CHECK ADD CONSTRAINT [FK_guacamole_connection_group_connection_group_id] FOREIGN KEY([parent_id])
+ REFERENCES [guacamole_connection_group] ([connection_group_id]);
+ALTER TABLE [guacamole_connection_group]
+ CHECK CONSTRAINT [FK_guacamole_connection_group_connection_group_id];
+ALTER TABLE [guacamole_connection_group]
+ WITH CHECK ADD CONSTRAINT [CK_guacamole_connection_group_type]
+ CHECK (([type]='BALANCING' OR [type]='ORGANIZATIONAL'));
+ALTER TABLE [guacamole_connection_group]
+ CHECK CONSTRAINT [CK_guacamole_connection_group_type];
+
+/**
+ * Default values for connection_group table.
+ */
+ALTER TABLE [guacamole_connection_group]
+ ADD CONSTRAINT [DF_guacamole_connection_group_type] DEFAULT (N'ORGANIZATIONAL') FOR [type];
+ALTER TABLE [guacamole_connection_group]
+ ADD CONSTRAINT [DF_guacamole_connection_group_enable_session_affinity] DEFAULT ((0)) FOR [enable_session_affinity];
+GO;
+
+/**
+ * The connection table, for storing connections and attributes.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_connection](
+ [connection_id] [int] IDENTITY(1,1) NOT NULL,
+ [connection_name] [nvarchar](128) NOT NULL,
+ [parent_id] [int] NULL,
+ [protocol] [nvarchar](32) NOT NULL,
+ [proxy_port] [int] NULL,
+ [proxy_hostname] [nvarchar](512) NULL,
+ [proxy_encryption_method] [nvarchar](4) NULL,
+ [max_connections] [int] NULL,
+ [max_connections_per_user] [int] NULL,
+ [connection_weight] [int] NULL,
+ [failover_only] [bit] NOT NULL,
+
+ CONSTRAINT [PK_guacamole_connection] PRIMARY KEY CLUSTERED
+ ([connection_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+ALTER TABLE [guacamole_connection]
+ WITH CHECK ADD CONSTRAINT [FK_guacamole_connection_connection_group] FOREIGN KEY([parent_id])
+ REFERENCES [guacamole_connection_group] ([connection_group_id]);
+ALTER TABLE [guacamole_connection]
+ CHECK CONSTRAINT [FK_guacamole_connection_connection_group];
+ALTER TABLE [guacamole_connection]
+ WITH CHECK ADD CONSTRAINT [CK_proxy_encryption_method]
+ CHECK (([proxy_encryption_method]='SSL' OR [proxy_encryption_method]='NONE'));
+ALTER TABLE [guacamole_connection]
+ CHECK CONSTRAINT [CK_proxy_encryption_method];
+ALTER TABLE [guacamole_connection]
+ ADD CONSTRAINT [DF_guacamole_connection_failover_only] DEFAULT ((0)) FOR [failover_only];
+GO;
+
+/**
+ * The user table stores user accounts, passwords, and properties.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_user](
+ [user_id] [int] IDENTITY(1,1) NOT NULL,
+ [username] [nvarchar](128) NOT NULL,
+ [password_hash] [binary](32) NOT NULL,
+ [password_salt] [binary](32) NULL,
+ [password_date] [datetime] NOT NULL,
+ [disabled] [bit] NOT NULL,
+ [expired] [bit] NOT NULL,
+ [access_window_start] [time](7) NULL,
+ [access_window_end] [time](7) NULL,
+ [valid_from] [date] NULL,
+ [valid_until] [date] NULL,
+ [timezone] [nvarchar](64) NULL,
+ [full_name] [nvarchar](256) NULL,
+ [email_address] [nvarchar](256) NULL,
+ [organization] [nvarchar](256) NULL,
+ [organizational_role] [nvarchar](256) NULL,
+
+ CONSTRAINT [PK_guacamole_user] PRIMARY KEY CLUSTERED
+ ([user_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+/**
+ * Defaults for user table
+ */
+ALTER TABLE [guacamole_user]
+ ADD CONSTRAINT [DF_guacamole_user_disabled] DEFAULT ((0)) FOR [disabled];
+ALTER TABLE [guacamole_user]
+ ADD CONSTRAINT [DF_guacamole_user_expired] DEFAULT ((0)) FOR [expired];
+GO;
+
+/**
+ * The sharing_profile table stores profiles that allow
+ * connections to be shared amongst multiple users.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_sharing_profile](
+ [sharing_profile_id] [int] IDENTITY(1,1) NOT NULL,
+ [sharing_profile_name] [nvarchar](128) NOT NULL,
+ [primary_connection_id] [int] NOT NULL,
+
+ CONSTRAINT [PK_guacamole_sharing_profile] PRIMARY KEY CLUSTERED
+ ([sharing_profile_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+/**
+ * Foreign keys for sharing_profile table.
+ */
+ALTER TABLE [guacamole_sharing_profile]
+ WITH CHECK ADD CONSTRAINT [FK_guacamole_sharing_profile_connection] FOREIGN KEY([primary_connection_id])
+ REFERENCES [guacamole_connection] ([connection_id])
+ ON UPDATE CASCADE
+ ON DELETE CASCADE;
+ALTER TABLE [guacamole_sharing_profile]
+ CHECK CONSTRAINT [FK_guacamole_sharing_profile_connection];
+GO;
+
+/**
+ * The connection_parameter table stores parameters for
+ * connection objects.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_connection_parameter](
+ [connection_id] [int] NOT NULL,
+ [parameter_name] [nvarchar](128) NOT NULL,
+ [parameter_value] [nvarchar](max) NOT NULL,
--- End diff --
On recent versions of SQL Server, values up to 8000 are allowed, while a `varchar(max)` indicates the value should can grow up to 2 GB. According to https://docs.microsoft.com/en-us/sql/t-sql/data-types/char-and-varchar-transact-sql (emphasis added):
> varchar [ ( n | max ) ] Variable-length, non-Unicode string data. n defines the string length and can be a value from 1 through 8,000. **max indicates that the maximum storage size is 2^31-1 bytes (2 GB)**. The storage size is the actual length of the data entered + 2 bytes. The ISO synonyms for varchar are charvarying or charactervarying.
Not sure if the definition of this has changed between various versions of SQL Server, but assuming that's the case, that possibility may be another reason to avoid `max`.
Are you testing primarily against SQL Server 2005 and its limit is 4000?
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r141341854
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerGuacamoleProperties.java ---
@@ -0,0 +1,211 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import org.apache.guacamole.properties.BooleanGuacamoleProperty;
+import org.apache.guacamole.properties.IntegerGuacamoleProperty;
+import org.apache.guacamole.properties.StringGuacamoleProperty;
+
+/**
+ * Properties used by the SQLServer Authentication plugin.
+ */
+public class SQLServerGuacamoleProperties {
+
+ /**
+ * This class should not be instantiated.
+ */
+ private SQLServerGuacamoleProperties() {}
+
+ /**
+ * The URL of the SQLServer server hosting the Guacamole authentication tables.
+ */
+ public static final StringGuacamoleProperty SQLSERVER_HOSTNAME =
+ new StringGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-hostname"; }
+
+ };
+
+ /**
+ * The port of the SQLServer server hosting the Guacamole authentication
+ * tables.
+ */
+ public static final IntegerGuacamoleProperty SQLSERVER_PORT =
+ new IntegerGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-port"; }
+
+ };
+
+ /**
+ * The name of the SQLServer database containing the Guacamole
+ * authentication tables.
+ */
+ public static final StringGuacamoleProperty SQLSERVER_DATABASE =
+ new StringGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-database"; }
+
+ };
+
+ /**
+ * The username used to authenticate to the SQLServer database containing
+ * the Guacamole authentication tables.
+ */
+ public static final StringGuacamoleProperty SQLSERVER_USERNAME =
+ new StringGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-username"; }
+
+ };
+
+ /**
+ * The password used to authenticate to the SQLServer database containing
+ * the Guacamole authentication tables.
+ */
+ public static final StringGuacamoleProperty SQLSERVER_PASSWORD =
+ new StringGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-password"; }
+
+ };
+
+ /**
+ * Whether a user account within the database is required for authentication
+ * to succeed, even if the user has been authenticated via another
+ * authentication provider.
+ */
+ public static final BooleanGuacamoleProperty
+ SQLSERVER_USER_REQUIRED = new BooleanGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-user-required"; }
+
+ };
+
+ /**
+ * Whether or not multiple users accessing the same connection at the same
+ * time should be disallowed.
+ */
+ public static final BooleanGuacamoleProperty
+ SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS =
--- End diff --
Removed.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r135956946
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerAuthenticationProviderModule.java ---
@@ -0,0 +1,91 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import com.google.inject.Binder;
+import com.google.inject.Module;
+import com.google.inject.name.Names;
+import java.util.Properties;
+import org.apache.guacamole.GuacamoleException;
+import org.mybatis.guice.datasource.helper.JdbcHelper;
+
+/**
+ * Guice module which configures SQLServer-specific injections.
+ */
+public class SQLServerAuthenticationProviderModule implements Module {
+
+ /**
+ * MyBatis-specific configuration properties.
+ */
+ private final Properties myBatisProperties = new Properties();
+
+ /**
+ * SQLServer-specific driver configuration properties.
+ */
+ private final Properties driverProperties = new Properties();
+
+ /**
+ * Creates a new SQLServer authentication provider module that configures
+ * driver and MyBatis properties using the given environment.
+ *
+ * @param environment
+ * The environment to use when configuring MyBatis and the underlying
+ * JDBC driver.
+ *
+ * @throws GuacamoleException
+ * If a required property is missing, or an error occurs while parsing
+ * a property.
+ */
+ public SQLServerAuthenticationProviderModule(SQLServerEnvironment environment)
+ throws GuacamoleException {
+
+ // Set the SQLServer-specific properties for MyBatis.
+ myBatisProperties.setProperty("mybatis.environment.id", "guacamole");
+ myBatisProperties.setProperty("JDBC.host", environment.getSQLServerHostname());
+ myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getSQLServerPort()));
+ myBatisProperties.setProperty("JDBC.schema", environment.getSQLServerDatabase());
+ myBatisProperties.setProperty("JDBC.username", environment.getSQLServerUsername());
+ myBatisProperties.setProperty("JDBC.password", environment.getSQLServerPassword());
+ myBatisProperties.setProperty("JDBC.autoCommit", "false");
+ myBatisProperties.setProperty("mybatis.pooled.pingEnabled", "true");
+ myBatisProperties.setProperty("mybatis.pooled.pingQuery", "SELECT 1");
+
+ // Use UTF-8 in database
+ driverProperties.setProperty("characterEncoding", "UTF-8");
+
+ }
+
+ @Override
+ public void configure(Binder binder) {
+
+ // Bind SQLServer-specific properties
+ JdbcHelper.SQL_Server_2005_MS_Driver.configure(binder);
--- End diff --
One other comment on the jTDS driver. I'm all for using the OSS alternatives to the commercials, but it looks like development on the jTDS driver has languished a bit. The last release was sometime in 2013, while the last commit was toward the end of 2016. I'm all for supporting use of this driver via the change I made above, but I'd hesitate to make it the default, particularly when SQL Server 2016 has come out since the last jTDS release, and SQL Server 2017 (SQL Server for Linux) is just out. I can be talked out of that position, but that's my current train of thought.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138404460
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerEnvironment.java ---
@@ -0,0 +1,357 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.apache.guacamole.auth.jdbc.security.PasswordPolicy;
+
+/**
+ * A SQLServer-specific implementation of JDBCEnvironment provides database
+ * properties specifically for SQLServer.
+ */
+public class SQLServerEnvironment extends JDBCEnvironment {
+
+ /**
+ * Logger for this class.
+ */
+ private static final Logger logger = LoggerFactory.getLogger(SQLServerEnvironment.class);
+
+ /**
+ * The default host to connect to, if SQLSERVER_HOSTNAME is not specified.
+ */
+ private static final String DEFAULT_HOSTNAME = "localhost";
+
+ /**
+ * The default port to connect to, if SQLSERVER_PORT is not specified.
+ */
+ private static final int DEFAULT_PORT = 1433;
+
+ /**
+ * Whether a database user account is required by default for authentication
+ * to succeed.
+ */
+ private static final boolean DEFAULT_USER_REQUIRED = true;
+
+ /**
+ * The default value for the maximum number of connections to be
+ * allowed to the Guacamole server overall.
+ */
+ private final int DEFAULT_ABSOLUTE_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection group. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection group. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the open source JTDS driver.
+ */
+ public final static String SQLSERVER_DRIVER_JTDS = "jtds";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the DataDirect JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_DATADIRECT = "datadirect";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the older Microsoft JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_MS = "microsoft";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the Microsoft JDBC driver. This is the default.
+ */
+ public final static String SQLSERVER_DRIVER_MS_2005 = "microsoft2005";
+
+ /**
+ * Constructs a new SQLServerEnvironment, providing access to SQLServer-specific
+ * configuration options.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while setting up the underlying JDBCEnvironment
+ * or while parsing legacy SQLServer configuration options.
+ */
+ public SQLServerEnvironment() throws GuacamoleException {
+
+ // Init underlying JDBC environment
+ super();
+
+ // Read legacy concurrency-related property
+ Boolean disallowSimultaneous = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS);
+ Boolean disallowDuplicate = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS);
+
+ // Legacy "simultaneous" property dictates only the maximum number of
+ // connections per connection
+ if (disallowSimultaneous != null) {
+
+ // Translate legacy property
+ if (disallowSimultaneous) {
+ DEFAULT_MAX_CONNECTIONS = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
+
+ // Inform of new equivalent
+ logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(), disallowSimultaneous,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS.getName(), DEFAULT_MAX_CONNECTIONS,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName(), DEFAULT_MAX_GROUP_CONNECTIONS);
+
+ }
+
+ // Legacy "duplicate" property dictates whether connections and groups
+ // may be used concurrently only by different users
+ if (disallowDuplicate != null) {
+
+ // Translate legacy property
+ if (disallowDuplicate) {
+ DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS_PER_USER = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
+
+ // Inform of new equivalent
+ logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS.getName(), disallowDuplicate,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_CONNECTIONS_PER_USER,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER);
+
+ }
+
+ // Check driver property is one of the acceptable values.
+ String driver = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DRIVER);
+ if (driver != null && !(driver.equals(SQLSERVER_DRIVER_JTDS) ||
+ driver.equals(SQLSERVER_DRIVER_DATADIRECT) ||
+ driver.equals(SQLSERVER_DRIVER_MS) ||
+ driver.equals(SQLSERVER_DRIVER_MS_2005)))
+ logger.warn("{} property has been set to an invalid value. The default Microsoft 2005 driver will be used.",
+ SQLServerGuacamoleProperties.SQLSERVER_DRIVER.getName());
+
+ }
+
+ @Override
+ public boolean isUserRequired() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_USER_REQUIRED,
+ DEFAULT_USER_REQUIRED
+ );
+ }
+
+ @Override
+ public int getAbsoluteMaxConnections() throws GuacamoleException {
+ return getProperty(SQLServerGuacamoleProperties.SQLSERVER_ABSOLUTE_MAX_CONNECTIONS,
+ DEFAULT_ABSOLUTE_MAX_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxConnections() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS,
+ DEFAULT_MAX_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxGroupConnections() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS,
+ DEFAULT_MAX_GROUP_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxConnectionsPerUser() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER,
+ DEFAULT_MAX_CONNECTIONS_PER_USER
+ );
+ }
+
+ @Override
+ public int getDefaultMaxGroupConnectionsPerUser() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER,
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER
+ );
+ }
+
+ @Override
+ public PasswordPolicy getPasswordPolicy() {
+ return new SQLServerPasswordPolicy(this);
+ }
+
+ /**
+ * Returns the hostname of the SQLServer server hosting the Guacamole
+ * authentication tables. If unspecified, this will be "localhost".
+ *
+ * @return
+ * The URL of the SQLServer server.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value.
+ */
+ public String getSQLServerHostname() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_HOSTNAME,
+ DEFAULT_HOSTNAME
+ );
+ }
+
+ /**
+ * Returns the port number of the SQLServer server hosting the Guacamole
+ * authentication tables. If unspecified, this will be the default
+ * SQLServer port of 5432.
+ *
+ * @return
+ * The port number of the SQLServer server.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value.
+ */
+ public int getSQLServerPort() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_PORT,
+ DEFAULT_PORT
+ );
+ }
+
+ /**
+ * Returns the name of the SQLServer database containing the Guacamole
+ * authentication tables.
+ *
+ * @return
+ * The name of the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerDatabase() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_DATABASE);
+ }
+
+ /**
+ * Returns the username that should be used when authenticating with the
+ * SQLServer database containing the Guacamole authentication tables.
+ *
+ * @return
+ * The username for the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerUsername() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_USERNAME);
+ }
+
+ /**
+ * Returns the password that should be used when authenticating with the
+ * SQLServer database containing the Guacamole authentication tables.
+ *
+ * @return
+ * The password for the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerPassword() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_PASSWORD);
+ }
+
+ /**
+ * Returns whether or not to use the SourceForge JTDS driver for more
+ * generic JTDS connections instead of the Microsoft-provided JDBC driver.
+ *
+ * @return
+ * True if the JTDS driver should be used; false by default.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerDriver() throws GuacamoleException {
--- End diff --
Nevermind...see your comment below, will reimplement it similar to LDAP encryption property.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138399724
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerEnvironment.java ---
@@ -0,0 +1,357 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.apache.guacamole.auth.jdbc.security.PasswordPolicy;
+
+/**
+ * A SQLServer-specific implementation of JDBCEnvironment provides database
+ * properties specifically for SQLServer.
+ */
+public class SQLServerEnvironment extends JDBCEnvironment {
+
+ /**
+ * Logger for this class.
+ */
+ private static final Logger logger = LoggerFactory.getLogger(SQLServerEnvironment.class);
+
+ /**
+ * The default host to connect to, if SQLSERVER_HOSTNAME is not specified.
+ */
+ private static final String DEFAULT_HOSTNAME = "localhost";
+
+ /**
+ * The default port to connect to, if SQLSERVER_PORT is not specified.
+ */
+ private static final int DEFAULT_PORT = 1433;
+
+ /**
+ * Whether a database user account is required by default for authentication
+ * to succeed.
+ */
+ private static final boolean DEFAULT_USER_REQUIRED = true;
+
+ /**
+ * The default value for the maximum number of connections to be
+ * allowed to the Guacamole server overall.
+ */
+ private final int DEFAULT_ABSOLUTE_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection group. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection group. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the open source JTDS driver.
+ */
+ public final static String SQLSERVER_DRIVER_JTDS = "jtds";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the DataDirect JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_DATADIRECT = "datadirect";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the older Microsoft JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_MS = "microsoft";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the Microsoft JDBC driver. This is the default.
+ */
+ public final static String SQLSERVER_DRIVER_MS_2005 = "microsoft2005";
+
+ /**
+ * Constructs a new SQLServerEnvironment, providing access to SQLServer-specific
+ * configuration options.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while setting up the underlying JDBCEnvironment
+ * or while parsing legacy SQLServer configuration options.
+ */
+ public SQLServerEnvironment() throws GuacamoleException {
+
+ // Init underlying JDBC environment
+ super();
+
+ // Read legacy concurrency-related property
+ Boolean disallowSimultaneous = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS);
+ Boolean disallowDuplicate = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS);
+
+ // Legacy "simultaneous" property dictates only the maximum number of
+ // connections per connection
+ if (disallowSimultaneous != null) {
+
+ // Translate legacy property
+ if (disallowSimultaneous) {
+ DEFAULT_MAX_CONNECTIONS = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
+
+ // Inform of new equivalent
+ logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(), disallowSimultaneous,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS.getName(), DEFAULT_MAX_CONNECTIONS,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName(), DEFAULT_MAX_GROUP_CONNECTIONS);
+
+ }
+
+ // Legacy "duplicate" property dictates whether connections and groups
+ // may be used concurrently only by different users
+ if (disallowDuplicate != null) {
+
+ // Translate legacy property
+ if (disallowDuplicate) {
+ DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS_PER_USER = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
+
+ // Inform of new equivalent
+ logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS.getName(), disallowDuplicate,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_CONNECTIONS_PER_USER,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER);
+
+ }
+
+ // Check driver property is one of the acceptable values.
+ String driver = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DRIVER);
+ if (driver != null && !(driver.equals(SQLSERVER_DRIVER_JTDS) ||
+ driver.equals(SQLSERVER_DRIVER_DATADIRECT) ||
+ driver.equals(SQLSERVER_DRIVER_MS) ||
+ driver.equals(SQLSERVER_DRIVER_MS_2005)))
+ logger.warn("{} property has been set to an invalid value. The default Microsoft 2005 driver will be used.",
+ SQLServerGuacamoleProperties.SQLSERVER_DRIVER.getName());
+
+ }
+
+ @Override
+ public boolean isUserRequired() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_USER_REQUIRED,
+ DEFAULT_USER_REQUIRED
+ );
+ }
+
+ @Override
+ public int getAbsoluteMaxConnections() throws GuacamoleException {
+ return getProperty(SQLServerGuacamoleProperties.SQLSERVER_ABSOLUTE_MAX_CONNECTIONS,
+ DEFAULT_ABSOLUTE_MAX_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxConnections() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS,
+ DEFAULT_MAX_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxGroupConnections() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS,
+ DEFAULT_MAX_GROUP_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxConnectionsPerUser() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER,
+ DEFAULT_MAX_CONNECTIONS_PER_USER
+ );
+ }
+
+ @Override
+ public int getDefaultMaxGroupConnectionsPerUser() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER,
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER
+ );
+ }
+
+ @Override
+ public PasswordPolicy getPasswordPolicy() {
+ return new SQLServerPasswordPolicy(this);
+ }
+
+ /**
+ * Returns the hostname of the SQLServer server hosting the Guacamole
+ * authentication tables. If unspecified, this will be "localhost".
+ *
+ * @return
+ * The URL of the SQLServer server.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value.
+ */
+ public String getSQLServerHostname() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_HOSTNAME,
+ DEFAULT_HOSTNAME
+ );
+ }
+
+ /**
+ * Returns the port number of the SQLServer server hosting the Guacamole
+ * authentication tables. If unspecified, this will be the default
+ * SQLServer port of 5432.
+ *
+ * @return
+ * The port number of the SQLServer server.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value.
+ */
+ public int getSQLServerPort() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_PORT,
+ DEFAULT_PORT
+ );
+ }
+
+ /**
+ * Returns the name of the SQLServer database containing the Guacamole
+ * authentication tables.
+ *
+ * @return
+ * The name of the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerDatabase() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_DATABASE);
+ }
+
+ /**
+ * Returns the username that should be used when authenticating with the
+ * SQLServer database containing the Guacamole authentication tables.
+ *
+ * @return
+ * The username for the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerUsername() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_USERNAME);
+ }
+
+ /**
+ * Returns the password that should be used when authenticating with the
+ * SQLServer database containing the Guacamole authentication tables.
+ *
+ * @return
+ * The password for the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerPassword() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_PASSWORD);
+ }
+
+ /**
+ * Returns whether or not to use the SourceForge JTDS driver for more
+ * generic JTDS connections instead of the Microsoft-provided JDBC driver.
+ *
+ * @return
+ * True if the JTDS driver should be used; false by default.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerDriver() throws GuacamoleException {
--- End diff --
This may be more clear and easier to maintain if an `enum` with strict values is returned, rather than relying on external parsing of a string value.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138401329
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerEnvironment.java ---
@@ -0,0 +1,357 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.apache.guacamole.auth.jdbc.security.PasswordPolicy;
+
+/**
+ * A SQLServer-specific implementation of JDBCEnvironment provides database
+ * properties specifically for SQLServer.
+ */
+public class SQLServerEnvironment extends JDBCEnvironment {
+
+ /**
+ * Logger for this class.
+ */
+ private static final Logger logger = LoggerFactory.getLogger(SQLServerEnvironment.class);
+
+ /**
+ * The default host to connect to, if SQLSERVER_HOSTNAME is not specified.
+ */
+ private static final String DEFAULT_HOSTNAME = "localhost";
+
+ /**
+ * The default port to connect to, if SQLSERVER_PORT is not specified.
+ */
+ private static final int DEFAULT_PORT = 1433;
+
+ /**
+ * Whether a database user account is required by default for authentication
+ * to succeed.
+ */
+ private static final boolean DEFAULT_USER_REQUIRED = true;
+
+ /**
+ * The default value for the maximum number of connections to be
+ * allowed to the Guacamole server overall.
+ */
+ private final int DEFAULT_ABSOLUTE_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection group. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection group. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the open source JTDS driver.
+ */
+ public final static String SQLSERVER_DRIVER_JTDS = "jtds";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the DataDirect JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_DATADIRECT = "datadirect";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the older Microsoft JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_MS = "microsoft";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the Microsoft JDBC driver. This is the default.
+ */
+ public final static String SQLSERVER_DRIVER_MS_2005 = "microsoft2005";
+
+ /**
+ * Constructs a new SQLServerEnvironment, providing access to SQLServer-specific
+ * configuration options.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while setting up the underlying JDBCEnvironment
+ * or while parsing legacy SQLServer configuration options.
+ */
+ public SQLServerEnvironment() throws GuacamoleException {
+
+ // Init underlying JDBC environment
+ super();
+
+ // Read legacy concurrency-related property
+ Boolean disallowSimultaneous = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS);
+ Boolean disallowDuplicate = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS);
+
+ // Legacy "simultaneous" property dictates only the maximum number of
+ // connections per connection
+ if (disallowSimultaneous != null) {
+
+ // Translate legacy property
+ if (disallowSimultaneous) {
+ DEFAULT_MAX_CONNECTIONS = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
+
+ // Inform of new equivalent
+ logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(), disallowSimultaneous,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS.getName(), DEFAULT_MAX_CONNECTIONS,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName(), DEFAULT_MAX_GROUP_CONNECTIONS);
+
+ }
+
+ // Legacy "duplicate" property dictates whether connections and groups
+ // may be used concurrently only by different users
+ if (disallowDuplicate != null) {
+
+ // Translate legacy property
+ if (disallowDuplicate) {
+ DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS_PER_USER = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
+
+ // Inform of new equivalent
+ logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS.getName(), disallowDuplicate,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_CONNECTIONS_PER_USER,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER);
+
+ }
+
+ // Check driver property is one of the acceptable values.
+ String driver = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DRIVER);
+ if (driver != null && !(driver.equals(SQLSERVER_DRIVER_JTDS) ||
+ driver.equals(SQLSERVER_DRIVER_DATADIRECT) ||
+ driver.equals(SQLSERVER_DRIVER_MS) ||
+ driver.equals(SQLSERVER_DRIVER_MS_2005)))
+ logger.warn("{} property has been set to an invalid value. The default Microsoft 2005 driver will be used.",
+ SQLServerGuacamoleProperties.SQLSERVER_DRIVER.getName());
+
+ }
+
+ @Override
+ public boolean isUserRequired() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_USER_REQUIRED,
+ DEFAULT_USER_REQUIRED
+ );
+ }
+
+ @Override
+ public int getAbsoluteMaxConnections() throws GuacamoleException {
+ return getProperty(SQLServerGuacamoleProperties.SQLSERVER_ABSOLUTE_MAX_CONNECTIONS,
+ DEFAULT_ABSOLUTE_MAX_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxConnections() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS,
+ DEFAULT_MAX_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxGroupConnections() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS,
+ DEFAULT_MAX_GROUP_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxConnectionsPerUser() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER,
+ DEFAULT_MAX_CONNECTIONS_PER_USER
+ );
+ }
+
+ @Override
+ public int getDefaultMaxGroupConnectionsPerUser() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER,
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER
+ );
+ }
+
+ @Override
+ public PasswordPolicy getPasswordPolicy() {
+ return new SQLServerPasswordPolicy(this);
+ }
+
+ /**
+ * Returns the hostname of the SQLServer server hosting the Guacamole
+ * authentication tables. If unspecified, this will be "localhost".
+ *
+ * @return
+ * The URL of the SQLServer server.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value.
+ */
+ public String getSQLServerHostname() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_HOSTNAME,
+ DEFAULT_HOSTNAME
+ );
+ }
+
+ /**
+ * Returns the port number of the SQLServer server hosting the Guacamole
+ * authentication tables. If unspecified, this will be the default
+ * SQLServer port of 5432.
+ *
+ * @return
+ * The port number of the SQLServer server.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value.
+ */
+ public int getSQLServerPort() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_PORT,
+ DEFAULT_PORT
+ );
+ }
+
+ /**
+ * Returns the name of the SQLServer database containing the Guacamole
+ * authentication tables.
+ *
+ * @return
+ * The name of the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerDatabase() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_DATABASE);
+ }
+
+ /**
+ * Returns the username that should be used when authenticating with the
+ * SQLServer database containing the Guacamole authentication tables.
+ *
+ * @return
+ * The username for the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerUsername() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_USERNAME);
+ }
+
+ /**
+ * Returns the password that should be used when authenticating with the
+ * SQLServer database containing the Guacamole authentication tables.
+ *
+ * @return
+ * The password for the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerPassword() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_PASSWORD);
+ }
+
+ /**
+ * Returns whether or not to use the SourceForge JTDS driver for more
+ * generic JTDS connections instead of the Microsoft-provided JDBC driver.
+ *
+ * @return
+ * True if the JTDS driver should be used; false by default.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerDriver() throws GuacamoleException {
--- End diff --
What's the best way to do this as a property? Stick with a string property and then translate to an enum, or implement a new property type?
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r135949471
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerAuthenticationProviderModule.java ---
@@ -0,0 +1,91 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import com.google.inject.Binder;
+import com.google.inject.Module;
+import com.google.inject.name.Names;
+import java.util.Properties;
+import org.apache.guacamole.GuacamoleException;
+import org.mybatis.guice.datasource.helper.JdbcHelper;
+
+/**
+ * Guice module which configures SQLServer-specific injections.
+ */
+public class SQLServerAuthenticationProviderModule implements Module {
+
+ /**
+ * MyBatis-specific configuration properties.
+ */
+ private final Properties myBatisProperties = new Properties();
+
+ /**
+ * SQLServer-specific driver configuration properties.
+ */
+ private final Properties driverProperties = new Properties();
+
+ /**
+ * Creates a new SQLServer authentication provider module that configures
+ * driver and MyBatis properties using the given environment.
+ *
+ * @param environment
+ * The environment to use when configuring MyBatis and the underlying
+ * JDBC driver.
+ *
+ * @throws GuacamoleException
+ * If a required property is missing, or an error occurs while parsing
+ * a property.
+ */
+ public SQLServerAuthenticationProviderModule(SQLServerEnvironment environment)
+ throws GuacamoleException {
+
+ // Set the SQLServer-specific properties for MyBatis.
+ myBatisProperties.setProperty("mybatis.environment.id", "guacamole");
+ myBatisProperties.setProperty("JDBC.host", environment.getSQLServerHostname());
+ myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getSQLServerPort()));
+ myBatisProperties.setProperty("JDBC.schema", environment.getSQLServerDatabase());
+ myBatisProperties.setProperty("JDBC.username", environment.getSQLServerUsername());
+ myBatisProperties.setProperty("JDBC.password", environment.getSQLServerPassword());
+ myBatisProperties.setProperty("JDBC.autoCommit", "false");
+ myBatisProperties.setProperty("mybatis.pooled.pingEnabled", "true");
+ myBatisProperties.setProperty("mybatis.pooled.pingQuery", "SELECT 1");
+
+ // Use UTF-8 in database
+ driverProperties.setProperty("characterEncoding", "UTF-8");
+
+ }
+
+ @Override
+ public void configure(Binder binder) {
+
+ // Bind SQLServer-specific properties
+ JdbcHelper.SQL_Server_2005_MS_Driver.configure(binder);
--- End diff --
I'll have to give the SQL_Server_jTDS driver a try - I didn't even try that one. I tried the SQL_Server_MS_Driver (sans 2005), and it had something silly like the order of the class name was slightly different (com.microsoft.sqlserver.jdbc vs. com.microsoft.jdbc.sqlserver). I'll try the jTDS one and see what happens. I'm using Microsoft's JAR file, so not sure if the jTDS one will require that, some other JAR file, or is all built in?? I'll find out, I guess.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138412295
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerEnvironment.java ---
@@ -0,0 +1,357 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.apache.guacamole.auth.jdbc.security.PasswordPolicy;
+
+/**
+ * A SQLServer-specific implementation of JDBCEnvironment provides database
+ * properties specifically for SQLServer.
+ */
+public class SQLServerEnvironment extends JDBCEnvironment {
+
+ /**
+ * Logger for this class.
+ */
+ private static final Logger logger = LoggerFactory.getLogger(SQLServerEnvironment.class);
+
+ /**
+ * The default host to connect to, if SQLSERVER_HOSTNAME is not specified.
+ */
+ private static final String DEFAULT_HOSTNAME = "localhost";
+
+ /**
+ * The default port to connect to, if SQLSERVER_PORT is not specified.
+ */
+ private static final int DEFAULT_PORT = 1433;
+
+ /**
+ * Whether a database user account is required by default for authentication
+ * to succeed.
+ */
+ private static final boolean DEFAULT_USER_REQUIRED = true;
+
+ /**
+ * The default value for the maximum number of connections to be
+ * allowed to the Guacamole server overall.
+ */
+ private final int DEFAULT_ABSOLUTE_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection group. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection group. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the open source JTDS driver.
+ */
+ public final static String SQLSERVER_DRIVER_JTDS = "jtds";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the DataDirect JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_DATADIRECT = "datadirect";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the older Microsoft JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_MS = "microsoft";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the Microsoft JDBC driver. This is the default.
+ */
+ public final static String SQLSERVER_DRIVER_MS_2005 = "microsoft2005";
+
+ /**
+ * Constructs a new SQLServerEnvironment, providing access to SQLServer-specific
+ * configuration options.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while setting up the underlying JDBCEnvironment
+ * or while parsing legacy SQLServer configuration options.
+ */
+ public SQLServerEnvironment() throws GuacamoleException {
+
+ // Init underlying JDBC environment
+ super();
+
+ // Read legacy concurrency-related property
+ Boolean disallowSimultaneous = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS);
+ Boolean disallowDuplicate = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS);
+
+ // Legacy "simultaneous" property dictates only the maximum number of
+ // connections per connection
+ if (disallowSimultaneous != null) {
+
+ // Translate legacy property
+ if (disallowSimultaneous) {
+ DEFAULT_MAX_CONNECTIONS = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
--- End diff --
Believe I got all this cleaned out.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138412233
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerEnvironment.java ---
@@ -0,0 +1,357 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.apache.guacamole.auth.jdbc.security.PasswordPolicy;
+
+/**
+ * A SQLServer-specific implementation of JDBCEnvironment provides database
+ * properties specifically for SQLServer.
+ */
+public class SQLServerEnvironment extends JDBCEnvironment {
+
+ /**
+ * Logger for this class.
+ */
+ private static final Logger logger = LoggerFactory.getLogger(SQLServerEnvironment.class);
+
+ /**
+ * The default host to connect to, if SQLSERVER_HOSTNAME is not specified.
+ */
+ private static final String DEFAULT_HOSTNAME = "localhost";
+
+ /**
+ * The default port to connect to, if SQLSERVER_PORT is not specified.
+ */
+ private static final int DEFAULT_PORT = 1433;
+
+ /**
+ * Whether a database user account is required by default for authentication
+ * to succeed.
+ */
+ private static final boolean DEFAULT_USER_REQUIRED = true;
+
+ /**
+ * The default value for the maximum number of connections to be
+ * allowed to the Guacamole server overall.
+ */
+ private final int DEFAULT_ABSOLUTE_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection group. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection group. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the open source JTDS driver.
+ */
+ public final static String SQLSERVER_DRIVER_JTDS = "jtds";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the DataDirect JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_DATADIRECT = "datadirect";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the older Microsoft JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_MS = "microsoft";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the Microsoft JDBC driver. This is the default.
+ */
+ public final static String SQLSERVER_DRIVER_MS_2005 = "microsoft2005";
+
+ /**
+ * Constructs a new SQLServerEnvironment, providing access to SQLServer-specific
+ * configuration options.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while setting up the underlying JDBCEnvironment
+ * or while parsing legacy SQLServer configuration options.
+ */
+ public SQLServerEnvironment() throws GuacamoleException {
+
+ // Init underlying JDBC environment
+ super();
+
+ // Read legacy concurrency-related property
+ Boolean disallowSimultaneous = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS);
+ Boolean disallowDuplicate = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS);
+
+ // Legacy "simultaneous" property dictates only the maximum number of
+ // connections per connection
+ if (disallowSimultaneous != null) {
+
+ // Translate legacy property
+ if (disallowSimultaneous) {
+ DEFAULT_MAX_CONNECTIONS = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
+
+ // Inform of new equivalent
+ logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(), disallowSimultaneous,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS.getName(), DEFAULT_MAX_CONNECTIONS,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName(), DEFAULT_MAX_GROUP_CONNECTIONS);
+
+ }
+
+ // Legacy "duplicate" property dictates whether connections and groups
+ // may be used concurrently only by different users
+ if (disallowDuplicate != null) {
+
+ // Translate legacy property
+ if (disallowDuplicate) {
+ DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS_PER_USER = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
+
+ // Inform of new equivalent
+ logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS.getName(), disallowDuplicate,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_CONNECTIONS_PER_USER,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER);
+
+ }
+
+ // Check driver property is one of the acceptable values.
+ String driver = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DRIVER);
+ if (driver != null && !(driver.equals(SQLSERVER_DRIVER_JTDS) ||
+ driver.equals(SQLSERVER_DRIVER_DATADIRECT) ||
+ driver.equals(SQLSERVER_DRIVER_MS) ||
+ driver.equals(SQLSERVER_DRIVER_MS_2005)))
+ logger.warn("{} property has been set to an invalid value. The default Microsoft 2005 driver will be used.",
--- End diff --
Implemented.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r141333288
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/schema/001-create-schema.sql ---
@@ -0,0 +1,558 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * List for permission data type.
+ */
+CREATE RULE [guacamole_permission_list]
--- End diff --
Negative...I assumed that, when I exported the database using SQL Server Management Studio, it would generate the commands to bind these two things together. Silly me.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r137642941
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerAuthenticationProviderModule.java ---
@@ -0,0 +1,102 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import com.google.inject.Binder;
+import com.google.inject.Module;
+import com.google.inject.name.Names;
+import java.util.Properties;
+import org.apache.guacamole.GuacamoleException;
+import org.mybatis.guice.datasource.helper.JdbcHelper;
+
+/**
+ * Guice module which configures SQLServer-specific injections.
+ */
+public class SQLServerAuthenticationProviderModule implements Module {
+
+ /**
+ * MyBatis-specific configuration properties.
+ */
+ private final Properties myBatisProperties = new Properties();
+
+ /**
+ * SQLServer-specific driver configuration properties.
+ */
+ private final Properties driverProperties = new Properties();
+
+ /**
+ * Whether or not to use JTDS Driver
+ */
+ private Boolean useJTDSDriver = false;
+
+ /**
+ * Creates a new SQLServer authentication provider module that configures
+ * driver and MyBatis properties using the given environment.
+ *
+ * @param environment
+ * The environment to use when configuring MyBatis and the underlying
+ * JDBC driver.
+ *
+ * @throws GuacamoleException
+ * If a required property is missing, or an error occurs while parsing
+ * a property.
+ */
+ public SQLServerAuthenticationProviderModule(SQLServerEnvironment environment)
+ throws GuacamoleException {
+
+ // Set the SQLServer-specific properties for MyBatis.
+ myBatisProperties.setProperty("mybatis.environment.id", "guacamole");
+ myBatisProperties.setProperty("JDBC.host", environment.getSQLServerHostname());
+ myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getSQLServerPort()));
+ myBatisProperties.setProperty("JDBC.schema", environment.getSQLServerDatabase());
+ myBatisProperties.setProperty("JDBC.username", environment.getSQLServerUsername());
+ myBatisProperties.setProperty("JDBC.password", environment.getSQLServerPassword());
+ myBatisProperties.setProperty("JDBC.autoCommit", "false");
+ myBatisProperties.setProperty("mybatis.pooled.pingEnabled", "true");
+ myBatisProperties.setProperty("mybatis.pooled.pingQuery", "SELECT 1");
+
+ // Use UTF-8 in database
+ driverProperties.setProperty("characterEncoding", "UTF-8");
+
+ // Capture whether or not to use the JTDS driver.
+ this.useJTDSDriver = environment.getSQLServerJTDSDriver();
--- End diff --
Okay, pushed commit that updates this property to be a string property and look for those values, and use the MS 2005 driver by default.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r141252815
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/schema/001-create-schema.sql ---
@@ -0,0 +1,558 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * List for permission data type.
+ */
+CREATE RULE [guacamole_permission_list]
--- End diff --
I don't see `guacamole_permission_list` anywhere else in this script. Does SQL Server somehow magically tie this to the `guacamole_permission` type?
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r141345274
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/schema/001-create-schema.sql ---
@@ -0,0 +1,558 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * List for permission data type.
+ */
+CREATE RULE [guacamole_permission_list]
--- End diff --
Should be fixed.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r141254109
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerAuthenticationProviderModule.java ---
@@ -0,0 +1,116 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import com.google.inject.Binder;
+import com.google.inject.Module;
+import com.google.inject.name.Names;
+import java.util.Properties;
+import org.apache.guacamole.GuacamoleException;
+import org.mybatis.guice.datasource.helper.JdbcHelper;
+
+/**
+ * Guice module which configures SQLServer-specific injections.
+ */
+public class SQLServerAuthenticationProviderModule implements Module {
+
+ /**
+ * MyBatis-specific configuration properties.
+ */
+ private final Properties myBatisProperties = new Properties();
+
+ /**
+ * SQLServer-specific driver configuration properties.
+ */
+ private final Properties driverProperties = new Properties();
+
+ /**
+ * Which SQL Server driver should be used.
+ */
+ private SQLServerDriver sqlServerDriver;
+
+ /**
+ * Creates a new SQLServer authentication provider module that configures
+ * driver and MyBatis properties using the given environment.
+ *
+ * @param environment
+ * The environment to use when configuring MyBatis and the underlying
+ * JDBC driver.
+ *
+ * @throws GuacamoleException
+ * If a required property is missing, or an error occurs while parsing
+ * a property.
+ */
+ public SQLServerAuthenticationProviderModule(SQLServerEnvironment environment)
+ throws GuacamoleException {
+
+ // Set the SQLServer-specific properties for MyBatis.
+ myBatisProperties.setProperty("mybatis.environment.id", "guacamole");
+ myBatisProperties.setProperty("JDBC.host", environment.getSQLServerHostname());
+ myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getSQLServerPort()));
+ myBatisProperties.setProperty("JDBC.schema", environment.getSQLServerDatabase());
+ myBatisProperties.setProperty("JDBC.username", environment.getSQLServerUsername());
+ myBatisProperties.setProperty("JDBC.password", environment.getSQLServerPassword());
+ myBatisProperties.setProperty("JDBC.autoCommit", "false");
+ myBatisProperties.setProperty("mybatis.pooled.pingEnabled", "true");
+ myBatisProperties.setProperty("mybatis.pooled.pingQuery", "SELECT 1");
+
+ // Use UTF-8 in database
+ driverProperties.setProperty("characterEncoding", "UTF-8");
+
+ // Capture which driver to use for the connection.
+ this.sqlServerDriver = environment.getSQLServerDriver();
+
+ }
+
+ @Override
+ public void configure(Binder binder) {
+
+ // Bind SQLServer-specific properties with the configured driver.
+ switch(sqlServerDriver) {
+ case JTDS:
+ JdbcHelper.SQL_Server_jTDS.configure(binder);
+ break;
+
+ case DATA_DIRECT:
+ JdbcHelper.SQL_Server_DataDirect.configure(binder);
+ break;
+
+ case MICROSOFT_LEGACY:
+ JdbcHelper.SQL_Server_MS_Driver.configure(binder);
+ break;
+
+ case MICROSOFT_2005:
+ default:
--- End diff --
Since the `default` case will only match if we add a new SQL Server driver type without actually implementing that type, silently failing over to the 2005 driver is dangerous behavior. I would recommend either:
1. Bailing out with a hard and unmistakable [`UnsupportedOperationException`](https://docs.oracle.com/javase/7/docs/api/java/lang/UnsupportedOperationException.html).
2. Documenting for humans and compilers that this condition is expected to be impossible through an `assert(false)`.
Example of the above:
https://github.com/apache/incubator-guacamole-client/blob/1c0ee41d0ecd5bc4a3550804b74b73b901e074c2/guacamole/src/main/java/org/apache/guacamole/tunnel/TunnelRequestService.java#L184-L186
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r137605801
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerAuthenticationProviderModule.java ---
@@ -0,0 +1,102 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import com.google.inject.Binder;
+import com.google.inject.Module;
+import com.google.inject.name.Names;
+import java.util.Properties;
+import org.apache.guacamole.GuacamoleException;
+import org.mybatis.guice.datasource.helper.JdbcHelper;
+
+/**
+ * Guice module which configures SQLServer-specific injections.
+ */
+public class SQLServerAuthenticationProviderModule implements Module {
+
+ /**
+ * MyBatis-specific configuration properties.
+ */
+ private final Properties myBatisProperties = new Properties();
+
+ /**
+ * SQLServer-specific driver configuration properties.
+ */
+ private final Properties driverProperties = new Properties();
+
+ /**
+ * Whether or not to use JTDS Driver
+ */
+ private Boolean useJTDSDriver = false;
+
+ /**
+ * Creates a new SQLServer authentication provider module that configures
+ * driver and MyBatis properties using the given environment.
+ *
+ * @param environment
+ * The environment to use when configuring MyBatis and the underlying
+ * JDBC driver.
+ *
+ * @throws GuacamoleException
+ * If a required property is missing, or an error occurs while parsing
+ * a property.
+ */
+ public SQLServerAuthenticationProviderModule(SQLServerEnvironment environment)
+ throws GuacamoleException {
+
+ // Set the SQLServer-specific properties for MyBatis.
+ myBatisProperties.setProperty("mybatis.environment.id", "guacamole");
+ myBatisProperties.setProperty("JDBC.host", environment.getSQLServerHostname());
+ myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getSQLServerPort()));
+ myBatisProperties.setProperty("JDBC.schema", environment.getSQLServerDatabase());
+ myBatisProperties.setProperty("JDBC.username", environment.getSQLServerUsername());
+ myBatisProperties.setProperty("JDBC.password", environment.getSQLServerPassword());
+ myBatisProperties.setProperty("JDBC.autoCommit", "false");
+ myBatisProperties.setProperty("mybatis.pooled.pingEnabled", "true");
+ myBatisProperties.setProperty("mybatis.pooled.pingQuery", "SELECT 1");
+
+ // Use UTF-8 in database
+ driverProperties.setProperty("characterEncoding", "UTF-8");
+
+ // Capture whether or not to use the JTDS driver.
+ this.useJTDSDriver = environment.getSQLServerJTDSDriver();
--- End diff --
No reason, no...I can add them all.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r141252622
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/schema/001-create-schema.sql ---
@@ -0,0 +1,558 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * List for permission data type.
+ */
+CREATE RULE [guacamole_permission_list]
+ AS
+ @list IN ('READ','UPDATE','DELETE','ADMINISTER');
+GO;
+
+/**
+ * List for system permission data type.
+ */
+CREATE RULE [guacamole_system_permission_list]
+ AS
+ @list IN ('CREATE_CONNECTION',
+ 'CREATE_CONNECTION_GROUP',
+ 'CREATE_SHARING_PROFILE',
+ 'CREATE_USER',
+ 'ADMINISTER');
+GO;
+
+/**
+ * The permission data type.
+ */
+CREATE TYPE [guacamole_permission] FROM [nvarchar](10) NOT NULL;
+
+/**
+ * The system permission data type.
+ */
+CREATE TYPE [guacamole_system_permission] FROM [nvarchar](32) NOT NULL;
+GO;
+
+/**
+ * The connection_group table stores organizational and balancing groups.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_connection_group](
+ [connection_group_id] [int] IDENTITY(1,1) NOT NULL,
+ [parent_id] [int] NULL,
+ [connection_group_name] [nvarchar](128) NOT NULL,
+ [type] [nvarchar](32) NOT NULL,
+ [max_connections] [int] NULL,
+ [max_connections_per_user] [int] NULL,
+ [enable_session_affinity] [bit] NOT NULL,
+
+ CONSTRAINT [PK_guacmaole_connection_group] PRIMARY KEY CLUSTERED
+ ([connection_group_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+/**
+ * Foreign keys for connection_group table.
+ */
+ALTER TABLE [guacamole_connection_group]
+ WITH CHECK ADD CONSTRAINT [FK_guacamole_connection_group_connection_group_id] FOREIGN KEY([parent_id])
+ REFERENCES [guacamole_connection_group] ([connection_group_id]);
+ALTER TABLE [guacamole_connection_group]
+ CHECK CONSTRAINT [FK_guacamole_connection_group_connection_group_id];
+ALTER TABLE [guacamole_connection_group]
+ WITH CHECK ADD CONSTRAINT [CK_guacamole_connection_group_type]
+ CHECK (([type]='BALANCING' OR [type]='ORGANIZATIONAL'));
+ALTER TABLE [guacamole_connection_group]
+ CHECK CONSTRAINT [CK_guacamole_connection_group_type];
+
+/**
+ * Default values for connection_group table.
+ */
+ALTER TABLE [guacamole_connection_group]
+ ADD CONSTRAINT [DF_guacamole_connection_group_type] DEFAULT (N'ORGANIZATIONAL') FOR [type];
+ALTER TABLE [guacamole_connection_group]
+ ADD CONSTRAINT [DF_guacamole_connection_group_enable_session_affinity] DEFAULT ((0)) FOR [enable_session_affinity];
+GO;
+
+/**
+ * The connection table, for storing connections and attributes.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_connection](
+ [connection_id] [int] IDENTITY(1,1) NOT NULL,
+ [connection_name] [nvarchar](128) NOT NULL,
+ [parent_id] [int] NULL,
+ [protocol] [nvarchar](32) NOT NULL,
+ [proxy_port] [int] NULL,
+ [proxy_hostname] [nvarchar](512) NULL,
+ [proxy_encryption_method] [nvarchar](4) NULL,
+ [max_connections] [int] NULL,
+ [max_connections_per_user] [int] NULL,
+ [connection_weight] [int] NULL,
+ [failover_only] [bit] NOT NULL,
+
+ CONSTRAINT [PK_guacamole_connection] PRIMARY KEY CLUSTERED
+ ([connection_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+ALTER TABLE [guacamole_connection]
+ WITH CHECK ADD CONSTRAINT [FK_guacamole_connection_connection_group] FOREIGN KEY([parent_id])
+ REFERENCES [guacamole_connection_group] ([connection_group_id]);
+ALTER TABLE [guacamole_connection]
+ CHECK CONSTRAINT [FK_guacamole_connection_connection_group];
+ALTER TABLE [guacamole_connection]
+ WITH CHECK ADD CONSTRAINT [CK_proxy_encryption_method]
+ CHECK (([proxy_encryption_method]='SSL' OR [proxy_encryption_method]='NONE'));
+ALTER TABLE [guacamole_connection]
+ CHECK CONSTRAINT [CK_proxy_encryption_method];
+ALTER TABLE [guacamole_connection]
+ ADD CONSTRAINT [DF_guacamole_connection_failover_only] DEFAULT ((0)) FOR [failover_only];
+GO;
+
+/**
+ * The user table stores user accounts, passwords, and properties.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_user](
+ [user_id] [int] IDENTITY(1,1) NOT NULL,
+ [username] [nvarchar](128) NOT NULL,
+ [password_hash] [binary](32) NOT NULL,
+ [password_salt] [binary](32) NULL,
+ [password_date] [datetime] NOT NULL,
+ [disabled] [bit] NOT NULL,
+ [expired] [bit] NOT NULL,
+ [access_window_start] [time](7) NULL,
+ [access_window_end] [time](7) NULL,
+ [valid_from] [date] NULL,
+ [valid_until] [date] NULL,
+ [timezone] [nvarchar](64) NULL,
+ [full_name] [nvarchar](256) NULL,
+ [email_address] [nvarchar](256) NULL,
+ [organization] [nvarchar](256) NULL,
+ [organizational_role] [nvarchar](256) NULL,
+
+ CONSTRAINT [PK_guacamole_user] PRIMARY KEY CLUSTERED
+ ([user_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+/**
+ * Defaults for user table
+ */
+ALTER TABLE [guacamole_user]
+ ADD CONSTRAINT [DF_guacamole_user_disabled] DEFAULT ((0)) FOR [disabled];
+ALTER TABLE [guacamole_user]
+ ADD CONSTRAINT [DF_guacamole_user_expired] DEFAULT ((0)) FOR [expired];
+GO;
+
+/**
+ * The sharing_profile table stores profiles that allow
+ * connections to be shared amongst multiple users.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_sharing_profile](
+ [sharing_profile_id] [int] IDENTITY(1,1) NOT NULL,
+ [sharing_profile_name] [nvarchar](128) NOT NULL,
+ [primary_connection_id] [int] NOT NULL,
+
+ CONSTRAINT [PK_guacamole_sharing_profile] PRIMARY KEY CLUSTERED
+ ([sharing_profile_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+/**
+ * Foreign keys for sharing_profile table.
+ */
+ALTER TABLE [guacamole_sharing_profile]
+ WITH CHECK ADD CONSTRAINT [FK_guacamole_sharing_profile_connection] FOREIGN KEY([primary_connection_id])
+ REFERENCES [guacamole_connection] ([connection_id])
+ ON UPDATE CASCADE
+ ON DELETE CASCADE;
+ALTER TABLE [guacamole_sharing_profile]
+ CHECK CONSTRAINT [FK_guacamole_sharing_profile_connection];
+GO;
+
+/**
+ * The connection_parameter table stores parameters for
+ * connection objects.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_connection_parameter](
+ [connection_id] [int] NOT NULL,
+ [parameter_name] [nvarchar](128) NOT NULL,
+ [parameter_value] [nvarchar](max) NOT NULL,
--- End diff --
I'm still concerned about the use of `max` here, as the documentation states that this is equivalent to a maximum storage size of 2 GB, not the intended 4 KB.
If the intent is to have a `[nvarchar](4000)`, why not use `[nvarchar](4000)`?
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138397875
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/schema/001-create-schema.sql ---
@@ -0,0 +1,558 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * List for permission data type.
+ */
+CREATE RULE [guacamole_permission_list]
+ AS
+ @list IN ('READ','UPDATE','DELETE','ADMINISTER');
+GO;
+
+/**
+ * List for system permission data type.
+ */
+CREATE RULE [guacamole_system_permission_list]
+ AS
+ @list IN ('CREATE_CONNECTION',
+ 'CREATE_CONNECTION_GROUP',
+ 'CREATE_SHARING_PROFILE',
+ 'CREATE_USER',
+ 'ADMINISTER');
+GO;
+
+/**
+ * The permission data type.
+ */
+CREATE TYPE [guacamole_permission] FROM [nvarchar](10) NOT NULL;
+
+/**
+ * The system permission data type.
+ */
+CREATE TYPE [guacamole_system_permission] FROM [nvarchar](32) NOT NULL;
+GO;
+
+/**
+ * The connection_group table stores organizational and balancing groups.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_connection_group](
+ [connection_group_id] [int] IDENTITY(1,1) NOT NULL,
+ [parent_id] [int] NULL,
+ [connection_group_name] [nvarchar](128) NOT NULL,
+ [type] [nvarchar](32) NOT NULL,
+ [max_connections] [int] NULL,
+ [max_connections_per_user] [int] NULL,
+ [enable_session_affinity] [bit] NOT NULL,
+
+ CONSTRAINT [PK_guacmaole_connection_group] PRIMARY KEY CLUSTERED
+ ([connection_group_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+/**
+ * Foreign keys for connection_group table.
+ */
+ALTER TABLE [guacamole_connection_group]
+ WITH CHECK ADD CONSTRAINT [FK_guacamole_connection_group_connection_group_id] FOREIGN KEY([parent_id])
+ REFERENCES [guacamole_connection_group] ([connection_group_id]);
+ALTER TABLE [guacamole_connection_group]
+ CHECK CONSTRAINT [FK_guacamole_connection_group_connection_group_id];
+ALTER TABLE [guacamole_connection_group]
+ WITH CHECK ADD CONSTRAINT [CK_guacamole_connection_group_type]
+ CHECK (([type]='BALANCING' OR [type]='ORGANIZATIONAL'));
+ALTER TABLE [guacamole_connection_group]
+ CHECK CONSTRAINT [CK_guacamole_connection_group_type];
+
+/**
+ * Default values for connection_group table.
+ */
+ALTER TABLE [guacamole_connection_group]
+ ADD CONSTRAINT [DF_guacamole_connection_group_type] DEFAULT (N'ORGANIZATIONAL') FOR [type];
+ALTER TABLE [guacamole_connection_group]
+ ADD CONSTRAINT [DF_guacamole_connection_group_enable_session_affinity] DEFAULT ((0)) FOR [enable_session_affinity];
+GO;
+
+/**
+ * The connection table, for storing connections and attributes.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_connection](
+ [connection_id] [int] IDENTITY(1,1) NOT NULL,
+ [connection_name] [nvarchar](128) NOT NULL,
+ [parent_id] [int] NULL,
+ [protocol] [nvarchar](32) NOT NULL,
+ [proxy_port] [int] NULL,
+ [proxy_hostname] [nvarchar](512) NULL,
+ [proxy_encryption_method] [nvarchar](4) NULL,
+ [max_connections] [int] NULL,
+ [max_connections_per_user] [int] NULL,
+ [connection_weight] [int] NULL,
+ [failover_only] [bit] NOT NULL,
+
+ CONSTRAINT [PK_guacamole_connection] PRIMARY KEY CLUSTERED
+ ([connection_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+ALTER TABLE [guacamole_connection]
+ WITH CHECK ADD CONSTRAINT [FK_guacamole_connection_connection_group] FOREIGN KEY([parent_id])
+ REFERENCES [guacamole_connection_group] ([connection_group_id]);
+ALTER TABLE [guacamole_connection]
+ CHECK CONSTRAINT [FK_guacamole_connection_connection_group];
+ALTER TABLE [guacamole_connection]
+ WITH CHECK ADD CONSTRAINT [CK_proxy_encryption_method]
+ CHECK (([proxy_encryption_method]='SSL' OR [proxy_encryption_method]='NONE'));
+ALTER TABLE [guacamole_connection]
+ CHECK CONSTRAINT [CK_proxy_encryption_method];
+ALTER TABLE [guacamole_connection]
+ ADD CONSTRAINT [DF_guacamole_connection_failover_only] DEFAULT ((0)) FOR [failover_only];
+GO;
+
+/**
+ * The user table stores user accounts, passwords, and properties.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_user](
+ [user_id] [int] IDENTITY(1,1) NOT NULL,
+ [username] [nvarchar](128) NOT NULL,
+ [password_hash] [binary](32) NOT NULL,
+ [password_salt] [binary](32) NULL,
+ [password_date] [datetime] NOT NULL,
+ [disabled] [bit] NOT NULL,
+ [expired] [bit] NOT NULL,
+ [access_window_start] [time](7) NULL,
+ [access_window_end] [time](7) NULL,
+ [valid_from] [date] NULL,
+ [valid_until] [date] NULL,
+ [timezone] [nvarchar](64) NULL,
+ [full_name] [nvarchar](256) NULL,
+ [email_address] [nvarchar](256) NULL,
+ [organization] [nvarchar](256) NULL,
+ [organizational_role] [nvarchar](256) NULL,
+
+ CONSTRAINT [PK_guacamole_user] PRIMARY KEY CLUSTERED
+ ([user_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+/**
+ * Defaults for user table
+ */
+ALTER TABLE [guacamole_user]
+ ADD CONSTRAINT [DF_guacamole_user_disabled] DEFAULT ((0)) FOR [disabled];
+ALTER TABLE [guacamole_user]
+ ADD CONSTRAINT [DF_guacamole_user_expired] DEFAULT ((0)) FOR [expired];
+GO;
+
+/**
+ * The sharing_profile table stores profiles that allow
+ * connections to be shared amongst multiple users.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_sharing_profile](
+ [sharing_profile_id] [int] IDENTITY(1,1) NOT NULL,
+ [sharing_profile_name] [nvarchar](128) NOT NULL,
+ [primary_connection_id] [int] NOT NULL,
+
+ CONSTRAINT [PK_guacamole_sharing_profile] PRIMARY KEY CLUSTERED
+ ([sharing_profile_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+/**
+ * Foreign keys for sharing_profile table.
+ */
+ALTER TABLE [guacamole_sharing_profile]
+ WITH CHECK ADD CONSTRAINT [FK_guacamole_sharing_profile_connection] FOREIGN KEY([primary_connection_id])
+ REFERENCES [guacamole_connection] ([connection_id])
+ ON UPDATE CASCADE
+ ON DELETE CASCADE;
+ALTER TABLE [guacamole_sharing_profile]
+ CHECK CONSTRAINT [FK_guacamole_sharing_profile_connection];
+GO;
+
+/**
+ * The connection_parameter table stores parameters for
+ * connection objects.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_connection_parameter](
+ [connection_id] [int] NOT NULL,
+ [parameter_name] [nvarchar](128) NOT NULL,
+ [parameter_value] [nvarchar](max) NOT NULL,
--- End diff --
Why `max`?
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138412825
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/schema/001-create-schema.sql ---
@@ -0,0 +1,558 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * List for permission data type.
+ */
+CREATE RULE [guacamole_permission_list]
+ AS
+ @list IN ('READ','UPDATE','DELETE','ADMINISTER');
+GO;
+
+/**
+ * List for system permission data type.
+ */
+CREATE RULE [guacamole_system_permission_list]
+ AS
+ @list IN ('CREATE_CONNECTION',
+ 'CREATE_CONNECTION_GROUP',
+ 'CREATE_SHARING_PROFILE',
+ 'CREATE_USER',
+ 'ADMINISTER');
+GO;
+
+/**
+ * The permission data type.
+ */
+CREATE TYPE [guacamole_permission] FROM [nvarchar](10) NOT NULL;
+
+/**
+ * The system permission data type.
+ */
+CREATE TYPE [guacamole_system_permission] FROM [nvarchar](32) NOT NULL;
+GO;
+
+/**
+ * The connection_group table stores organizational and balancing groups.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_connection_group](
+ [connection_group_id] [int] IDENTITY(1,1) NOT NULL,
+ [parent_id] [int] NULL,
+ [connection_group_name] [nvarchar](128) NOT NULL,
+ [type] [nvarchar](32) NOT NULL,
+ [max_connections] [int] NULL,
+ [max_connections_per_user] [int] NULL,
+ [enable_session_affinity] [bit] NOT NULL,
+
+ CONSTRAINT [PK_guacmaole_connection_group] PRIMARY KEY CLUSTERED
+ ([connection_group_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+/**
+ * Foreign keys for connection_group table.
+ */
+ALTER TABLE [guacamole_connection_group]
+ WITH CHECK ADD CONSTRAINT [FK_guacamole_connection_group_connection_group_id] FOREIGN KEY([parent_id])
+ REFERENCES [guacamole_connection_group] ([connection_group_id]);
+ALTER TABLE [guacamole_connection_group]
+ CHECK CONSTRAINT [FK_guacamole_connection_group_connection_group_id];
+ALTER TABLE [guacamole_connection_group]
+ WITH CHECK ADD CONSTRAINT [CK_guacamole_connection_group_type]
+ CHECK (([type]='BALANCING' OR [type]='ORGANIZATIONAL'));
+ALTER TABLE [guacamole_connection_group]
+ CHECK CONSTRAINT [CK_guacamole_connection_group_type];
+
+/**
+ * Default values for connection_group table.
+ */
+ALTER TABLE [guacamole_connection_group]
+ ADD CONSTRAINT [DF_guacamole_connection_group_type] DEFAULT (N'ORGANIZATIONAL') FOR [type];
+ALTER TABLE [guacamole_connection_group]
+ ADD CONSTRAINT [DF_guacamole_connection_group_enable_session_affinity] DEFAULT ((0)) FOR [enable_session_affinity];
+GO;
+
+/**
+ * The connection table, for storing connections and attributes.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_connection](
+ [connection_id] [int] IDENTITY(1,1) NOT NULL,
+ [connection_name] [nvarchar](128) NOT NULL,
+ [parent_id] [int] NULL,
+ [protocol] [nvarchar](32) NOT NULL,
+ [proxy_port] [int] NULL,
+ [proxy_hostname] [nvarchar](512) NULL,
+ [proxy_encryption_method] [nvarchar](4) NULL,
+ [max_connections] [int] NULL,
+ [max_connections_per_user] [int] NULL,
+ [connection_weight] [int] NULL,
+ [failover_only] [bit] NOT NULL,
+
+ CONSTRAINT [PK_guacamole_connection] PRIMARY KEY CLUSTERED
+ ([connection_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+ALTER TABLE [guacamole_connection]
+ WITH CHECK ADD CONSTRAINT [FK_guacamole_connection_connection_group] FOREIGN KEY([parent_id])
+ REFERENCES [guacamole_connection_group] ([connection_group_id]);
+ALTER TABLE [guacamole_connection]
+ CHECK CONSTRAINT [FK_guacamole_connection_connection_group];
+ALTER TABLE [guacamole_connection]
+ WITH CHECK ADD CONSTRAINT [CK_proxy_encryption_method]
+ CHECK (([proxy_encryption_method]='SSL' OR [proxy_encryption_method]='NONE'));
+ALTER TABLE [guacamole_connection]
+ CHECK CONSTRAINT [CK_proxy_encryption_method];
+ALTER TABLE [guacamole_connection]
+ ADD CONSTRAINT [DF_guacamole_connection_failover_only] DEFAULT ((0)) FOR [failover_only];
+GO;
+
+/**
+ * The user table stores user accounts, passwords, and properties.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_user](
+ [user_id] [int] IDENTITY(1,1) NOT NULL,
+ [username] [nvarchar](128) NOT NULL,
+ [password_hash] [binary](32) NOT NULL,
+ [password_salt] [binary](32) NULL,
+ [password_date] [datetime] NOT NULL,
+ [disabled] [bit] NOT NULL,
+ [expired] [bit] NOT NULL,
+ [access_window_start] [time](7) NULL,
+ [access_window_end] [time](7) NULL,
+ [valid_from] [date] NULL,
+ [valid_until] [date] NULL,
+ [timezone] [nvarchar](64) NULL,
+ [full_name] [nvarchar](256) NULL,
+ [email_address] [nvarchar](256) NULL,
+ [organization] [nvarchar](256) NULL,
+ [organizational_role] [nvarchar](256) NULL,
+
+ CONSTRAINT [PK_guacamole_user] PRIMARY KEY CLUSTERED
+ ([user_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+/**
+ * Defaults for user table
+ */
+ALTER TABLE [guacamole_user]
+ ADD CONSTRAINT [DF_guacamole_user_disabled] DEFAULT ((0)) FOR [disabled];
+ALTER TABLE [guacamole_user]
+ ADD CONSTRAINT [DF_guacamole_user_expired] DEFAULT ((0)) FOR [expired];
+GO;
+
+/**
+ * The sharing_profile table stores profiles that allow
+ * connections to be shared amongst multiple users.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_sharing_profile](
+ [sharing_profile_id] [int] IDENTITY(1,1) NOT NULL,
+ [sharing_profile_name] [nvarchar](128) NOT NULL,
+ [primary_connection_id] [int] NOT NULL,
+
+ CONSTRAINT [PK_guacamole_sharing_profile] PRIMARY KEY CLUSTERED
+ ([sharing_profile_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+/**
+ * Foreign keys for sharing_profile table.
+ */
+ALTER TABLE [guacamole_sharing_profile]
+ WITH CHECK ADD CONSTRAINT [FK_guacamole_sharing_profile_connection] FOREIGN KEY([primary_connection_id])
+ REFERENCES [guacamole_connection] ([connection_id])
+ ON UPDATE CASCADE
+ ON DELETE CASCADE;
+ALTER TABLE [guacamole_sharing_profile]
+ CHECK CONSTRAINT [FK_guacamole_sharing_profile_connection];
+GO;
+
+/**
+ * The connection_parameter table stores parameters for
+ * connection objects.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_connection_parameter](
+ [connection_id] [int] NOT NULL,
+ [parameter_name] [nvarchar](128) NOT NULL,
+ [parameter_value] [nvarchar](max) NOT NULL,
--- End diff --
Nope, I'm testing against SQLServer on Linux, or SQLServer 2017. When I tried to use the 4096 value, I was told it was above the max.
<Shrug>?!
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r141341833
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerGuacamoleProperties.java ---
@@ -0,0 +1,211 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import org.apache.guacamole.properties.BooleanGuacamoleProperty;
+import org.apache.guacamole.properties.IntegerGuacamoleProperty;
+import org.apache.guacamole.properties.StringGuacamoleProperty;
+
+/**
+ * Properties used by the SQLServer Authentication plugin.
+ */
+public class SQLServerGuacamoleProperties {
+
+ /**
+ * This class should not be instantiated.
+ */
+ private SQLServerGuacamoleProperties() {}
+
+ /**
+ * The URL of the SQLServer server hosting the Guacamole authentication tables.
+ */
+ public static final StringGuacamoleProperty SQLSERVER_HOSTNAME =
+ new StringGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-hostname"; }
+
+ };
+
+ /**
+ * The port of the SQLServer server hosting the Guacamole authentication
+ * tables.
+ */
+ public static final IntegerGuacamoleProperty SQLSERVER_PORT =
+ new IntegerGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-port"; }
+
+ };
+
+ /**
+ * The name of the SQLServer database containing the Guacamole
+ * authentication tables.
+ */
+ public static final StringGuacamoleProperty SQLSERVER_DATABASE =
+ new StringGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-database"; }
+
+ };
+
+ /**
+ * The username used to authenticate to the SQLServer database containing
+ * the Guacamole authentication tables.
+ */
+ public static final StringGuacamoleProperty SQLSERVER_USERNAME =
+ new StringGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-username"; }
+
+ };
+
+ /**
+ * The password used to authenticate to the SQLServer database containing
+ * the Guacamole authentication tables.
+ */
+ public static final StringGuacamoleProperty SQLSERVER_PASSWORD =
+ new StringGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-password"; }
+
+ };
+
+ /**
+ * Whether a user account within the database is required for authentication
+ * to succeed, even if the user has been authenticated via another
+ * authentication provider.
+ */
+ public static final BooleanGuacamoleProperty
+ SQLSERVER_USER_REQUIRED = new BooleanGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-user-required"; }
+
+ };
+
+ /**
+ * Whether or not multiple users accessing the same connection at the same
+ * time should be disallowed.
+ */
+ public static final BooleanGuacamoleProperty
+ SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS =
+ new BooleanGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-disallow-simultaneous-connections"; }
+
+ };
+
+ /**
+ * Whether or not the same user accessing the same connection or connection
+ * group at the same time should be disallowed.
+ */
+ public static final BooleanGuacamoleProperty
+ SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS =
--- End diff --
Removed.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r137603491
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml ---
@@ -0,0 +1,235 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
+ "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
+
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+<mapper namespace="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper" >
+
+ <!-- Result mapper for connection objects -->
+ <resultMap id="ConnectionResultMap" type="org.apache.guacamole.auth.jdbc.connection.ConnectionModel" >
+
+ <!-- Connection properties -->
+ <id column="connection_id" property="objectID" jdbcType="INTEGER"/>
+ <result column="connection_name" property="name" jdbcType="VARCHAR"/>
+ <result column="parent_id" property="parentIdentifier" jdbcType="INTEGER"/>
+ <result column="protocol" property="protocol" jdbcType="VARCHAR"/>
+ <result column="max_connections" property="maxConnections" jdbcType="INTEGER"/>
+ <result column="max_connections_per_user" property="maxConnectionsPerUser" jdbcType="INTEGER"/>
+ <result column="proxy_hostname" property="proxyHostname" jdbcType="VARCHAR"/>
+ <result column="proxy_port" property="proxyPort" jdbcType="INTEGER"/>
+ <result column="proxy_encryption_method" property="proxyEncryptionMethod" jdbcType="VARCHAR"
+ javaType="org.apache.guacamole.net.auth.GuacamoleProxyConfiguration$EncryptionMethod"/>
+ <result column="connection_weight" property="connectionWeight" jdbcType="INTEGER"/>
+ <result column="failover_only" property="failoverOnly" jdbcType="BOOLEAN"/>
+
+ <!-- Associated sharing profiles -->
+ <collection property="sharingProfileIdentifiers" resultSet="sharingProfiles" ofType="java.lang.String"
+ column="connection_id" foreignColumn="primary_connection_id">
+ <result column="sharing_profile_id"/>
+ </collection>
+
+ </resultMap>
+
+ <!-- Select all connection identifiers -->
+ <select id="selectIdentifiers" resultType="string">
+ SELECT connection_id
+ FROM [dbo].[guacamole_connection]
--- End diff --
That's fair. Let me poke around a little more and see if I can figure out a way to set the schema search path (similar to Postgres) at the connection level. I glanced when I was initially doing it and didn't see any parameter for it, but maybe it's just a little more obscure than that.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138412378
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerEnvironment.java ---
@@ -0,0 +1,357 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.apache.guacamole.auth.jdbc.security.PasswordPolicy;
+
+/**
+ * A SQLServer-specific implementation of JDBCEnvironment provides database
+ * properties specifically for SQLServer.
+ */
+public class SQLServerEnvironment extends JDBCEnvironment {
+
+ /**
+ * Logger for this class.
+ */
+ private static final Logger logger = LoggerFactory.getLogger(SQLServerEnvironment.class);
+
+ /**
+ * The default host to connect to, if SQLSERVER_HOSTNAME is not specified.
+ */
+ private static final String DEFAULT_HOSTNAME = "localhost";
+
+ /**
+ * The default port to connect to, if SQLSERVER_PORT is not specified.
+ */
+ private static final int DEFAULT_PORT = 1433;
+
+ /**
+ * Whether a database user account is required by default for authentication
+ * to succeed.
+ */
+ private static final boolean DEFAULT_USER_REQUIRED = true;
+
+ /**
+ * The default value for the maximum number of connections to be
+ * allowed to the Guacamole server overall.
+ */
+ private final int DEFAULT_ABSOLUTE_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection group. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection group. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the open source JTDS driver.
+ */
+ public final static String SQLSERVER_DRIVER_JTDS = "jtds";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the DataDirect JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_DATADIRECT = "datadirect";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the older Microsoft JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_MS = "microsoft";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the Microsoft JDBC driver. This is the default.
+ */
+ public final static String SQLSERVER_DRIVER_MS_2005 = "microsoft2005";
+
+ /**
+ * Constructs a new SQLServerEnvironment, providing access to SQLServer-specific
+ * configuration options.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while setting up the underlying JDBCEnvironment
+ * or while parsing legacy SQLServer configuration options.
+ */
+ public SQLServerEnvironment() throws GuacamoleException {
+
+ // Init underlying JDBC environment
+ super();
+
+ // Read legacy concurrency-related property
+ Boolean disallowSimultaneous = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS);
+ Boolean disallowDuplicate = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS);
+
+ // Legacy "simultaneous" property dictates only the maximum number of
+ // connections per connection
+ if (disallowSimultaneous != null) {
+
+ // Translate legacy property
+ if (disallowSimultaneous) {
+ DEFAULT_MAX_CONNECTIONS = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
+
+ // Inform of new equivalent
+ logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(), disallowSimultaneous,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS.getName(), DEFAULT_MAX_CONNECTIONS,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName(), DEFAULT_MAX_GROUP_CONNECTIONS);
+
+ }
+
+ // Legacy "duplicate" property dictates whether connections and groups
+ // may be used concurrently only by different users
+ if (disallowDuplicate != null) {
+
+ // Translate legacy property
+ if (disallowDuplicate) {
+ DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS_PER_USER = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
+
+ // Inform of new equivalent
+ logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS.getName(), disallowDuplicate,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_CONNECTIONS_PER_USER,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER);
+
+ }
+
+ // Check driver property is one of the acceptable values.
+ String driver = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DRIVER);
+ if (driver != null && !(driver.equals(SQLSERVER_DRIVER_JTDS) ||
+ driver.equals(SQLSERVER_DRIVER_DATADIRECT) ||
+ driver.equals(SQLSERVER_DRIVER_MS) ||
+ driver.equals(SQLSERVER_DRIVER_MS_2005)))
+ logger.warn("{} property has been set to an invalid value. The default Microsoft 2005 driver will be used.",
+ SQLServerGuacamoleProperties.SQLSERVER_DRIVER.getName());
+
+ }
+
+ @Override
+ public boolean isUserRequired() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_USER_REQUIRED,
+ DEFAULT_USER_REQUIRED
+ );
+ }
+
+ @Override
+ public int getAbsoluteMaxConnections() throws GuacamoleException {
+ return getProperty(SQLServerGuacamoleProperties.SQLSERVER_ABSOLUTE_MAX_CONNECTIONS,
+ DEFAULT_ABSOLUTE_MAX_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxConnections() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS,
+ DEFAULT_MAX_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxGroupConnections() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS,
+ DEFAULT_MAX_GROUP_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxConnectionsPerUser() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER,
+ DEFAULT_MAX_CONNECTIONS_PER_USER
+ );
+ }
+
+ @Override
+ public int getDefaultMaxGroupConnectionsPerUser() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER,
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER
+ );
+ }
+
+ @Override
+ public PasswordPolicy getPasswordPolicy() {
+ return new SQLServerPasswordPolicy(this);
+ }
+
+ /**
+ * Returns the hostname of the SQLServer server hosting the Guacamole
+ * authentication tables. If unspecified, this will be "localhost".
+ *
+ * @return
+ * The URL of the SQLServer server.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value.
+ */
+ public String getSQLServerHostname() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_HOSTNAME,
+ DEFAULT_HOSTNAME
+ );
+ }
+
+ /**
+ * Returns the port number of the SQLServer server hosting the Guacamole
+ * authentication tables. If unspecified, this will be the default
+ * SQLServer port of 5432.
+ *
+ * @return
+ * The port number of the SQLServer server.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value.
+ */
+ public int getSQLServerPort() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_PORT,
+ DEFAULT_PORT
+ );
+ }
+
+ /**
+ * Returns the name of the SQLServer database containing the Guacamole
+ * authentication tables.
+ *
+ * @return
+ * The name of the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerDatabase() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_DATABASE);
+ }
+
+ /**
+ * Returns the username that should be used when authenticating with the
+ * SQLServer database containing the Guacamole authentication tables.
+ *
+ * @return
+ * The username for the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerUsername() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_USERNAME);
+ }
+
+ /**
+ * Returns the password that should be used when authenticating with the
+ * SQLServer database containing the Guacamole authentication tables.
+ *
+ * @return
+ * The password for the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerPassword() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_PASSWORD);
+ }
+
+ /**
+ * Returns whether or not to use the SourceForge JTDS driver for more
+ * generic JTDS connections instead of the Microsoft-provided JDBC driver.
+ *
+ * @return
+ * True if the JTDS driver should be used; false by default.
--- End diff --
Cleaned up.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r135926214
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/schema/001-create-schema.sql ---
@@ -0,0 +1,558 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * List for permission data type.
+ */
+CREATE RULE [dbo].[guacamole_permission_list]
+ AS
+ @list IN ('READ','UPDATE','DELETE','ADMINISTER')
+GO
+
+/**
+ * List for system permission data type.
+ */
+CREATE RULE [dbo].[guacamole_system_permission_list]
+ AS
+ @list IN ('CREATE_CONNECTION',
+ 'CREATE_CONNECTION_GROUP',
+ 'CREATE_SHARING_PROFILE',
+ 'CREATE_USER',
+ 'ADMINISTER')
+GO
+
+/**
+ * The permission data type.
+ */
+CREATE TYPE [dbo].[guacamole_permission] FROM [nvarchar](10) NOT NULL
+
+/**
+ * The system permission data type.
+ */
+CREATE TYPE [dbo].[guacamole_system_permission] FROM [nvarchar](32) NOT NULL
+GO
+
+/**
+ * The connection_group table stores organizational and balancing groups.
+ */
+SET ANSI_NULLS ON
+SET QUOTED_IDENTIFIER ON
--- End diff --
> SET ANSI_NULLS ON
> SET QUOTED_IDENTIFIER ON
I see this quite a lot here. Why is this incantation necessary?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r141342394
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/schema/002-create-admin-user.sql ---
@@ -0,0 +1,46 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * Create the default admin user account and set up full privileges.
+ */
+INSERT INTO [guacamole_user] (username, password_hash, password_date)
+VALUES ('guacadmin', HASHBYTES('SHA2_256', 'guacadmin'), getdate());
--- End diff --
I was having trouble getting it to work trying to paste in the raw values. I'll try some variations on it, again, and see if I can make it work.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r135927937
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/schema/001-create-schema.sql ---
@@ -0,0 +1,558 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * List for permission data type.
+ */
+CREATE RULE [dbo].[guacamole_permission_list]
+ AS
+ @list IN ('READ','UPDATE','DELETE','ADMINISTER')
+GO
+
+/**
+ * List for system permission data type.
+ */
+CREATE RULE [dbo].[guacamole_system_permission_list]
+ AS
+ @list IN ('CREATE_CONNECTION',
+ 'CREATE_CONNECTION_GROUP',
+ 'CREATE_SHARING_PROFILE',
+ 'CREATE_USER',
+ 'ADMINISTER')
+GO
+
+/**
+ * The permission data type.
+ */
+CREATE TYPE [dbo].[guacamole_permission] FROM [nvarchar](10) NOT NULL
+
+/**
+ * The system permission data type.
+ */
+CREATE TYPE [dbo].[guacamole_system_permission] FROM [nvarchar](32) NOT NULL
+GO
+
+/**
+ * The connection_group table stores organizational and balancing groups.
+ */
+SET ANSI_NULLS ON
+SET QUOTED_IDENTIFIER ON
+CREATE TABLE [dbo].[guacamole_connection_group](
+ [connection_group_id] [int] IDENTITY(1,1) NOT NULL,
+ [parent_id] [int] NULL,
+ [connection_group_name] [nvarchar](128) NOT NULL,
+ [type] [nvarchar](32) NOT NULL,
+ [max_connections] [int] NULL,
+ [max_connections_per_user] [int] NULL,
+ [enable_session_affinity] [bit] NOT NULL,
+
+ CONSTRAINT [PK_guacmaole_connection_group] PRIMARY KEY CLUSTERED
+ ([connection_group_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY]
--- End diff --
Though older SQL Server may not require semicolons in all cases, newer versions do, and it's a bad practice that can lead to difficult-to-track-down bugs.
http://www.dbdelta.com/always-use-semicolon-statement-terminators/
Better that we stick with ANSI as far as possible.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138402116
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerEnvironment.java ---
@@ -0,0 +1,357 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.apache.guacamole.auth.jdbc.security.PasswordPolicy;
+
+/**
+ * A SQLServer-specific implementation of JDBCEnvironment provides database
+ * properties specifically for SQLServer.
+ */
+public class SQLServerEnvironment extends JDBCEnvironment {
+
+ /**
+ * Logger for this class.
+ */
+ private static final Logger logger = LoggerFactory.getLogger(SQLServerEnvironment.class);
+
+ /**
+ * The default host to connect to, if SQLSERVER_HOSTNAME is not specified.
+ */
+ private static final String DEFAULT_HOSTNAME = "localhost";
+
+ /**
+ * The default port to connect to, if SQLSERVER_PORT is not specified.
+ */
+ private static final int DEFAULT_PORT = 1433;
+
+ /**
+ * Whether a database user account is required by default for authentication
+ * to succeed.
+ */
+ private static final boolean DEFAULT_USER_REQUIRED = true;
+
+ /**
+ * The default value for the maximum number of connections to be
+ * allowed to the Guacamole server overall.
+ */
+ private final int DEFAULT_ABSOLUTE_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection group. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection group. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the open source JTDS driver.
+ */
+ public final static String SQLSERVER_DRIVER_JTDS = "jtds";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the DataDirect JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_DATADIRECT = "datadirect";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the older Microsoft JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_MS = "microsoft";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the Microsoft JDBC driver. This is the default.
+ */
+ public final static String SQLSERVER_DRIVER_MS_2005 = "microsoft2005";
+
+ /**
+ * Constructs a new SQLServerEnvironment, providing access to SQLServer-specific
+ * configuration options.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while setting up the underlying JDBCEnvironment
+ * or while parsing legacy SQLServer configuration options.
+ */
+ public SQLServerEnvironment() throws GuacamoleException {
+
+ // Init underlying JDBC environment
+ super();
+
+ // Read legacy concurrency-related property
+ Boolean disallowSimultaneous = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS);
+ Boolean disallowDuplicate = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS);
+
+ // Legacy "simultaneous" property dictates only the maximum number of
+ // connections per connection
+ if (disallowSimultaneous != null) {
+
+ // Translate legacy property
+ if (disallowSimultaneous) {
+ DEFAULT_MAX_CONNECTIONS = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
+
+ // Inform of new equivalent
+ logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(), disallowSimultaneous,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS.getName(), DEFAULT_MAX_CONNECTIONS,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName(), DEFAULT_MAX_GROUP_CONNECTIONS);
+
+ }
+
+ // Legacy "duplicate" property dictates whether connections and groups
+ // may be used concurrently only by different users
+ if (disallowDuplicate != null) {
+
+ // Translate legacy property
+ if (disallowDuplicate) {
+ DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS_PER_USER = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
+
+ // Inform of new equivalent
+ logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS.getName(), disallowDuplicate,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_CONNECTIONS_PER_USER,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER);
+
+ }
+
+ // Check driver property is one of the acceptable values.
+ String driver = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DRIVER);
+ if (driver != null && !(driver.equals(SQLSERVER_DRIVER_JTDS) ||
+ driver.equals(SQLSERVER_DRIVER_DATADIRECT) ||
+ driver.equals(SQLSERVER_DRIVER_MS) ||
+ driver.equals(SQLSERVER_DRIVER_MS_2005)))
+ logger.warn("{} property has been set to an invalid value. The default Microsoft 2005 driver will be used.",
--- End diff --
Rather than read and parse the driver property just to determine whether it's valid, only to parse it a second time later in independent code, it would make more sense to handle this within a common function that encapsulates that parsing, ideally masking the value behind an `enum` which Java can helpfully check at compile time.
For example:
https://github.com/apache/incubator-guacamole-client/blob/1c0ee41d0ecd5bc4a3550804b74b73b901e074c2/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/EncryptionMethodProperty.java
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138403143
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerEnvironment.java ---
@@ -0,0 +1,357 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.apache.guacamole.auth.jdbc.security.PasswordPolicy;
+
+/**
+ * A SQLServer-specific implementation of JDBCEnvironment provides database
+ * properties specifically for SQLServer.
+ */
+public class SQLServerEnvironment extends JDBCEnvironment {
+
+ /**
+ * Logger for this class.
+ */
+ private static final Logger logger = LoggerFactory.getLogger(SQLServerEnvironment.class);
+
+ /**
+ * The default host to connect to, if SQLSERVER_HOSTNAME is not specified.
+ */
+ private static final String DEFAULT_HOSTNAME = "localhost";
+
+ /**
+ * The default port to connect to, if SQLSERVER_PORT is not specified.
+ */
+ private static final int DEFAULT_PORT = 1433;
+
+ /**
+ * Whether a database user account is required by default for authentication
+ * to succeed.
+ */
+ private static final boolean DEFAULT_USER_REQUIRED = true;
+
+ /**
+ * The default value for the maximum number of connections to be
+ * allowed to the Guacamole server overall.
+ */
+ private final int DEFAULT_ABSOLUTE_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection group. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection group. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the open source JTDS driver.
+ */
+ public final static String SQLSERVER_DRIVER_JTDS = "jtds";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the DataDirect JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_DATADIRECT = "datadirect";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the older Microsoft JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_MS = "microsoft";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the Microsoft JDBC driver. This is the default.
+ */
+ public final static String SQLSERVER_DRIVER_MS_2005 = "microsoft2005";
+
+ /**
+ * Constructs a new SQLServerEnvironment, providing access to SQLServer-specific
+ * configuration options.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while setting up the underlying JDBCEnvironment
+ * or while parsing legacy SQLServer configuration options.
+ */
+ public SQLServerEnvironment() throws GuacamoleException {
+
+ // Init underlying JDBC environment
+ super();
+
+ // Read legacy concurrency-related property
+ Boolean disallowSimultaneous = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS);
+ Boolean disallowDuplicate = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS);
+
+ // Legacy "simultaneous" property dictates only the maximum number of
+ // connections per connection
+ if (disallowSimultaneous != null) {
+
+ // Translate legacy property
+ if (disallowSimultaneous) {
+ DEFAULT_MAX_CONNECTIONS = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
+
+ // Inform of new equivalent
+ logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS.getName(), disallowSimultaneous,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS.getName(), DEFAULT_MAX_CONNECTIONS,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName(), DEFAULT_MAX_GROUP_CONNECTIONS);
+
+ }
+
+ // Legacy "duplicate" property dictates whether connections and groups
+ // may be used concurrently only by different users
+ if (disallowDuplicate != null) {
+
+ // Translate legacy property
+ if (disallowDuplicate) {
+ DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS_PER_USER = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(),
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS.getName());
+
+ // Inform of new equivalent
+ logger.info("To achieve the same result of setting \"{}\" to \"{}\", set \"{}\" to \"{}\" and \"{}\" to \"{}\".",
+ SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS.getName(), disallowDuplicate,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_CONNECTIONS_PER_USER,
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER.getName(), DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER);
+
+ }
+
+ // Check driver property is one of the acceptable values.
+ String driver = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DRIVER);
+ if (driver != null && !(driver.equals(SQLSERVER_DRIVER_JTDS) ||
+ driver.equals(SQLSERVER_DRIVER_DATADIRECT) ||
+ driver.equals(SQLSERVER_DRIVER_MS) ||
+ driver.equals(SQLSERVER_DRIVER_MS_2005)))
+ logger.warn("{} property has been set to an invalid value. The default Microsoft 2005 driver will be used.",
+ SQLServerGuacamoleProperties.SQLSERVER_DRIVER.getName());
+
+ }
+
+ @Override
+ public boolean isUserRequired() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_USER_REQUIRED,
+ DEFAULT_USER_REQUIRED
+ );
+ }
+
+ @Override
+ public int getAbsoluteMaxConnections() throws GuacamoleException {
+ return getProperty(SQLServerGuacamoleProperties.SQLSERVER_ABSOLUTE_MAX_CONNECTIONS,
+ DEFAULT_ABSOLUTE_MAX_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxConnections() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS,
+ DEFAULT_MAX_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxGroupConnections() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS,
+ DEFAULT_MAX_GROUP_CONNECTIONS
+ );
+ }
+
+ @Override
+ public int getDefaultMaxConnectionsPerUser() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_CONNECTIONS_PER_USER,
+ DEFAULT_MAX_CONNECTIONS_PER_USER
+ );
+ }
+
+ @Override
+ public int getDefaultMaxGroupConnectionsPerUser() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER,
+ DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER
+ );
+ }
+
+ @Override
+ public PasswordPolicy getPasswordPolicy() {
+ return new SQLServerPasswordPolicy(this);
+ }
+
+ /**
+ * Returns the hostname of the SQLServer server hosting the Guacamole
+ * authentication tables. If unspecified, this will be "localhost".
+ *
+ * @return
+ * The URL of the SQLServer server.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value.
+ */
+ public String getSQLServerHostname() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_HOSTNAME,
+ DEFAULT_HOSTNAME
+ );
+ }
+
+ /**
+ * Returns the port number of the SQLServer server hosting the Guacamole
+ * authentication tables. If unspecified, this will be the default
+ * SQLServer port of 5432.
+ *
+ * @return
+ * The port number of the SQLServer server.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value.
+ */
+ public int getSQLServerPort() throws GuacamoleException {
+ return getProperty(
+ SQLServerGuacamoleProperties.SQLSERVER_PORT,
+ DEFAULT_PORT
+ );
+ }
+
+ /**
+ * Returns the name of the SQLServer database containing the Guacamole
+ * authentication tables.
+ *
+ * @return
+ * The name of the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerDatabase() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_DATABASE);
+ }
+
+ /**
+ * Returns the username that should be used when authenticating with the
+ * SQLServer database containing the Guacamole authentication tables.
+ *
+ * @return
+ * The username for the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerUsername() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_USERNAME);
+ }
+
+ /**
+ * Returns the password that should be used when authenticating with the
+ * SQLServer database containing the Guacamole authentication tables.
+ *
+ * @return
+ * The password for the SQLServer database.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerPassword() throws GuacamoleException {
+ return getRequiredProperty(SQLServerGuacamoleProperties.SQLSERVER_PASSWORD);
+ }
+
+ /**
+ * Returns whether or not to use the SourceForge JTDS driver for more
+ * generic JTDS connections instead of the Microsoft-provided JDBC driver.
+ *
+ * @return
+ * True if the JTDS driver should be used; false by default.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while retrieving the property value, or if the
+ * value was not set, as this property is required.
+ */
+ public String getSQLServerDriver() throws GuacamoleException {
--- End diff --
The cleanest way is to implement a new property type. Parsing logic is kept separate, and usage of the property ends up simplified.
See: https://github.com/apache/incubator-guacamole-client/blob/1c0ee41d0ecd5bc4a3550804b74b73b901e074c2/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/EncryptionMethodProperty.java
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r135923091
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml ---
@@ -0,0 +1,235 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
+ "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
+
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+<mapper namespace="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper" >
+
+ <!-- Result mapper for connection objects -->
+ <resultMap id="ConnectionResultMap" type="org.apache.guacamole.auth.jdbc.connection.ConnectionModel" >
+
+ <!-- Connection properties -->
+ <id column="connection_id" property="objectID" jdbcType="INTEGER"/>
+ <result column="connection_name" property="name" jdbcType="VARCHAR"/>
+ <result column="parent_id" property="parentIdentifier" jdbcType="INTEGER"/>
+ <result column="protocol" property="protocol" jdbcType="VARCHAR"/>
+ <result column="max_connections" property="maxConnections" jdbcType="INTEGER"/>
+ <result column="max_connections_per_user" property="maxConnectionsPerUser" jdbcType="INTEGER"/>
+ <result column="proxy_hostname" property="proxyHostname" jdbcType="VARCHAR"/>
+ <result column="proxy_port" property="proxyPort" jdbcType="INTEGER"/>
+ <result column="proxy_encryption_method" property="proxyEncryptionMethod" jdbcType="VARCHAR"
+ javaType="org.apache.guacamole.net.auth.GuacamoleProxyConfiguration$EncryptionMethod"/>
+ <result column="connection_weight" property="connectionWeight" jdbcType="INTEGER"/>
+ <result column="failover_only" property="failoverOnly" jdbcType="BOOLEAN"/>
+
+ <!-- Associated sharing profiles -->
+ <collection property="sharingProfileIdentifiers" resultSet="sharingProfiles" ofType="java.lang.String"
+ column="connection_id" foreignColumn="primary_connection_id">
+ <result column="sharing_profile_id"/>
+ </collection>
+
+ </resultMap>
+
+ <!-- Select all connection identifiers -->
+ <select id="selectIdentifiers" resultType="string">
+ SELECT connection_id
+ FROM [dbo].[guacamole_connection]
--- End diff --
Out of curiosity, does SQL Server require that the schema be specified with each query? I don't recall having to do this in the past, but it's been a rather long time since I had to touch SQL Server.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138400910
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerAuthenticationProviderModule.java ---
@@ -0,0 +1,107 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import com.google.inject.Binder;
+import com.google.inject.Module;
+import com.google.inject.name.Names;
+import java.util.Properties;
+import org.apache.guacamole.GuacamoleException;
+import org.mybatis.guice.datasource.helper.JdbcHelper;
+
+/**
+ * Guice module which configures SQLServer-specific injections.
+ */
+public class SQLServerAuthenticationProviderModule implements Module {
+
+ /**
+ * MyBatis-specific configuration properties.
+ */
+ private final Properties myBatisProperties = new Properties();
+
+ /**
+ * SQLServer-specific driver configuration properties.
+ */
+ private final Properties driverProperties = new Properties();
+
+ /**
+ * Whether or not to use JTDS Driver
+ */
+ private String sqlServerDriver;
+
+ /**
+ * Creates a new SQLServer authentication provider module that configures
+ * driver and MyBatis properties using the given environment.
+ *
+ * @param environment
+ * The environment to use when configuring MyBatis and the underlying
+ * JDBC driver.
+ *
+ * @throws GuacamoleException
+ * If a required property is missing, or an error occurs while parsing
+ * a property.
+ */
+ public SQLServerAuthenticationProviderModule(SQLServerEnvironment environment)
+ throws GuacamoleException {
+
+ // Set the SQLServer-specific properties for MyBatis.
+ myBatisProperties.setProperty("mybatis.environment.id", "guacamole");
+ myBatisProperties.setProperty("JDBC.host", environment.getSQLServerHostname());
+ myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getSQLServerPort()));
+ myBatisProperties.setProperty("JDBC.schema", environment.getSQLServerDatabase());
+ myBatisProperties.setProperty("JDBC.username", environment.getSQLServerUsername());
+ myBatisProperties.setProperty("JDBC.password", environment.getSQLServerPassword());
+ myBatisProperties.setProperty("JDBC.autoCommit", "false");
+ myBatisProperties.setProperty("mybatis.pooled.pingEnabled", "true");
+ myBatisProperties.setProperty("mybatis.pooled.pingQuery", "SELECT 1");
+
+ // Use UTF-8 in database
+ driverProperties.setProperty("characterEncoding", "UTF-8");
+
+ // Capture which driver to use for the connection.
+ this.sqlServerDriver = environment.getSQLServerDriver();
+
+ }
+
+ @Override
+ public void configure(Binder binder) {
+
+ // Bind SQLServer-specific properties
+ // Look at the property to choose the correct driver.
+ if (sqlServerDriver.equals(SQLServerEnvironment.SQLSERVER_DRIVER_JTDS))
+ JdbcHelper.SQL_Server_jTDS.configure(binder);
+ else if (sqlServerDriver.equals(SQLServerEnvironment.SQLSERVER_DRIVER_DATADIRECT))
+ JdbcHelper.SQL_Server_DataDirect.configure(binder);
+ else if (sqlServerDriver.equals(SQLServerEnvironment.SQLSERVER_DRIVER_MS))
+ JdbcHelper.SQL_Server_MS_Driver.configure(binder);
+ else
+ JdbcHelper.SQL_Server_2005_MS_Driver.configure(binder);
--- End diff --
It's more compatible with the most recent versions of Microsoft SQL Server. The other driver is/appears to be older than the 2005 one - at least, the latest JDBC driver you download from Microsoft seems to be the "2005 driver." The jTDS one hasn't seen a lot of development recently. The DataDirect one is a third-party one from Progress. So, I went with the one that, by all appearances, is going to be most likely to support the most recent versions of SQL Server.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r137610453
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml ---
@@ -0,0 +1,235 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
+ "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
+
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+<mapper namespace="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper" >
+
+ <!-- Result mapper for connection objects -->
+ <resultMap id="ConnectionResultMap" type="org.apache.guacamole.auth.jdbc.connection.ConnectionModel" >
+
+ <!-- Connection properties -->
+ <id column="connection_id" property="objectID" jdbcType="INTEGER"/>
+ <result column="connection_name" property="name" jdbcType="VARCHAR"/>
+ <result column="parent_id" property="parentIdentifier" jdbcType="INTEGER"/>
+ <result column="protocol" property="protocol" jdbcType="VARCHAR"/>
+ <result column="max_connections" property="maxConnections" jdbcType="INTEGER"/>
+ <result column="max_connections_per_user" property="maxConnectionsPerUser" jdbcType="INTEGER"/>
+ <result column="proxy_hostname" property="proxyHostname" jdbcType="VARCHAR"/>
+ <result column="proxy_port" property="proxyPort" jdbcType="INTEGER"/>
+ <result column="proxy_encryption_method" property="proxyEncryptionMethod" jdbcType="VARCHAR"
+ javaType="org.apache.guacamole.net.auth.GuacamoleProxyConfiguration$EncryptionMethod"/>
+ <result column="connection_weight" property="connectionWeight" jdbcType="INTEGER"/>
+ <result column="failover_only" property="failoverOnly" jdbcType="BOOLEAN"/>
+
+ <!-- Associated sharing profiles -->
+ <collection property="sharingProfileIdentifiers" resultSet="sharingProfiles" ofType="java.lang.String"
+ column="connection_id" foreignColumn="primary_connection_id">
+ <result column="sharing_profile_id"/>
+ </collection>
+
+ </resultMap>
+
+ <!-- Select all connection identifiers -->
+ <select id="selectIdentifiers" resultType="string">
+ SELECT connection_id
+ FROM [dbo].[guacamole_connection]
--- End diff --
Well, according to research, it isn't possible to set the default schema or schema search path in the connection string for SQL Server - it's a per-user thing. So, I think we'll just have to go the route of not explicitly specifying the schema and include instructions that the account that is logging in to SQL Server needs to have its default schema set properly. Sound okay? Counterproposals?
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r135923036
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerAuthenticationProviderModule.java ---
@@ -0,0 +1,91 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import com.google.inject.Binder;
+import com.google.inject.Module;
+import com.google.inject.name.Names;
+import java.util.Properties;
+import org.apache.guacamole.GuacamoleException;
+import org.mybatis.guice.datasource.helper.JdbcHelper;
+
+/**
+ * Guice module which configures SQLServer-specific injections.
+ */
+public class SQLServerAuthenticationProviderModule implements Module {
+
+ /**
+ * MyBatis-specific configuration properties.
+ */
+ private final Properties myBatisProperties = new Properties();
+
+ /**
+ * SQLServer-specific driver configuration properties.
+ */
+ private final Properties driverProperties = new Properties();
+
+ /**
+ * Creates a new SQLServer authentication provider module that configures
+ * driver and MyBatis properties using the given environment.
+ *
+ * @param environment
+ * The environment to use when configuring MyBatis and the underlying
+ * JDBC driver.
+ *
+ * @throws GuacamoleException
+ * If a required property is missing, or an error occurs while parsing
+ * a property.
+ */
+ public SQLServerAuthenticationProviderModule(SQLServerEnvironment environment)
+ throws GuacamoleException {
+
+ // Set the SQLServer-specific properties for MyBatis.
+ myBatisProperties.setProperty("mybatis.environment.id", "guacamole");
+ myBatisProperties.setProperty("JDBC.host", environment.getSQLServerHostname());
+ myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getSQLServerPort()));
+ myBatisProperties.setProperty("JDBC.schema", environment.getSQLServerDatabase());
+ myBatisProperties.setProperty("JDBC.username", environment.getSQLServerUsername());
+ myBatisProperties.setProperty("JDBC.password", environment.getSQLServerPassword());
+ myBatisProperties.setProperty("JDBC.autoCommit", "false");
+ myBatisProperties.setProperty("mybatis.pooled.pingEnabled", "true");
+ myBatisProperties.setProperty("mybatis.pooled.pingQuery", "SELECT 1");
+
+ // Use UTF-8 in database
+ driverProperties.setProperty("characterEncoding", "UTF-8");
+
+ }
+
+ @Override
+ public void configure(Binder binder) {
+
+ // Bind SQLServer-specific properties
+ JdbcHelper.SQL_Server_2005_MS_Driver.configure(binder);
--- End diff --
Is this going to be an issue with other versions of SQL Server? Why this particular driver vs. jTDS?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138412442
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerAuthenticationProviderModule.java ---
@@ -0,0 +1,107 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import com.google.inject.Binder;
+import com.google.inject.Module;
+import com.google.inject.name.Names;
+import java.util.Properties;
+import org.apache.guacamole.GuacamoleException;
+import org.mybatis.guice.datasource.helper.JdbcHelper;
+
+/**
+ * Guice module which configures SQLServer-specific injections.
+ */
+public class SQLServerAuthenticationProviderModule implements Module {
+
+ /**
+ * MyBatis-specific configuration properties.
+ */
+ private final Properties myBatisProperties = new Properties();
+
+ /**
+ * SQLServer-specific driver configuration properties.
+ */
+ private final Properties driverProperties = new Properties();
+
+ /**
+ * Whether or not to use JTDS Driver
--- End diff --
Cleaned up.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r137602825
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml ---
@@ -0,0 +1,235 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
+ "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
+
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+<mapper namespace="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper" >
+
+ <!-- Result mapper for connection objects -->
+ <resultMap id="ConnectionResultMap" type="org.apache.guacamole.auth.jdbc.connection.ConnectionModel" >
+
+ <!-- Connection properties -->
+ <id column="connection_id" property="objectID" jdbcType="INTEGER"/>
+ <result column="connection_name" property="name" jdbcType="VARCHAR"/>
+ <result column="parent_id" property="parentIdentifier" jdbcType="INTEGER"/>
+ <result column="protocol" property="protocol" jdbcType="VARCHAR"/>
+ <result column="max_connections" property="maxConnections" jdbcType="INTEGER"/>
+ <result column="max_connections_per_user" property="maxConnectionsPerUser" jdbcType="INTEGER"/>
+ <result column="proxy_hostname" property="proxyHostname" jdbcType="VARCHAR"/>
+ <result column="proxy_port" property="proxyPort" jdbcType="INTEGER"/>
+ <result column="proxy_encryption_method" property="proxyEncryptionMethod" jdbcType="VARCHAR"
+ javaType="org.apache.guacamole.net.auth.GuacamoleProxyConfiguration$EncryptionMethod"/>
+ <result column="connection_weight" property="connectionWeight" jdbcType="INTEGER"/>
+ <result column="failover_only" property="failoverOnly" jdbcType="BOOLEAN"/>
+
+ <!-- Associated sharing profiles -->
+ <collection property="sharingProfileIdentifiers" resultSet="sharingProfiles" ofType="java.lang.String"
+ column="connection_id" foreignColumn="primary_connection_id">
+ <result column="sharing_profile_id"/>
+ </collection>
+
+ </resultMap>
+
+ <!-- Select all connection identifiers -->
+ <select id="selectIdentifiers" resultType="string">
+ SELECT connection_id
+ FROM [dbo].[guacamole_connection]
--- End diff --
It's not that I think we need to require the default schema vs. something else, but rather that I'm surprised that each query would need to specify that schema. I would have expected that the schema would be specified at the JDBC connection level, and would then effect all queries which do not explicitly specify a different schema.
In the case of the PostgreSQL implementation, use of the default `public` schema was due to not specifying the schema at all, which was probably mostly due to my inexperience with PostgreSQL at the time. If something about PostgreSQL then required that I hard-code the `public` schema into all queries, I think I'd start getting worried.
I'm definitely far from an expert in SQL Server, but it feels like hard-coding the schema into each query would be bad. I don't know what the alternative would be. If the expectation for SQL Server databases is that the application itself dictates the schema name, etc. (not just the tables), then perhaps I'm steering things in the wrong direction here by pushing use of the default schema.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r141254470
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerEnvironment.java ---
@@ -0,0 +1,254 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.apache.guacamole.auth.jdbc.security.PasswordPolicy;
+
+/**
+ * A SQLServer-specific implementation of JDBCEnvironment provides database
+ * properties specifically for SQLServer.
+ */
+public class SQLServerEnvironment extends JDBCEnvironment {
+
+ /**
+ * Logger for this class.
+ */
+ private static final Logger logger = LoggerFactory.getLogger(SQLServerEnvironment.class);
+
+ /**
+ * The default host to connect to, if SQLSERVER_HOSTNAME is not specified.
+ */
+ private static final String DEFAULT_HOSTNAME = "localhost";
+
+ /**
+ * The default port to connect to, if SQLSERVER_PORT is not specified.
+ */
+ private static final int DEFAULT_PORT = 1433;
+
+ /**
+ * Whether a database user account is required by default for authentication
+ * to succeed.
+ */
+ private static final boolean DEFAULT_USER_REQUIRED = true;
--- End diff --
The default for the "*-user-required" properties should be `false`:
https://github.com/apache/incubator-guacamole-client/blob/1c0ee41d0ecd5bc4a3550804b74b73b901e074c2/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/java/org/apache/guacamole/auth/mysql/MySQLEnvironment.java#L53
https://github.com/apache/incubator-guacamole-client/blob/1c0ee41d0ecd5bc4a3550804b74b73b901e074c2/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/java/org/apache/guacamole/auth/postgresql/PostgreSQLEnvironment.java#L53
See also:
http://guacamole.incubator.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-restrict
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r141335963
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerAuthenticationProviderModule.java ---
@@ -0,0 +1,116 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import com.google.inject.Binder;
+import com.google.inject.Module;
+import com.google.inject.name.Names;
+import java.util.Properties;
+import org.apache.guacamole.GuacamoleException;
+import org.mybatis.guice.datasource.helper.JdbcHelper;
+
+/**
+ * Guice module which configures SQLServer-specific injections.
+ */
+public class SQLServerAuthenticationProviderModule implements Module {
+
+ /**
+ * MyBatis-specific configuration properties.
+ */
+ private final Properties myBatisProperties = new Properties();
+
+ /**
+ * SQLServer-specific driver configuration properties.
+ */
+ private final Properties driverProperties = new Properties();
+
+ /**
+ * Which SQL Server driver should be used.
+ */
+ private SQLServerDriver sqlServerDriver;
+
+ /**
+ * Creates a new SQLServer authentication provider module that configures
+ * driver and MyBatis properties using the given environment.
+ *
+ * @param environment
+ * The environment to use when configuring MyBatis and the underlying
+ * JDBC driver.
+ *
+ * @throws GuacamoleException
+ * If a required property is missing, or an error occurs while parsing
+ * a property.
+ */
+ public SQLServerAuthenticationProviderModule(SQLServerEnvironment environment)
+ throws GuacamoleException {
+
+ // Set the SQLServer-specific properties for MyBatis.
+ myBatisProperties.setProperty("mybatis.environment.id", "guacamole");
+ myBatisProperties.setProperty("JDBC.host", environment.getSQLServerHostname());
+ myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getSQLServerPort()));
+ myBatisProperties.setProperty("JDBC.schema", environment.getSQLServerDatabase());
+ myBatisProperties.setProperty("JDBC.username", environment.getSQLServerUsername());
+ myBatisProperties.setProperty("JDBC.password", environment.getSQLServerPassword());
+ myBatisProperties.setProperty("JDBC.autoCommit", "false");
+ myBatisProperties.setProperty("mybatis.pooled.pingEnabled", "true");
+ myBatisProperties.setProperty("mybatis.pooled.pingQuery", "SELECT 1");
+
+ // Use UTF-8 in database
+ driverProperties.setProperty("characterEncoding", "UTF-8");
+
+ // Capture which driver to use for the connection.
+ this.sqlServerDriver = environment.getSQLServerDriver();
+
+ }
+
+ @Override
+ public void configure(Binder binder) {
+
+ // Bind SQLServer-specific properties with the configured driver.
+ switch(sqlServerDriver) {
+ case JTDS:
+ JdbcHelper.SQL_Server_jTDS.configure(binder);
+ break;
+
+ case DATA_DIRECT:
+ JdbcHelper.SQL_Server_DataDirect.configure(binder);
+ break;
+
+ case MICROSOFT_LEGACY:
+ JdbcHelper.SQL_Server_MS_Driver.configure(binder);
+ break;
+
+ case MICROSOFT_2005:
+ default:
--- End diff --
I went the throw an exception route.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138398163
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/schema/001-create-schema.sql ---
@@ -0,0 +1,558 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * List for permission data type.
+ */
+CREATE RULE [guacamole_permission_list]
+ AS
+ @list IN ('READ','UPDATE','DELETE','ADMINISTER');
+GO;
+
+/**
+ * List for system permission data type.
+ */
+CREATE RULE [guacamole_system_permission_list]
+ AS
+ @list IN ('CREATE_CONNECTION',
+ 'CREATE_CONNECTION_GROUP',
+ 'CREATE_SHARING_PROFILE',
+ 'CREATE_USER',
+ 'ADMINISTER');
+GO;
+
+/**
+ * The permission data type.
+ */
+CREATE TYPE [guacamole_permission] FROM [nvarchar](10) NOT NULL;
+
+/**
+ * The system permission data type.
+ */
+CREATE TYPE [guacamole_system_permission] FROM [nvarchar](32) NOT NULL;
+GO;
+
+/**
+ * The connection_group table stores organizational and balancing groups.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_connection_group](
+ [connection_group_id] [int] IDENTITY(1,1) NOT NULL,
+ [parent_id] [int] NULL,
+ [connection_group_name] [nvarchar](128) NOT NULL,
+ [type] [nvarchar](32) NOT NULL,
+ [max_connections] [int] NULL,
+ [max_connections_per_user] [int] NULL,
+ [enable_session_affinity] [bit] NOT NULL,
+
+ CONSTRAINT [PK_guacmaole_connection_group] PRIMARY KEY CLUSTERED
+ ([connection_group_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+/**
+ * Foreign keys for connection_group table.
+ */
+ALTER TABLE [guacamole_connection_group]
+ WITH CHECK ADD CONSTRAINT [FK_guacamole_connection_group_connection_group_id] FOREIGN KEY([parent_id])
+ REFERENCES [guacamole_connection_group] ([connection_group_id]);
+ALTER TABLE [guacamole_connection_group]
+ CHECK CONSTRAINT [FK_guacamole_connection_group_connection_group_id];
+ALTER TABLE [guacamole_connection_group]
+ WITH CHECK ADD CONSTRAINT [CK_guacamole_connection_group_type]
+ CHECK (([type]='BALANCING' OR [type]='ORGANIZATIONAL'));
+ALTER TABLE [guacamole_connection_group]
+ CHECK CONSTRAINT [CK_guacamole_connection_group_type];
+
+/**
+ * Default values for connection_group table.
+ */
+ALTER TABLE [guacamole_connection_group]
+ ADD CONSTRAINT [DF_guacamole_connection_group_type] DEFAULT (N'ORGANIZATIONAL') FOR [type];
+ALTER TABLE [guacamole_connection_group]
+ ADD CONSTRAINT [DF_guacamole_connection_group_enable_session_affinity] DEFAULT ((0)) FOR [enable_session_affinity];
+GO;
+
+/**
+ * The connection table, for storing connections and attributes.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_connection](
+ [connection_id] [int] IDENTITY(1,1) NOT NULL,
+ [connection_name] [nvarchar](128) NOT NULL,
+ [parent_id] [int] NULL,
+ [protocol] [nvarchar](32) NOT NULL,
+ [proxy_port] [int] NULL,
+ [proxy_hostname] [nvarchar](512) NULL,
+ [proxy_encryption_method] [nvarchar](4) NULL,
+ [max_connections] [int] NULL,
+ [max_connections_per_user] [int] NULL,
+ [connection_weight] [int] NULL,
+ [failover_only] [bit] NOT NULL,
+
+ CONSTRAINT [PK_guacamole_connection] PRIMARY KEY CLUSTERED
+ ([connection_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+ALTER TABLE [guacamole_connection]
+ WITH CHECK ADD CONSTRAINT [FK_guacamole_connection_connection_group] FOREIGN KEY([parent_id])
+ REFERENCES [guacamole_connection_group] ([connection_group_id]);
+ALTER TABLE [guacamole_connection]
+ CHECK CONSTRAINT [FK_guacamole_connection_connection_group];
+ALTER TABLE [guacamole_connection]
+ WITH CHECK ADD CONSTRAINT [CK_proxy_encryption_method]
+ CHECK (([proxy_encryption_method]='SSL' OR [proxy_encryption_method]='NONE'));
+ALTER TABLE [guacamole_connection]
+ CHECK CONSTRAINT [CK_proxy_encryption_method];
+ALTER TABLE [guacamole_connection]
+ ADD CONSTRAINT [DF_guacamole_connection_failover_only] DEFAULT ((0)) FOR [failover_only];
+GO;
+
+/**
+ * The user table stores user accounts, passwords, and properties.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_user](
+ [user_id] [int] IDENTITY(1,1) NOT NULL,
+ [username] [nvarchar](128) NOT NULL,
+ [password_hash] [binary](32) NOT NULL,
+ [password_salt] [binary](32) NULL,
+ [password_date] [datetime] NOT NULL,
+ [disabled] [bit] NOT NULL,
+ [expired] [bit] NOT NULL,
+ [access_window_start] [time](7) NULL,
+ [access_window_end] [time](7) NULL,
+ [valid_from] [date] NULL,
+ [valid_until] [date] NULL,
+ [timezone] [nvarchar](64) NULL,
+ [full_name] [nvarchar](256) NULL,
+ [email_address] [nvarchar](256) NULL,
+ [organization] [nvarchar](256) NULL,
+ [organizational_role] [nvarchar](256) NULL,
+
+ CONSTRAINT [PK_guacamole_user] PRIMARY KEY CLUSTERED
+ ([user_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+/**
+ * Defaults for user table
+ */
+ALTER TABLE [guacamole_user]
+ ADD CONSTRAINT [DF_guacamole_user_disabled] DEFAULT ((0)) FOR [disabled];
+ALTER TABLE [guacamole_user]
+ ADD CONSTRAINT [DF_guacamole_user_expired] DEFAULT ((0)) FOR [expired];
+GO;
+
+/**
+ * The sharing_profile table stores profiles that allow
+ * connections to be shared amongst multiple users.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_sharing_profile](
+ [sharing_profile_id] [int] IDENTITY(1,1) NOT NULL,
+ [sharing_profile_name] [nvarchar](128) NOT NULL,
+ [primary_connection_id] [int] NOT NULL,
+
+ CONSTRAINT [PK_guacamole_sharing_profile] PRIMARY KEY CLUSTERED
+ ([sharing_profile_id] ASC)
+ WITH (PAD_INDEX = OFF,
+ STATISTICS_NORECOMPUTE = OFF,
+ IGNORE_DUP_KEY = OFF,
+ ALLOW_ROW_LOCKS = ON,
+ ALLOW_PAGE_LOCKS = ON)
+ ON [PRIMARY]
+) ON [PRIMARY];
+
+/**
+ * Foreign keys for sharing_profile table.
+ */
+ALTER TABLE [guacamole_sharing_profile]
+ WITH CHECK ADD CONSTRAINT [FK_guacamole_sharing_profile_connection] FOREIGN KEY([primary_connection_id])
+ REFERENCES [guacamole_connection] ([connection_id])
+ ON UPDATE CASCADE
+ ON DELETE CASCADE;
+ALTER TABLE [guacamole_sharing_profile]
+ CHECK CONSTRAINT [FK_guacamole_sharing_profile_connection];
+GO;
+
+/**
+ * The connection_parameter table stores parameters for
+ * connection objects.
+ */
+SET ANSI_NULLS ON;
+SET QUOTED_IDENTIFIER ON;
+CREATE TABLE [guacamole_connection_parameter](
+ [connection_id] [int] NOT NULL,
+ [parameter_name] [nvarchar](128) NOT NULL,
+ [parameter_value] [nvarchar](max) NOT NULL,
--- End diff --
max = 4000, which is less than what Postgres and MySQL use (4096).
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r137698647
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml ---
@@ -0,0 +1,235 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
+ "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
+
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+<mapper namespace="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper" >
+
+ <!-- Result mapper for connection objects -->
+ <resultMap id="ConnectionResultMap" type="org.apache.guacamole.auth.jdbc.connection.ConnectionModel" >
+
+ <!-- Connection properties -->
+ <id column="connection_id" property="objectID" jdbcType="INTEGER"/>
+ <result column="connection_name" property="name" jdbcType="VARCHAR"/>
+ <result column="parent_id" property="parentIdentifier" jdbcType="INTEGER"/>
+ <result column="protocol" property="protocol" jdbcType="VARCHAR"/>
+ <result column="max_connections" property="maxConnections" jdbcType="INTEGER"/>
+ <result column="max_connections_per_user" property="maxConnectionsPerUser" jdbcType="INTEGER"/>
+ <result column="proxy_hostname" property="proxyHostname" jdbcType="VARCHAR"/>
+ <result column="proxy_port" property="proxyPort" jdbcType="INTEGER"/>
+ <result column="proxy_encryption_method" property="proxyEncryptionMethod" jdbcType="VARCHAR"
+ javaType="org.apache.guacamole.net.auth.GuacamoleProxyConfiguration$EncryptionMethod"/>
+ <result column="connection_weight" property="connectionWeight" jdbcType="INTEGER"/>
+ <result column="failover_only" property="failoverOnly" jdbcType="BOOLEAN"/>
+
+ <!-- Associated sharing profiles -->
+ <collection property="sharingProfileIdentifiers" resultSet="sharingProfiles" ofType="java.lang.String"
+ column="connection_id" foreignColumn="primary_connection_id">
+ <result column="sharing_profile_id"/>
+ </collection>
+
+ </resultMap>
+
+ <!-- Select all connection identifiers -->
+ <select id="selectIdentifiers" resultType="string">
+ SELECT connection_id
+ FROM [dbo].[guacamole_connection]
--- End diff --
Okay, all of the explicit schema calls have been removed, so it'll just rely on the default schema for the user account being used for guacamole. I'll just need to document this when I write the documentation for this module.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r141254688
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerGuacamoleProperties.java ---
@@ -0,0 +1,211 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import org.apache.guacamole.properties.BooleanGuacamoleProperty;
+import org.apache.guacamole.properties.IntegerGuacamoleProperty;
+import org.apache.guacamole.properties.StringGuacamoleProperty;
+
+/**
+ * Properties used by the SQLServer Authentication plugin.
+ */
+public class SQLServerGuacamoleProperties {
+
+ /**
+ * This class should not be instantiated.
+ */
+ private SQLServerGuacamoleProperties() {}
+
+ /**
+ * The URL of the SQLServer server hosting the Guacamole authentication tables.
+ */
+ public static final StringGuacamoleProperty SQLSERVER_HOSTNAME =
+ new StringGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-hostname"; }
+
+ };
+
+ /**
+ * The port of the SQLServer server hosting the Guacamole authentication
+ * tables.
+ */
+ public static final IntegerGuacamoleProperty SQLSERVER_PORT =
+ new IntegerGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-port"; }
+
+ };
+
+ /**
+ * The name of the SQLServer database containing the Guacamole
+ * authentication tables.
+ */
+ public static final StringGuacamoleProperty SQLSERVER_DATABASE =
+ new StringGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-database"; }
+
+ };
+
+ /**
+ * The username used to authenticate to the SQLServer database containing
+ * the Guacamole authentication tables.
+ */
+ public static final StringGuacamoleProperty SQLSERVER_USERNAME =
+ new StringGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-username"; }
+
+ };
+
+ /**
+ * The password used to authenticate to the SQLServer database containing
+ * the Guacamole authentication tables.
+ */
+ public static final StringGuacamoleProperty SQLSERVER_PASSWORD =
+ new StringGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-password"; }
+
+ };
+
+ /**
+ * Whether a user account within the database is required for authentication
+ * to succeed, even if the user has been authenticated via another
+ * authentication provider.
+ */
+ public static final BooleanGuacamoleProperty
+ SQLSERVER_USER_REQUIRED = new BooleanGuacamoleProperty() {
+
+ @Override
+ public String getName() { return "sqlserver-user-required"; }
+
+ };
+
+ /**
+ * Whether or not multiple users accessing the same connection at the same
+ * time should be disallowed.
+ */
+ public static final BooleanGuacamoleProperty
+ SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS =
--- End diff --
Since this property is not actually used, it shouldn't be defined.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r135948903
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml ---
@@ -0,0 +1,235 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
+ "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
+
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+<mapper namespace="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper" >
+
+ <!-- Result mapper for connection objects -->
+ <resultMap id="ConnectionResultMap" type="org.apache.guacamole.auth.jdbc.connection.ConnectionModel" >
+
+ <!-- Connection properties -->
+ <id column="connection_id" property="objectID" jdbcType="INTEGER"/>
+ <result column="connection_name" property="name" jdbcType="VARCHAR"/>
+ <result column="parent_id" property="parentIdentifier" jdbcType="INTEGER"/>
+ <result column="protocol" property="protocol" jdbcType="VARCHAR"/>
+ <result column="max_connections" property="maxConnections" jdbcType="INTEGER"/>
+ <result column="max_connections_per_user" property="maxConnectionsPerUser" jdbcType="INTEGER"/>
+ <result column="proxy_hostname" property="proxyHostname" jdbcType="VARCHAR"/>
+ <result column="proxy_port" property="proxyPort" jdbcType="INTEGER"/>
+ <result column="proxy_encryption_method" property="proxyEncryptionMethod" jdbcType="VARCHAR"
+ javaType="org.apache.guacamole.net.auth.GuacamoleProxyConfiguration$EncryptionMethod"/>
+ <result column="connection_weight" property="connectionWeight" jdbcType="INTEGER"/>
+ <result column="failover_only" property="failoverOnly" jdbcType="BOOLEAN"/>
+
+ <!-- Associated sharing profiles -->
+ <collection property="sharingProfileIdentifiers" resultSet="sharingProfiles" ofType="java.lang.String"
+ column="connection_id" foreignColumn="primary_connection_id">
+ <result column="sharing_profile_id"/>
+ </collection>
+
+ </resultMap>
+
+ <!-- Select all connection identifiers -->
+ <select id="selectIdentifiers" resultType="string">
+ SELECT connection_id
+ FROM [dbo].[guacamole_connection]
--- End diff --
I think it depends. I definitely do not consider myself an expert on SQL Server; however, unlike PostgreSQL, I believe SQL Server is a little further down the road toward Oracle of having certain schemas associated with certain users. When you create a user object in a SQL Server database you can associate a default schema with that user. So, if an admin create a guacamole user in for the database and sets the schema to something other than dbo, but loads the schema using the sa account or something similar, there could be some confusion for the admin about which schema the tables are in. This forcibly eliminates that confusion.
I could go the route of just assuming the default schema, if you think that's better?? It doesn't matter all that much to me...
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by necouchman <gi...@git.apache.org>.
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r141340510
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerEnvironment.java ---
@@ -0,0 +1,254 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.apache.guacamole.auth.jdbc.security.PasswordPolicy;
+
+/**
+ * A SQLServer-specific implementation of JDBCEnvironment provides database
+ * properties specifically for SQLServer.
+ */
+public class SQLServerEnvironment extends JDBCEnvironment {
+
+ /**
+ * Logger for this class.
+ */
+ private static final Logger logger = LoggerFactory.getLogger(SQLServerEnvironment.class);
+
+ /**
+ * The default host to connect to, if SQLSERVER_HOSTNAME is not specified.
+ */
+ private static final String DEFAULT_HOSTNAME = "localhost";
+
+ /**
+ * The default port to connect to, if SQLSERVER_PORT is not specified.
+ */
+ private static final int DEFAULT_PORT = 1433;
+
+ /**
+ * Whether a database user account is required by default for authentication
+ * to succeed.
+ */
+ private static final boolean DEFAULT_USER_REQUIRED = true;
--- End diff --
Oops, not sure why that was like that.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138398980
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerAuthenticationProviderModule.java ---
@@ -0,0 +1,107 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import com.google.inject.Binder;
+import com.google.inject.Module;
+import com.google.inject.name.Names;
+import java.util.Properties;
+import org.apache.guacamole.GuacamoleException;
+import org.mybatis.guice.datasource.helper.JdbcHelper;
+
+/**
+ * Guice module which configures SQLServer-specific injections.
+ */
+public class SQLServerAuthenticationProviderModule implements Module {
+
+ /**
+ * MyBatis-specific configuration properties.
+ */
+ private final Properties myBatisProperties = new Properties();
+
+ /**
+ * SQLServer-specific driver configuration properties.
+ */
+ private final Properties driverProperties = new Properties();
+
+ /**
+ * Whether or not to use JTDS Driver
+ */
+ private String sqlServerDriver;
+
+ /**
+ * Creates a new SQLServer authentication provider module that configures
+ * driver and MyBatis properties using the given environment.
+ *
+ * @param environment
+ * The environment to use when configuring MyBatis and the underlying
+ * JDBC driver.
+ *
+ * @throws GuacamoleException
+ * If a required property is missing, or an error occurs while parsing
+ * a property.
+ */
+ public SQLServerAuthenticationProviderModule(SQLServerEnvironment environment)
+ throws GuacamoleException {
+
+ // Set the SQLServer-specific properties for MyBatis.
+ myBatisProperties.setProperty("mybatis.environment.id", "guacamole");
+ myBatisProperties.setProperty("JDBC.host", environment.getSQLServerHostname());
+ myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getSQLServerPort()));
+ myBatisProperties.setProperty("JDBC.schema", environment.getSQLServerDatabase());
+ myBatisProperties.setProperty("JDBC.username", environment.getSQLServerUsername());
+ myBatisProperties.setProperty("JDBC.password", environment.getSQLServerPassword());
+ myBatisProperties.setProperty("JDBC.autoCommit", "false");
+ myBatisProperties.setProperty("mybatis.pooled.pingEnabled", "true");
+ myBatisProperties.setProperty("mybatis.pooled.pingQuery", "SELECT 1");
+
+ // Use UTF-8 in database
+ driverProperties.setProperty("characterEncoding", "UTF-8");
+
+ // Capture which driver to use for the connection.
+ this.sqlServerDriver = environment.getSQLServerDriver();
+
+ }
+
+ @Override
+ public void configure(Binder binder) {
+
+ // Bind SQLServer-specific properties
+ // Look at the property to choose the correct driver.
+ if (sqlServerDriver.equals(SQLServerEnvironment.SQLSERVER_DRIVER_JTDS))
+ JdbcHelper.SQL_Server_jTDS.configure(binder);
+ else if (sqlServerDriver.equals(SQLServerEnvironment.SQLSERVER_DRIVER_DATADIRECT))
+ JdbcHelper.SQL_Server_DataDirect.configure(binder);
+ else if (sqlServerDriver.equals(SQLServerEnvironment.SQLSERVER_DRIVER_MS))
+ JdbcHelper.SQL_Server_MS_Driver.configure(binder);
+ else
+ JdbcHelper.SQL_Server_2005_MS_Driver.configure(binder);
--- End diff --
I'm curious - why is the 2005 driver the default? Is it known to be more common and/or more compatible?
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138398494
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerAuthenticationProviderModule.java ---
@@ -0,0 +1,107 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import com.google.inject.Binder;
+import com.google.inject.Module;
+import com.google.inject.name.Names;
+import java.util.Properties;
+import org.apache.guacamole.GuacamoleException;
+import org.mybatis.guice.datasource.helper.JdbcHelper;
+
+/**
+ * Guice module which configures SQLServer-specific injections.
+ */
+public class SQLServerAuthenticationProviderModule implements Module {
+
+ /**
+ * MyBatis-specific configuration properties.
+ */
+ private final Properties myBatisProperties = new Properties();
+
+ /**
+ * SQLServer-specific driver configuration properties.
+ */
+ private final Properties driverProperties = new Properties();
+
+ /**
+ * Whether or not to use JTDS Driver
--- End diff --
Now that the property has been generalized to cover all SQL Server drivers supported by MyBatis, this is no longer correct.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r138401206
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerEnvironment.java ---
@@ -0,0 +1,357 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.apache.guacamole.auth.jdbc.security.PasswordPolicy;
+
+/**
+ * A SQLServer-specific implementation of JDBCEnvironment provides database
+ * properties specifically for SQLServer.
+ */
+public class SQLServerEnvironment extends JDBCEnvironment {
+
+ /**
+ * Logger for this class.
+ */
+ private static final Logger logger = LoggerFactory.getLogger(SQLServerEnvironment.class);
+
+ /**
+ * The default host to connect to, if SQLSERVER_HOSTNAME is not specified.
+ */
+ private static final String DEFAULT_HOSTNAME = "localhost";
+
+ /**
+ * The default port to connect to, if SQLSERVER_PORT is not specified.
+ */
+ private static final int DEFAULT_PORT = 1433;
+
+ /**
+ * Whether a database user account is required by default for authentication
+ * to succeed.
+ */
+ private static final boolean DEFAULT_USER_REQUIRED = true;
+
+ /**
+ * The default value for the maximum number of connections to be
+ * allowed to the Guacamole server overall.
+ */
+ private final int DEFAULT_ABSOLUTE_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed per user to any one connection group. Note that, as long as the
+ * legacy "disallow duplicate" and "disallow simultaneous" properties are
+ * still supported, these cannot be constants, as the legacy properties
+ * dictate the values that should be used in the absence of the correct
+ * properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER = 1;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_CONNECTIONS = 0;
+
+ /**
+ * The default value for the default maximum number of connections to be
+ * allowed to any one connection group. Note that, as long as the legacy
+ * "disallow duplicate" and "disallow simultaneous" properties are still
+ * supported, these cannot be constants, as the legacy properties dictate
+ * the values that should be used in the absence of the correct properties.
+ */
+ private int DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the open source JTDS driver.
+ */
+ public final static String SQLSERVER_DRIVER_JTDS = "jtds";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the DataDirect JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_DATADIRECT = "datadirect";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the older Microsoft JDBC driver.
+ */
+ public final static String SQLSERVER_DRIVER_MS = "microsoft";
+
+ /**
+ * The value for the sqlserver-driver property that triggers the use of
+ * the Microsoft JDBC driver. This is the default.
+ */
+ public final static String SQLSERVER_DRIVER_MS_2005 = "microsoft2005";
+
+ /**
+ * Constructs a new SQLServerEnvironment, providing access to SQLServer-specific
+ * configuration options.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while setting up the underlying JDBCEnvironment
+ * or while parsing legacy SQLServer configuration options.
+ */
+ public SQLServerEnvironment() throws GuacamoleException {
+
+ // Init underlying JDBC environment
+ super();
+
+ // Read legacy concurrency-related property
+ Boolean disallowSimultaneous = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_SIMULTANEOUS_CONNECTIONS);
+ Boolean disallowDuplicate = getProperty(SQLServerGuacamoleProperties.SQLSERVER_DISALLOW_DUPLICATE_CONNECTIONS);
+
+ // Legacy "simultaneous" property dictates only the maximum number of
+ // connections per connection
+ if (disallowSimultaneous != null) {
+
+ // Translate legacy property
+ if (disallowSimultaneous) {
+ DEFAULT_MAX_CONNECTIONS = 1;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+ else {
+ DEFAULT_MAX_CONNECTIONS = 0;
+ DEFAULT_MAX_GROUP_CONNECTIONS = 0;
+ }
+
+ // Warn of deprecation
+ logger.warn("The \"{}\" property is deprecated. Use \"{}\" and \"{}\" instead.",
--- End diff --
The "disallow simultaneous connections", etc. properties continue to exist in the MySQL and PostgreSQL auth (with deprecation warnings) because they were at one time supported, and users are expected to migrate to the new properties when possible. This doesn't make sense here, though, since all SQL Server properties are new. If the properties shouldn't be used, they shouldn't be added.
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r137604213
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerAuthenticationProviderModule.java ---
@@ -0,0 +1,102 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.sqlserver;
+
+import com.google.inject.Binder;
+import com.google.inject.Module;
+import com.google.inject.name.Names;
+import java.util.Properties;
+import org.apache.guacamole.GuacamoleException;
+import org.mybatis.guice.datasource.helper.JdbcHelper;
+
+/**
+ * Guice module which configures SQLServer-specific injections.
+ */
+public class SQLServerAuthenticationProviderModule implements Module {
+
+ /**
+ * MyBatis-specific configuration properties.
+ */
+ private final Properties myBatisProperties = new Properties();
+
+ /**
+ * SQLServer-specific driver configuration properties.
+ */
+ private final Properties driverProperties = new Properties();
+
+ /**
+ * Whether or not to use JTDS Driver
+ */
+ private Boolean useJTDSDriver = false;
+
+ /**
+ * Creates a new SQLServer authentication provider module that configures
+ * driver and MyBatis properties using the given environment.
+ *
+ * @param environment
+ * The environment to use when configuring MyBatis and the underlying
+ * JDBC driver.
+ *
+ * @throws GuacamoleException
+ * If a required property is missing, or an error occurs while parsing
+ * a property.
+ */
+ public SQLServerAuthenticationProviderModule(SQLServerEnvironment environment)
+ throws GuacamoleException {
+
+ // Set the SQLServer-specific properties for MyBatis.
+ myBatisProperties.setProperty("mybatis.environment.id", "guacamole");
+ myBatisProperties.setProperty("JDBC.host", environment.getSQLServerHostname());
+ myBatisProperties.setProperty("JDBC.port", String.valueOf(environment.getSQLServerPort()));
+ myBatisProperties.setProperty("JDBC.schema", environment.getSQLServerDatabase());
+ myBatisProperties.setProperty("JDBC.username", environment.getSQLServerUsername());
+ myBatisProperties.setProperty("JDBC.password", environment.getSQLServerPassword());
+ myBatisProperties.setProperty("JDBC.autoCommit", "false");
+ myBatisProperties.setProperty("mybatis.pooled.pingEnabled", "true");
+ myBatisProperties.setProperty("mybatis.pooled.pingQuery", "SELECT 1");
+
+ // Use UTF-8 in database
+ driverProperties.setProperty("characterEncoding", "UTF-8");
+
+ // Capture whether or not to use the JTDS driver.
+ this.useJTDSDriver = environment.getSQLServerJTDSDriver();
--- End diff --
From http://www.mybatis.org/guice/jdbc-helper.html, I see the following SQL Server drivers supported by MyBatis out of the box:
* `SQL_Server_DataDirect`
* `SQL_Server_jTDS`
* `SQL_Server_MS_Driver`
* `SQL_Server_2005_MS_Driver`
Any reason the configuration here is being limited to 2005-specific Microsoft driver and jTDS?
---
[GitHub] incubator-guacamole-client pull request #182: GUACAMOLE-363: Add support for...
Posted by mike-jumper <gi...@git.apache.org>.
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/182#discussion_r141255305
--- Diff: extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/schema/002-create-admin-user.sql ---
@@ -0,0 +1,46 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * Create the default admin user account and set up full privileges.
+ */
+INSERT INTO [guacamole_user] (username, password_hash, password_date)
+VALUES ('guacadmin', HASHBYTES('SHA2_256', 'guacadmin'), getdate());
--- End diff --
Any reason to not use the same hash+salt values as the other user creation scripts?
---