GUACAMOLE-220: Add configuration property for setting the attributes which uniquely identify user groups within LDAP.
Project: http://git-wip-us.apache.org/repos/asf/guacamole-client/repo Commit: http://git-wip-us.apache.org/repos/asf/guacamole-client/commit/bdc79260 Tree: http://git-wip-us.apache.org/repos/asf/guacamole-client/tree/bdc79260 Diff: http://git-wip-us.apache.org/repos/asf/guacamole-client/diff/bdc79260 Branch: refs/heads/master Commit: bdc792603db1706e8126ba027d8d86f203ab3171 Parents: 7c57b44 Author: Michael Jumper <mjum...@apache.org> Authored: Sat Nov 3 10:10:19 2018 -0700 Committer: Michael Jumper <mjum...@apache.org> Committed: Sat Nov 3 12:41:54 2018 -0700 ---------------------------------------------------------------------- .../guacamole/auth/ldap/ConfigurationService.java | 18 ++++++++++++++++++ .../auth/ldap/LDAPGuacamoleProperties.java | 12 ++++++++++++ 2 files changed, 30 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/bdc79260/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ConfigurationService.java ---------------------------------------------------------------------- diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ConfigurationService.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ConfigurationService.java index 2ab7aad..6a4b8c0 100644 --- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ConfigurationService.java +++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ConfigurationService.java @@ -139,6 +139,24 @@ public class ConfigurationService { } /** + * Returns all attributes which should be used to determine the unique + * identifier of each user group. By default, this will be "cn". + * + * @return + * The attributes which should be used to determine the unique + * identifier of each group. + * + * @throws GuacamoleException + * If guacamole.properties cannot be parsed. + */ + public List<String> getGroupNameAttributes() throws GuacamoleException { + return environment.getProperty( + LDAPGuacamoleProperties.LDAP_GROUP_NAME_ATTRIBUTE, + Collections.singletonList("cn") + ); + } + + /** * Returns the base DN under which all Guacamole role based access control * (RBAC) groups will be stored within the LDAP directory. If RBAC will not * be used, null is returned. http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/bdc79260/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPGuacamoleProperties.java ---------------------------------------------------------------------- diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPGuacamoleProperties.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPGuacamoleProperties.java index 0d3823f..340cbf5 100644 --- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPGuacamoleProperties.java +++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPGuacamoleProperties.java @@ -87,6 +87,18 @@ public class LDAPGuacamoleProperties { }; /** + * The attribute or attributes which identify user groups. One of these + * attributes must be present within each Guacamole user group's record in + * the LDAP directory for that group to be visible. + */ + public static final StringListProperty LDAP_GROUP_NAME_ATTRIBUTE = new StringListProperty() { + + @Override + public String getName() { return "ldap-group-name-attribute"; } + + }; + + /** * The port on the LDAP server to connect to when authenticating users. */ public static final IntegerGuacamoleProperty LDAP_PORT = new IntegerGuacamoleProperty() {