This is an automated email from the ASF dual-hosted git repository.
vnick pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/guacamole-client.git
from b28334184 GUACAMOLE-1740: Merge corrections to breadth of clipboard
editor CSS.
add 1015df6b4 GUACAMOLE-839: Move nonce-generation service to internal
common SSO library.
add f2c7d746e GUACAMOLE-839: Move authentication session management
service to internal common SSO library.
add 841190df5 GUACAMOLE-839: Generate case-insensitive nonce values that
can safely be used in domains.
add e51d54899 GUACAMOLE-839: Ensure each NonceService instance has its own
context (will not validate the nonces of other contexts).
add 2e8cf8223 GUACAMOLE-839: As with NonceService, ensure each auth
session manager instance has its own context and will not validate the sessions
of other session managers.
add 6bf0b8cf6 GUACAMOLE-839: Allow testing of null nonce values.
add e2a6947ff GUACAMOLE-839: Implement base support for SSO using SSL/TLS
authentication (certificates / smart cards).
add 9177cac3c GUACAMOLE-839: Allow authenticationService to affect login
screen even if not invoked by login screen.
add b6ce47762 GUACAMOLE-839: Support deferred retrieval of authentication
parameters.
add 38f1360de GUACAMOLE-839: Ensure SSL/TLS client auth failures are
reflected in the Guacamole UI.
add 825532651 GUACAMOLE-839: Move SSL/TLS client auth logic to separate
service.
add 0b5b82cc4 GUACAMOLE-839: Allow accepted subject DNs to be restricted
via configuration.
add b9958fa33 GUACAMOLE-839: Include SSL/TLS auth support within SSO dist
archive.
add d0574f8d8 GUACAMOLE-839: Use BouncyCastle for retrieval of certificate
details.
add 9f8bb71b0 GUACAMOLE-839: Correct JavaDoc for parameters of
getUsername().
add 82073a597 GUACAMOLE-839: Correct typo in JavaDoc of decode() -
"valid", not "value".
new 23a5c9476 GUACAMOLE-839: Merge add webapp SSO support for certificates
/ smart cards.
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../LICENSE | 0
.../README | 6 +-
.../dep-coordinates.txt | 1 +
.../guacamole/auth/sso/AuthenticationSession.java | 58 +++
.../auth/sso}/AuthenticationSessionManager.java | 72 ++--
.../guacamole/auth/sso/IdentifierGenerator.java | 106 +++++
.../apache/guacamole/auth/sso}/NonceService.java | 36 +-
.../src/main/resources/translations/en.json | 5 +
.../modules/guacamole-auth-sso-dist/pom.xml | 7 +
.../src/main/assembly/dist.xml | 9 +
.../auth/openid/AuthenticationProviderService.java | 2 +-
.../openid/OpenIDAuthenticationProviderModule.java | 5 +-
.../auth/openid/token/TokenValidationService.java | 1 +
.../auth/saml/AuthenticationProviderService.java | 4 +-
.../saml/SAMLAuthenticationProviderModule.java | 6 +-
.../saml/acs/AssertionConsumerServiceResource.java | 4 +-
.../auth/saml/acs/IdentifierGenerator.java | 54 ---
...Session.java => SAMLAuthenticationSession.java} | 28 +-
.../saml/acs/SAMLAuthenticationSessionManager.java | 59 +++
.../guacamole/auth/saml/acs/SAMLService.java | 14 +-
.../.gitignore | 0
.../modules/guacamole-auth-sso-ssl}/.ratignore | 0
.../pom.xml | 21 +-
.../auth/ssl/AuthenticationProviderService.java | 171 ++++++++
.../auth/ssl/OpaqueAuthenticationResult.java | 65 +++
.../auth/ssl/SSLAuthenticationProvider.java} | 31 +-
.../auth/ssl/SSLAuthenticationProviderModule.java} | 15 +-
.../auth/ssl/SSLAuthenticationSession.java | 64 +++
.../auth/ssl/SSLAuthenticationSessionManager.java | 60 +++
.../auth/ssl/SSLClientAuthenticationResource.java | 412 +++++++++++++++++++
.../auth/ssl/conf/ConfigurationService.java | 440 +++++++++++++++++++++
.../auth/ssl}/conf/LdapNameGuacamoleProperty.java | 19 +-
.../ssl/conf/WildcardURIGuacamoleProperty.java | 66 ++++
.../src/main/resources/directives/guacSslAuth.js} | 50 ++-
.../src/main/resources/guac-manifest.json | 12 +-
.../src/main/resources/html/sso-provider-ssl.html | 4 +
.../src/main/resources/license.txt | 0
.../main/resources/services/clientAuthService.js | 43 +-
.../src/main/resources/sslModule.js | 9 +-
extensions/guacamole-auth-sso/pom.xml | 1 +
.../src/app/auth/service/authenticationService.js | 149 ++++---
.../frontend/src/app/login/directives/login.js | 88 ++---
42 files changed, 1862 insertions(+), 335 deletions(-)
copy doc/licenses/{bouncycastle-fips-1.0.2.3 =>
bouncycastle-pkix-fips-1.0.7}/LICENSE (100%)
copy doc/licenses/{bouncycastle-fips-1.0.2.3 =>
bouncycastle-pkix-fips-1.0.7}/README (50%)
create mode 100644
doc/licenses/bouncycastle-pkix-fips-1.0.7/dep-coordinates.txt
create mode 100644
extensions/guacamole-auth-sso/modules/guacamole-auth-sso-base/src/main/java/org/apache/guacamole/auth/sso/AuthenticationSession.java
rename
extensions/guacamole-auth-sso/modules/{guacamole-auth-sso-saml/src/main/java/org/apache/guacamole/auth/saml/acs
=>
guacamole-auth-sso-base/src/main/java/org/apache/guacamole/auth/sso}/AuthenticationSessionManager.java
(72%)
create mode 100644
extensions/guacamole-auth-sso/modules/guacamole-auth-sso-base/src/main/java/org/apache/guacamole/auth/sso/IdentifierGenerator.java
rename
extensions/guacamole-auth-sso/modules/{guacamole-auth-sso-openid/src/main/java/org/apache/guacamole/auth/openid/token
=>
guacamole-auth-sso-base/src/main/java/org/apache/guacamole/auth/sso}/NonceService.java
(80%)
delete mode 100644
extensions/guacamole-auth-sso/modules/guacamole-auth-sso-saml/src/main/java/org/apache/guacamole/auth/saml/acs/IdentifierGenerator.java
rename
extensions/guacamole-auth-sso/modules/guacamole-auth-sso-saml/src/main/java/org/apache/guacamole/auth/saml/acs/{AuthenticationSession.java
=> SAMLAuthenticationSession.java} (77%)
create mode 100644
extensions/guacamole-auth-sso/modules/guacamole-auth-sso-saml/src/main/java/org/apache/guacamole/auth/saml/acs/SAMLAuthenticationSessionManager.java
copy extensions/guacamole-auth-sso/modules/{guacamole-auth-sso-cas =>
guacamole-auth-sso-ssl}/.gitignore (100%)
copy extensions/{guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base =>
guacamole-auth-sso/modules/guacamole-auth-sso-ssl}/.ratignore (100%)
copy extensions/guacamole-auth-sso/modules/{guacamole-auth-sso-openid =>
guacamole-auth-sso-ssl}/pom.xml (92%)
create mode 100644
extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/AuthenticationProviderService.java
create mode 100644
extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/OpaqueAuthenticationResult.java
copy
extensions/guacamole-auth-sso/modules/{guacamole-auth-sso-cas/src/main/java/org/apache/guacamole/auth/cas/CASAuthenticationProvider.java
=>
guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/SSLAuthenticationProvider.java}
(55%)
copy
extensions/guacamole-auth-sso/modules/{guacamole-auth-sso-cas/src/main/java/org/apache/guacamole/auth/cas/CASAuthenticationProviderModule.java
=>
guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/SSLAuthenticationProviderModule.java}
(67%)
create mode 100644
extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/SSLAuthenticationSession.java
create mode 100644
extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/SSLAuthenticationSessionManager.java
create mode 100644
extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/SSLClientAuthenticationResource.java
create mode 100644
extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/conf/ConfigurationService.java
copy
extensions/guacamole-auth-sso/modules/{guacamole-auth-sso-cas/src/main/java/org/apache/guacamole/auth/cas
=>
guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl}/conf/LdapNameGuacamoleProperty.java
(74%)
create mode 100644
extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/java/org/apache/guacamole/auth/ssl/conf/WildcardURIGuacamoleProperty.java
copy
extensions/{guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/security/PasswordRequiresSymbolException.java
=>
guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/resources/directives/guacSslAuth.js}
(53%)
copy extensions/guacamole-auth-sso/modules/{guacamole-auth-sso-cas =>
guacamole-auth-sso-ssl}/src/main/resources/guac-manifest.json (70%)
create mode 100644
extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/resources/html/sso-provider-ssl.html
copy extensions/{guacamole-auth-duo =>
guacamole-auth-sso/modules/guacamole-auth-sso-ssl}/src/main/resources/license.txt
(100%)
copy guacamole/src/main/frontend/src/app/rest/services/languageService.js =>
extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/resources/services/clientAuthService.js
(50%)
copy guacamole/src/main/frontend/src/app/navigation/navigationModule.js =>
extensions/guacamole-auth-sso/modules/guacamole-auth-sso-ssl/src/main/resources/sslModule.js
(78%)
