[
https://issues.apache.org/jira/browse/GUACAMOLE-412?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16200330#comment-16200330
]
Nick Couchman commented on GUACAMOLE-412:
-----------------------------------------
Tracked down the line of code that causes the issue:
guacamole/src/main/java/org/apache/guacamole/rest/auth/AuthenticationService.java:
{code:java}
private void fireAuthenticationSuccessEvent(
AuthenticatedUser authenticatedUser, GuacamoleSession session)
throws GuacamoleException {
UserContext userContext = null;
if (session != null) {
userContext = session.getUserContext(
authenticatedUser.getAuthenticationProvider().getIdentifier());
}
listenerService.handleEvent(new AuthenticationSuccessEvent(
userContext, authenticatedUser.getCredentials()));
}
{code}
This call to session.getUserContext() causes an exception to be thrown when the
authentication module has a null user context, which causes a variety of
problems in those modules. As mentioned before, in the CAS module
authentication succeeds, but any attempt to move beyond the home screen results
in the client UI not working (cannot navigate away from home screen) and 404
errors when POSTing to the api/token endpoint. Commenting out the call to
getUserContext (but leaving the listenerService.handleEvent() call in place
with a null UserContext object) works perfectly fine, so it's just the call and
the fact that an exception is thrown by the getUserContext() method.
> Regression in Extensions without UserContext
> --------------------------------------------
>
> Key: GUACAMOLE-412
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-412
> Project: Guacamole
> Issue Type: Bug
> Components: guacamole-auth-cas, guacamole-client
> Affects Versions: 0.9.13-incubating
> Reporter: Nick Couchman
> Priority: Critical
> Fix For: 0.9.14-incubating
>
>
> It looks like the commits for GUACAMOLE-364 introduced a regression in the
> behavior of modules that do not provide a UserContext. Building
> guacamole-client prior to the merge of these changes results in functional
> CAS and (WIP) RADIUS extensions; building after this commit results in issues
> with the client.
> The REST API is expected to throw 404 errors at certain points when the
> client requests certain actions - for example, trying to get a user context
> from an extension that provides no user context. However, the changes
> introduced in -364 cause a 404 to occur at a different point in time, which
> adversely impacts the client.
> Prior to -364, the POST to the api/tokens succeeds with a 200 response code,
> and a subsequent GET to api/session/data/cas/users/<username> fails with a
> 404 error.
> After -364, the POST to api/tokens fails with a 404 response code and the
> error message "Session not associated with authentication provider cas."
> More work to be done to figure out why the event listener changes are causing
> this change in behavior, but I suspect that some change within the new event
> listener code fails when userContext is null, and that is causing the POST to
> api/tokens to fail.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
