[GitHub] guacamole-client pull request #299: GUACAMOLE-524: Allow custom LDAP attribu...

Mon, 11 Jun 2018 12:58:26 -0700 

Github user necouchman commented on a diff in the pull request:

    https://github.com/apache/guacamole-client/pull/299#discussion_r194526230
  
    --- Diff: 
extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/AuthenticationProviderService.java
 ---
    @@ -221,21 +229,79 @@ public AuthenticatedUser authenticateUser(Credentials 
credentials)
                 throw new GuacamoleInvalidCredentialsException("Permission 
denied.", CredentialsInfo.USERNAME_PASSWORD);
     
             try {
    -
                 // Return AuthenticatedUser if bind succeeds
                 AuthenticatedUser authenticatedUser = 
authenticatedUserProvider.get();
                 authenticatedUser.init(credentials);
    +
    +            //set attributes
    +            String username = credentials.getUsername();
    +            Map<String, String> attrs = getLDAPAttributes(ldapConnection, 
username);
    +            authenticatedUser.setAttributes(attrs);
    +
                 return authenticatedUser;
     
             }
    -
    +        catch (LDAPException e) {
    +            throw new GuacamoleServerException("Error while querying for 
User Attributes.", e);
    +        }
             // Always disconnect
             finally {
                 ldapService.disconnect(ldapConnection);
             }
     
         }
     
    +    /**
    +     * Returns all custom LDAP attributes on the user currently bound under
    +     * the given LDAP connection. The custom attributes are specified in
    +     * guacamole.properties.
    +     *
    +     * @param ldapConnection
    +     *     LDAP connection to find the custom LDAP attributes.
    +     * @param username
    +     *     The username of the user whose attributes are queried.
    +     *
    +     * @return
    +     *     All attributes on the user currently bound under the
    +     *     given LDAP connection, as a map of attribute name to
    +     *     corresponding attribute value.
    +     *
    +     * @throws LDAPException
    +     *     If an error occurs while searching for the user attributes.
    +     *
    +     * @throws GuacamoleException
    +     *     If an error occurs retrieving the user DN.
    +     */
    +    private Map<String, String> getLDAPAttributes(LDAPConnection 
ldapConnection,
    +            String username) throws LDAPException {
    +
    +        // Get attributes from configuration information
    +        List<String> attrList = confService.getAttributes();
    --- End diff --
    
    Since `getAttributes()` throws a `GuacamoleException`, it will need to be 
caught, here.  That's why I suggest having the `getLDAPAttributes()` method 
throw only `GuacamoleException`, and then using `try {} catch {}` within this 
method to catch and re-throw the `LDAPException` as a `GuacamoleException`.  
One way or the other, though, this needs to be handled.


---

Reply via email to