Github user necouchman commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/299#discussion_r194864605
--- Diff:
extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/AuthenticationProviderService.java
---
@@ -221,21 +229,82 @@ public AuthenticatedUser authenticateUser(Credentials
credentials)
throw new GuacamoleInvalidCredentialsException("Permission
denied.", CredentialsInfo.USERNAME_PASSWORD);
try {
-
// Return AuthenticatedUser if bind succeeds
AuthenticatedUser authenticatedUser =
authenticatedUserProvider.get();
authenticatedUser.init(credentials);
+
+ //set attributes
+ String username = credentials.getUsername();
+ Map<String, String> attrs = getLDAPAttributes(ldapConnection,
username);
+ authenticatedUser.setAttributes(attrs);
+
return authenticatedUser;
}
-
// Always disconnect
finally {
ldapService.disconnect(ldapConnection);
}
}
+ /**
+ * Returns all custom LDAP attributes on the user currently bound under
+ * the given LDAP connection. The custom attributes are specified in
+ * guacamole.properties.
+ *
+ * @param ldapConnection
+ * LDAP connection to find the custom LDAP attributes.
+ *
+ * @param username
+ * The username of the user whose attributes are queried.
+ *
+ * @return
+ * All attributes on the user currently bound under the
+ * given LDAP connection, as a map of attribute name to
+ * corresponding attribute value.
+ *
+ * @throws LDAPException
+ * If an error occurs while searching for the user attributes.
+ *
+ * @throws GuacamoleException
+ * If an error occurs retrieving the user DN.
+ */
+ private Map<String, String> getLDAPAttributes(LDAPConnection
ldapConnection,
+ String username) throws GuacamoleException {
+
+ // Get attributes from configuration information
+ List<String> attrList = confService.getAttributes();
+
+ // If there are no attributes there is no reason to search LDAP
+ if (attrList == null || attrList.isEmpty())
+ return null;
+
+ // Build LDAP query parameters
+ String[] attrArray = attrList.toArray(new String[attrList.size()]);
+ String userDN = getUserBindDN(username);
+
+ Map<String, String> attrMap = new HashMap<String, String>();
+ try {
+ // Get LDAP attributes by querying LDAP
+ LDAPEntry userEntry = ldapConnection.read(userDN, attrArray);
+ LDAPAttributeSet attrSet = userEntry.getAttributeSet();
+
+ // Add each attribute into Map
+ for (Object attrObj : attrSet) {
+ LDAPAttribute attr = (LDAPAttribute)attrObj;
+ String attrName = attr.getName();
+ String attrValue = attr.getStringValue();
+ attrMap.put(attrName, attrValue);
--- End diff --
Can simplify this to:
attrMap.put(attr.getName(), attr.getStringValue());
and avoid the extra `String` variables that don't get used.
---
