mike-jumper opened a new pull request #576: URL: https://github.com/apache/guacamole-client/pull/576
This change adds the [guacamole-auth-json extension](https://github.com/glyptodon/guacamole-auth-json) to the main guacamole-client project. It was originally created and maintained by [Glyptodon, Inc.](https://enterprise.glyptodon.com/), but been increasingly cited on the mailing lists and would definitely be a good addition to the set of extensions provided out-of-the-box by Apache Guacamole. From the original `README.md`: > guacamole-auth-json is an authentication extension for Apache Guacamole which authenticates users using JSON which has been signed using HMAC/SHA-256 and encrypted with 128-bit AES in CBC mode. This JSON contains all information describing the user being authenticated, as well as any connections they have access to. The extension allows external applications to authenticate and authorize users by declaring those users' identities and available connections within encrypted and signed JSON. Encryption ensures the contents of the JSON (typically sensitive connection parameters) cannot be read except by Guacamole itself, while signing ensures the JSON is accepted only if it has been generated by a server authorized to generate it. ## Additional changes The first commit here is a verbatim copy from [the original guacamole-auth-json repository](https://github.com/glyptodon/guacamole-auth-json) at [commit f7b2eaf](https://github.com/glyptodon/guacamole-auth-json/tree/f7b2eaf6a65b7cd25fd73437360e36fe46e0bcb9). From there, I have made the following additional changes: * Refactored `org.glyptodon.guacamole.*` packages to `org.apache.guacamole.*`. * Relicensed under Apache License v2.0. * Removed the `@author` annotations that we do not use in the guacamole-client project. * Refactored useful property classes out of the extension and into guacamole-ext. * Documented the licenses of all bundled dependencies. * Updated to the latest guacamole-ext. * Updated the Spring Security library to the latest (used here to validate IP addresses). ## Third-party contributions and the Software Grant Agreement I've already gone ahead and signed an [SGA](https://www.apache.org/licenses/contributor-agreements.html#grants) on behalf of Glyptodon, so things should be good to go. There was a recent contribution from @BojanZelic (glyptodon/guacamole-auth-json#11), which could have made the SGA more complicated. The version of the code contributed here is just prior to that contribution, and @BojanZelic says he's OK with re-contributing things to the guacamole-client repository when it's ready. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
