Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/183#discussion_r134762077
--- Diff:
extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/AuthenticationProviderService.java
---
@@ -105,4 +137,76 @@ public AuthenticatedUser authenticateUser(Credentials
credentials)
}
+ /**
+ * Takes an encrypted string representing a password provided by
+ * the CAS ClearPass service and decrypts it using the private
+ * key configured for this extension. Returns null if it is
+ * unable to decrypt the password.
+ *
+ * @param encryptedPassword
+ * A string with the encrypted password provided by the
+ * CAS service.
+ *
+ * @return
+ * The decrypted password, or null if it is unable to
+ * decrypt the password.
+ * @throws GuacamoleException
+ * If unable to get Guacamole configuration data
--- End diff --
My rationale here was that it's actually okay, and should not halt the
login process, if either the credential object is not available, or it can't be
decrypted. Failure to retrieve or decrypt this property, IMHO, should not stop
the login process from working or connections from being made - the token
simply won't be available. Is there an exception that should be thrown that
would not cause the login process to stop?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
