RE: Access to data associated to guac-organization from Java code
>> How can I get attributes related to DataBase Authentication Provider, not >> Tacacs Authentication Provider? Because with this last, there is no >> attributes. >> @Override >> public Map getAllTokens(String organization) throws >> GuacamoleException { >> final Map tokens = new HashMap> String>(); >> for (Map.Entry entry : >> this.sessionMap.entrySet()) { >> GuacamoleSession session = entry.getValue(); >> Map attr = >> session.getUserContext(session.getAuthenticatedUser() >> >> .getAuthenticationProvider().getIdentifier()).self() >> .getAttributes(); >> if >> (attr.get(User.Attribute.ORGANIZATION).equals(organization) >> && >> !attr.get(User.Attribute.FULL_NAME).equals(USER_KILL_SESSION)) { >> >> tokens.put(entry.getValue().getAuthenticatedUser() >> >> .getCredentials().getUsername(), entry.getKey()); >> } >> } >> return tokens; >> } >> And is throwing a null exception in this line: >> if (attr.get(User.Attribute.ORGANIZATION).equals(organization) && >> !attr.get(User.Attribute.FULL_NAME).equals(USER_KILL_SESSION)) { I have found a solution @Override public Map getAllTokens(String organization) throws GuacamoleException { final Map tokens = new HashMap(); for (Map.Entry entry : this.sessionMap.entrySet()) { GuacamoleSession session = entry.getValue(); Map attr = session.getUserContext(AUTH_PROVIDER_DB).self().getAttributes(); if (attr != null && attr.get(User.Attribute.ORGANIZATION).equals(organization) && !attr.get(User.Attribute.FULL_NAME).equals(USER_KILL_SESSION)) { tokens.put(entry.getValue().getAuthenticatedUser() .getCredentials().getUsername(), entry.getKey()); } } return tokens; } This was a solution: Map attr = session.getUserContext(AUTH_PROVIDER_DB).self().getAttributes(); -Gabriel - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
RE: Access to data associated to guac-organization from Java code
>> You can view the guacamole-ext documentation here: >> https://guacamole.apache.org/doc/guacamole-ext/ >> The user's organization is an Attribute, so it'd be something like: >> GuacamoleSession session = entry.getValue(); tokens.put(entry.getKey(), >> session.getUserContext(session.getAuthenticatedUser().getAuthenticationProvider().getIdentifier()).self().getAttributes(User.Attribute.ORGANIZATION)); >>That's just a quick stab at it based on the class documentation, and without >>factoring in where you're running your getAllTokens() method, what >>permissions it is running with, and that there may be an >>easier way to get >>the information you're wanting. >>That said, I'm not sure why you're wanting to do what the code looks like >>you're doing - it looks to me like you'd end up with a set of Guacamole >>parameter tokens where the name is the session identifier >>(entry.getKey()) and the value is the organization the user belongs to. Since >>session identifiers are going to be random, this wouldn't be a very useful >>token for any configuration purposes - it'll be different for >>every single >>user, and different every time a user logs in.. >>Maybe you could describe, at a higher level, what you're trying to accomplish? How can I get attributes related to DataBase Authentication Provider, not Tacacs Authentication Provider? Because with this last, there is no attributes. @Override public Map getAllTokens(String organization) throws GuacamoleException { final Map tokens = new HashMap(); for (Map.Entry entry : this.sessionMap.entrySet()) { GuacamoleSession session = entry.getValue(); Map attr = session.getUserContext(session.getAuthenticatedUser() .getAuthenticationProvider().getIdentifier()).self() .getAttributes(); if (attr.get(User.Attribute.ORGANIZATION).equals(organization) && !attr.get(User.Attribute.FULL_NAME).equals(USER_KILL_SESSION)) { tokens.put(entry.getValue().getAuthenticatedUser() .getCredentials().getUsername(), entry.getKey()); } } return tokens; } And is throwing a null exception in this line: if (attr.get(User.Attribute.ORGANIZATION).equals(organization) && !attr.get(User.Attribute.FULL_NAME).equals(USER_KILL_SESSION)) { -Gabriel - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
RE: Access to data associated to guac-organization from Java code
I got it. It's gotten with: $client->responseContent() $ perl ga_rest_ses.pl {"gabriel":"8D79E9DBCA94436CD26B55D926C57BF9EC3AB595F3524FA2898B4CFD632A712E"}$ $ cat ga_rest_ses.pl #!/usr/bin/env perl use strict; use warnings; use Config::File::Simple; use REST::Client; use MIME::Base64; use JSON qw//; use Data::Dumper; my $pathProp = $ENV{"REST_PROP"}; our $config = new Config::File::Simple($pathProp . ".ga_rest.properties"); my @arrPar = split(/,/, $config->read('restConnection')); my $headers = {'Connection' => 'close', 'Content-Type' => 'application/json', Authorization => 'Basic ' . encode_base64($arrPar[1] . ':' . $arrPar[2])}; my $client = REST::Client->new(); $client->setHost($arrPar[0]); $client->GET('/ga/api/tokens/all', $headers); my $response = $client->responseCode(); if ($response eq 200) { print $client->responseContent(); } else { print Dumper($client) . "\n"; } -Gabriel -Mensaje original- De: Gabriel Huerta Araujo Enviado el: miércoles, 21 de junio de 2023 02:19 p. m. Para: user@guacamole.apache.org Asunto: RE: Access to data associated to guac-organization from Java code >> I want to create a REST Service call (GET), where Guacamole Application >> gives all users logged(sessionMap attribute(its keys) from >> HashTokenSessionMap class). First this call is going to be called from a >> script >> perl. One by one, by its identifier is going to be called other >> REST Service call (from TokenRESTService.java file). This last call, is also >> called from Perl script. >>@DELETE >>@Path("/{token}") >>public void invalidateToken(@PathParam("token") String authToken) >>throws GuacamoleException { >>// Invalidate session, if it exists >>if (!authenticationService.destroyGuacamoleSession(authToken)) >>throw new GuacamoleResourceNotFoundException("No such >> token."); >> } >> All this, in order to cancel users of the web application. This will be >> temporal, meanwhile I finish the logged in users page, similar to the >> active sessions page This is REST service call response: $VAR1 = bless( { '_res' => bless( { '_rc' => '200', '_msg' => '', '_content' => '{"gabriel":"4C78017C80148A5742E32E155D9A072A93AD9FFCFFC92A97FBE8F3B547469475"}', '_request' => bless( { '_uri' => bless( do{\(my $o = 'http://XX.XX.X.XXX:XXX /ga/api/tokens/all')}, 'URI::http' ), '_headers' => bless( { 'content-type' => 'application/json', 'content-length' => 0, 'authorization' => 'Basic Y25zc2lzdGU6VDF0NG4zcyE= ', 'connection' => 'close', 'user-agent' => 'REST::Client/281' }, 'HTTP::Headers' ), '_method' => 'GET', '_content' => '', '_uri_canonical' => $VAR1->{'_res'}{'_request'}{'_uri'} }, 'HTTP::Request' ), '_headers' => bless( { '::std_case' => { 'client-response-num' => 'Client-Response-Num', 'client-peer' => 'Client-Peer', 'client-date' => 'Client-Date' }, 'client-response-num' => 1, 'client-date' => 'Wed, 21 Jun 2023 19:24:30 GMT', 'connection' => 'close', 'cont
RE: Access to data associated to guac-organization from Java code
>> I want to create a REST Service call (GET), where Guacamole Application >> gives all users logged(sessionMap attribute(its keys) from >> HashTokenSessionMap class). First this call is going to be called from a >> script >> perl. One by one, by its identifier is going to be called other >> REST Service call (from TokenRESTService.java file). This last call, is also >> called from Perl script. >>@DELETE >>@Path("/{token}") >>public void invalidateToken(@PathParam("token") String authToken) >>throws GuacamoleException { >>// Invalidate session, if it exists >>if (!authenticationService.destroyGuacamoleSession(authToken)) >>throw new GuacamoleResourceNotFoundException("No such token."); >> } >> All this, in order to cancel users of the web application. This will be >> temporal, meanwhile I finish the logged in users page, similar to the >> active sessions page This is REST service call response: $VAR1 = bless( { '_res' => bless( { '_rc' => '200', '_msg' => '', '_content' => '{"gabriel":"4C78017C80148A5742E32E155D9A072A93AD9FFCFFC92A97FBE8F3B547469475"}', '_request' => bless( { '_uri' => bless( do{\(my $o = 'http://XX.XX.X.XXX:XXX /ga/api/tokens/all')}, 'URI::http' ), '_headers' => bless( { 'content-type' => 'application/json', 'content-length' => 0, 'authorization' => 'Basic Y25zc2lzdGU6VDF0NG4zcyE= ', 'connection' => 'close', 'user-agent' => 'REST::Client/281' }, 'HTTP::Headers' ), '_method' => 'GET', '_content' => '', '_uri_canonical' => $VAR1->{'_res'}{'_request'}{'_uri'} }, 'HTTP::Request' ), '_headers' => bless( { '::std_case' => { 'client-response-num' => 'Client-Response-Num', 'client-peer' => 'Client-Peer', 'client-date' => 'Client-Date' }, 'client-response-num' => 1, 'client-date' => 'Wed, 21 Jun 2023 19:24:30 GMT', 'connection' => 'close', 'content-type' => 'application/json', 'client-peer' => 'XX.XX.X.XXX:XXX', 'date' => 'Wed, 21 Jun 2023 19:24:30 GMT', 'content-length' => '78' }, 'HTTP::Headers' ), '_protocol' => 'HTTP/1.1' }, 'HTTP::Response' ), '_config' => { 'host' => 'http://XX.XX.X.XXX:XXX ', 'useragent' => bless( { 'handlers' => { 'response_header' => bless( [ { 'line' => '/usr/share/perl5/LWP/UserAgent.pm:768', 'callback' => sub { "DUMMY" }, 'owner' => 'LWP::UserAgent::parse_head',
RE: Access to data associated to guac-organization from Java code
Sorry key for my map used is incorrect. It is not identifier, it is entry.getValue().getAuthenticatedUser().getCredentials().getUsername() -Mensaje original- De: Gabriel Huerta Araujo Enviado el: martes, 20 de junio de 2023 06:33 p. m. Para: user@guacamole.apache.org Asunto: RE: Access to data associated to guac-organization from Java code >> You can view the guacamole-ext documentation here: >> https://guacamole.apache.org/doc/guacamole-ext/ >> The user's organization is an Attribute, so it'd be something like: >> GuacamoleSession session = entry.getValue(); >> tokens.put(entry.getKey(), >> session.getUserContext(session.getAuthenticatedUser().getAuthenticati >> onProvider().getIdentifier()).self().getAttributes(User.Attribute.ORG >> ANIZATION)); >> That's just a quick stab at it based on the class documentation, and >> without factoring in where you're running your getAllTokens() method, what >> permissions it is running with, and that there may be an easier way to get >> the information you're wanting. >> That said, I'm not sure why you're wanting to do what the code looks >> like you're doing - it looks to me like you'd end up with a set of >> Guacamole parameter tokens where the name is the session identifier >> (entry.getKey()) and the value is the organization the user belongs >> to. Since session identifiers are going to be random, this wouldn't be a >> very useful token for any configuration purposes - it'll be different for >> every single user, and different every time a user logs in.. >> Maybe you could describe, at a higher level, what you're trying to >> accomplish? Hi Nick, thanks a lot for your soon response. I want to create a REST Service call (GET), where Guacamole Application gives all users logged(sessionMap attribute(its keys) from HashTokenSessionMap class). First this call is going to be called from a script perl. One by one, by its identifier is going to be called other REST Service call (from TokenRESTService.java file). This last call, is also called from Perl script. @DELETE @Path("/{token}") public void invalidateToken(@PathParam("token") String authToken) throws GuacamoleException { // Invalidate session, if it exists if (!authenticationService.destroyGuacamoleSession(authToken)) throw new GuacamoleResourceNotFoundException("No such token."); } All this, in order to cancel users of the web application. This will be temporal, meanwhile I finish the logged in users page, similar to the active sessions page -Gabriel
RE: Access to data associated to guac-organization from Java code
>> You can view the guacamole-ext documentation here: >> https://guacamole.apache.org/doc/guacamole-ext/ >> The user's organization is an Attribute, so it'd be something like: >> GuacamoleSession session = entry.getValue(); tokens.put(entry.getKey(), >> session.getUserContext(session.getAuthenticatedUser().getAuthenticationProvider().getIdentifier()).self().getAttributes(User.Attribute.ORGANIZATION)); >> That's just a quick stab at it based on the class documentation, and without >> factoring in where you're running your getAllTokens() method, what >> permissions it is running with, and that there may be an >> easier way to get the information you're wanting. >> That said, I'm not sure why you're wanting to do what the code looks like >> you're doing - it looks to me like you'd end up with a set of Guacamole >> parameter tokens where the name is the session identifier >> (entry.getKey()) and the value is the organization the user belongs to. >> Since session identifiers are going to be random, this wouldn't be a very >> useful token for any configuration purposes - it'll be different >> for every single user, and different every time a user logs in.. >> Maybe you could describe, at a higher level, what you're trying to >> accomplish? Hi Nick, thanks a lot for your soon response. I want to create a REST Service call (GET), where Guacamole Application gives all users logged(sessionMap attribute(its keys) from HashTokenSessionMap class). First this call is going to be called from a script perl. One by one, by its identifier is going to be called other REST Service call (from TokenRESTService.java file). This last call, is also called from Perl script. @DELETE @Path("/{token}") public void invalidateToken(@PathParam("token") String authToken) throws GuacamoleException { // Invalidate session, if it exists if (!authenticationService.destroyGuacamoleSession(authToken)) throw new GuacamoleResourceNotFoundException("No such token."); } All this, in order to cancel users of the web application. This will be temporal, meanwhile I finish the logged in users page, similar to the active sessions page -Gabriel
Re: Access to data associated to guac-organization from Java code
On Tue, Jun 20, 2023 at 4:32 PM Gabriel Huerta Araujo wrote: > > Hi > > I am trying to create a REST Service call where organization is passed as > parameter and all tokens associated to this organization can be filtered. > > public Map getAllTokens(String organization) throws > GuacamoleException { > final Map tokens = new HashMap String>(); > for (Map.Entry entry : > this.sessionMap.entrySet()) { > // Here I want to make a decision > where organization passed as parameter is equal to user organization, can be > inserted into map, but I do not know how I can accomplish it. > tokens.put(entry.getKey(), > entry.getValue().getAuthenticatedUser() > .getCredentials().getUsername()); > } > return tokens; > } > > Is there some link which explains all classes related to this subject? You can view the guacamole-ext documentation here: https://guacamole.apache.org/doc/guacamole-ext/ The user's organization is an Attribute, so it'd be something like: GuacamoleSession session = entry.getValue(); tokens.put(entry.getKey(), session.getUserContext(session.getAuthenticatedUser().getAuthenticationProvider().getIdentifier()).self().getAttributes(User.Attribute.ORGANIZATION)); That's just a quick stab at it based on the class documentation, and without factoring in where you're running your getAllTokens() method, what permissions it is running with, and that there may be an easier way to get the information you're wanting. That said, I'm not sure why you're wanting to do what the code looks like you're doing - it looks to me like you'd end up with a set of Guacamole parameter tokens where the name is the session identifier (entry.getKey()) and the value is the organization the user belongs to. Since session identifiers are going to be random, this wouldn't be a very useful token for any configuration purposes - it'll be different for every single user, and different every time a user logs in.. Maybe you could describe, at a higher level, what you're trying to accomplish? -Nick - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org