[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127614757
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,352 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.File;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusClient, configured with parameters
+ * from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * configuration of RadiusClient fails.
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+}
+
+}
+
+/**
+ * Creates a new instance of RadiusAuthentictor, configured with
+ * parameters specified within guacamole.properties.
+ *
+ * @return
+ * A new RadiusAuthenticator instance which has been configured
+ * with parameters from guacamole.propert
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127614753
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,352 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.File;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusClient, configured with parameters
+ * from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * configuration of RadiusClient fails.
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+}
+
+}
+
+/**
+ * Creates a new instance of RadiusAuthentictor, configured with
+ * parameters specified within guacamole.properties.
+ *
+ * @return
+ * A new RadiusAuthenticator instance which has been configured
+ * with parameters from guacamole.propert
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127613709
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,352 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.File;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusClient, configured with parameters
+ * from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * configuration of RadiusClient fails.
+ */
+private void createRadiusConnection() {
--- End diff --
Okay, this should be cleaned up on both counts - this returns the
RadiusClient object, now, and the class-level object is removed. Also, the
disconnect method has been removed and the methods that make the
createRadiusConnection() call also clean up.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127613506
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,352 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.File;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusClient, configured with parameters
+ * from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * configuration of RadiusClient fails.
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+}
+
+}
+
+/**
+ * Creates a new instance of RadiusAuthentictor, configured with
+ * parameters specified within guacamole.properties.
+ *
+ * @return
+ * A new RadiusAuthenticator instance which has been configured
+ * with parameters from guacamole.propert
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127611971
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,352 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.File;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusClient, configured with parameters
+ * from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * configuration of RadiusClient fails.
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+}
+
+}
+
+/**
+ * Creates a new instance of RadiusAuthentictor, configured with
+ * parameters specified within guacamole.properties.
+ *
+ * @return
+ * A new RadiusAuthenticator instance which has been configured
+ * with parameters from guacamole.proper
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127605481
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusGuacamoleProperties.java
---
@@ -0,0 +1,191 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import org.apache.guacamole.properties.BooleanGuacamoleProperty;
+import org.apache.guacamole.properties.IntegerGuacamoleProperty;
+import org.apache.guacamole.properties.StringGuacamoleProperty;
+
+
+/**
+ * Provides properties required for use of the RADIUS authentication
provider.
+ * These properties will be read from guacamole.properties when the RADIUS
+ * authentication provider is used.
+ */
+public class RadiusGuacamoleProperties {
+
+/**
+ * This class should not be instantiated.
+ */
+private RadiusGuacamoleProperties() {}
+
+/**
+ * The port on the RADIUS server to connect to when authenticating
users.
+ */
+public static final IntegerGuacamoleProperty RADIUS_AUTH_PORT = new
IntegerGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-auth-port"; }
+
+};
+
+/**
+ * The port on the RADIUS server to connect to when accounting users.
+ */
+public static final IntegerGuacamoleProperty RADIUS_ACCT_PORT = new
IntegerGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-acct-port"; }
+
+};
+
+
+/**
+ * The hostname or ip of the RADIUS server to connect to when
authenticating users.
+ */
+public static final StringGuacamoleProperty RADIUS_SERVER = new
StringGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-server"; }
+
+};
+
+/**
+ * The shared secret of the RADIUS server to connect to when
authenticating users.
--- End diff --
Should be better now.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127605470
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusGuacamoleProperties.java
---
@@ -0,0 +1,191 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import org.apache.guacamole.properties.BooleanGuacamoleProperty;
+import org.apache.guacamole.properties.IntegerGuacamoleProperty;
+import org.apache.guacamole.properties.StringGuacamoleProperty;
+
+
+/**
+ * Provides properties required for use of the RADIUS authentication
provider.
+ * These properties will be read from guacamole.properties when the RADIUS
+ * authentication provider is used.
+ */
+public class RadiusGuacamoleProperties {
+
+/**
+ * This class should not be instantiated.
+ */
+private RadiusGuacamoleProperties() {}
+
+/**
+ * The port on the RADIUS server to connect to when authenticating
users.
+ */
+public static final IntegerGuacamoleProperty RADIUS_AUTH_PORT = new
IntegerGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-auth-port"; }
+
+};
+
+/**
+ * The port on the RADIUS server to connect to when accounting users.
--- End diff --
Hopefully this change makes a little more sense.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127593432
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,352 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.File;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusClient, configured with parameters
+ * from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * configuration of RadiusClient fails.
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+}
+
+}
+
+/**
+ * Creates a new instance of RadiusAuthentictor, configured with
+ * parameters specified within guacamole.properties.
+ *
+ * @return
+ * A new RadiusAuthenticator instance which has been configured
+ * with parameters from guacamole.propert
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127593360
--- Diff:
extensions/guacamole-auth-radius/src/main/resources/styles/radius.css ---
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+.radius-challenge-response-field-container {
+height: 100%;
+width: 100%;
+position: fixed;
+left: 0;
+top: 0;
+display: table;
+background: white;
+}
+
+.radius-challenge-response-field {
+width: 100%;
+display: table-cell;
+vertical-align: middle;
+}
+
+.radius-challenge-response-field input[type="submit"] {
+display: none !important;
+}
+
+.radius-challenge-response-field.loading iframe {
--- End diff --
I like pasta.
Quite likely I copied/pasted from auth-duo, especially since at one point I
wasn't sure if I needed an iframe for this...
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127593336
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusGuacamoleProperties.java
---
@@ -0,0 +1,191 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import org.apache.guacamole.properties.BooleanGuacamoleProperty;
+import org.apache.guacamole.properties.IntegerGuacamoleProperty;
+import org.apache.guacamole.properties.StringGuacamoleProperty;
+
+
+/**
+ * Provides properties required for use of the RADIUS authentication
provider.
+ * These properties will be read from guacamole.properties when the RADIUS
+ * authentication provider is used.
+ */
+public class RadiusGuacamoleProperties {
+
+/**
+ * This class should not be instantiated.
+ */
+private RadiusGuacamoleProperties() {}
+
+/**
+ * The port on the RADIUS server to connect to when authenticating
users.
+ */
+public static final IntegerGuacamoleProperty RADIUS_AUTH_PORT = new
IntegerGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-auth-port"; }
+
+};
+
+/**
+ * The port on the RADIUS server to connect to when accounting users.
+ */
+public static final IntegerGuacamoleProperty RADIUS_ACCT_PORT = new
IntegerGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-acct-port"; }
+
+};
+
+
+/**
+ * The hostname or ip of the RADIUS server to connect to when
authenticating users.
+ */
+public static final StringGuacamoleProperty RADIUS_SERVER = new
StringGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-server"; }
+
+};
+
+/**
+ * The shared secret of the RADIUS server to connect to when
authenticating users.
+ */
+public static final StringGuacamoleProperty RADIUS_SHARED_SECRET = new
StringGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-shared-secret"; }
+
+};
+
+/**
+ * The authentication protocol of the RADIUS server to connect to when
authenticating users.
+ */
+public static final StringGuacamoleProperty RADIUS_AUTH_PROTOCOL = new
StringGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-auth-protocol"; }
+
+};
+
+/**
+ * The number of retries when attempting a radius packet transaction.
--- End diff --
RADIUS it is. Corrected this and one other place, but other than that the
only other "inconsistencies" I see are in the actual code where there is either
lower-case or camel case. Are you referring here to comments only, or
replacing all instances of radius and Radius in code with RADIUS?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127593136
--- Diff:
extensions/guacamole-auth-radius/src/main/resources/styles/radius.css ---
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+.radius-challenge-response-field-container {
+height: 100%;
+width: 100%;
+position: fixed;
+left: 0;
+top: 0;
+display: table;
+background: white;
+}
+
+.radius-challenge-response-field {
+width: 100%;
+display: table-cell;
+vertical-align: middle;
+}
+
+.radius-challenge-response-field input[type="submit"] {
+display: none !important;
+}
+
+.radius-challenge-response-field.loading iframe {
--- End diff --
Is there an `iframe` anywhere?
Or ... is this just copypasta from the guacamole-auth-duo CSS?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127593074
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusGuacamoleProperties.java
---
@@ -0,0 +1,191 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import org.apache.guacamole.properties.BooleanGuacamoleProperty;
+import org.apache.guacamole.properties.IntegerGuacamoleProperty;
+import org.apache.guacamole.properties.StringGuacamoleProperty;
+
+
+/**
+ * Provides properties required for use of the RADIUS authentication
provider.
+ * These properties will be read from guacamole.properties when the RADIUS
+ * authentication provider is used.
+ */
+public class RadiusGuacamoleProperties {
+
+/**
+ * This class should not be instantiated.
+ */
+private RadiusGuacamoleProperties() {}
+
+/**
+ * The port on the RADIUS server to connect to when authenticating
users.
+ */
+public static final IntegerGuacamoleProperty RADIUS_AUTH_PORT = new
IntegerGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-auth-port"; }
+
+};
+
+/**
+ * The port on the RADIUS server to connect to when accounting users.
+ */
+public static final IntegerGuacamoleProperty RADIUS_ACCT_PORT = new
IntegerGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-acct-port"; }
+
+};
+
+
+/**
+ * The hostname or ip of the RADIUS server to connect to when
authenticating users.
+ */
+public static final StringGuacamoleProperty RADIUS_SERVER = new
StringGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-server"; }
+
+};
+
+/**
+ * The shared secret of the RADIUS server to connect to when
authenticating users.
+ */
+public static final StringGuacamoleProperty RADIUS_SHARED_SECRET = new
StringGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-shared-secret"; }
+
+};
+
+/**
+ * The authentication protocol of the RADIUS server to connect to when
authenticating users.
+ */
+public static final StringGuacamoleProperty RADIUS_AUTH_PROTOCOL = new
StringGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-auth-protocol"; }
+
+};
+
+/**
+ * The number of retries when attempting a radius packet transaction.
--- End diff --
Which is correct: "RADIUS", "radius", or "Radius"?
I've seen each of these in the source here, with "RADIUS" being the most
dominant, but we should pick one and stick with it.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127593054
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusGuacamoleProperties.java
---
@@ -0,0 +1,191 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import org.apache.guacamole.properties.BooleanGuacamoleProperty;
+import org.apache.guacamole.properties.IntegerGuacamoleProperty;
+import org.apache.guacamole.properties.StringGuacamoleProperty;
+
+
+/**
+ * Provides properties required for use of the RADIUS authentication
provider.
+ * These properties will be read from guacamole.properties when the RADIUS
+ * authentication provider is used.
+ */
+public class RadiusGuacamoleProperties {
+
+/**
+ * This class should not be instantiated.
+ */
+private RadiusGuacamoleProperties() {}
+
+/**
+ * The port on the RADIUS server to connect to when authenticating
users.
+ */
+public static final IntegerGuacamoleProperty RADIUS_AUTH_PORT = new
IntegerGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-auth-port"; }
+
+};
+
+/**
+ * The port on the RADIUS server to connect to when accounting users.
+ */
+public static final IntegerGuacamoleProperty RADIUS_ACCT_PORT = new
IntegerGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-acct-port"; }
+
+};
+
+
+/**
+ * The hostname or ip of the RADIUS server to connect to when
authenticating users.
+ */
+public static final StringGuacamoleProperty RADIUS_SERVER = new
StringGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-server"; }
+
+};
+
+/**
+ * The shared secret of the RADIUS server to connect to when
authenticating users.
--- End diff --
> The shared secret of the RADIUS server to connect to ...
The wording "to connect to" implies that this value determines which RADIUS
server is being used, and that changing this value would potentially select a
different server.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127592967
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusGuacamoleProperties.java
---
@@ -0,0 +1,191 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import org.apache.guacamole.properties.BooleanGuacamoleProperty;
+import org.apache.guacamole.properties.IntegerGuacamoleProperty;
+import org.apache.guacamole.properties.StringGuacamoleProperty;
+
+
+/**
+ * Provides properties required for use of the RADIUS authentication
provider.
+ * These properties will be read from guacamole.properties when the RADIUS
+ * authentication provider is used.
+ */
+public class RadiusGuacamoleProperties {
+
+/**
+ * This class should not be instantiated.
+ */
+private RadiusGuacamoleProperties() {}
+
+/**
+ * The port on the RADIUS server to connect to when authenticating
users.
+ */
+public static final IntegerGuacamoleProperty RADIUS_AUTH_PORT = new
IntegerGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-auth-port"; }
+
+};
+
+/**
+ * The port on the RADIUS server to connect to when accounting users.
--- End diff --
What do you mean by "accounting" users?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127592956
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,352 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.File;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusClient, configured with parameters
+ * from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * configuration of RadiusClient fails.
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+}
+
+}
+
+/**
+ * Creates a new instance of RadiusAuthentictor, configured with
+ * parameters specified within guacamole.properties.
+ *
+ * @return
+ * A new RadiusAuthenticator instance which has been configured
+ * with parameters from guacamole.proper
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127592913
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,352 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.File;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusClient, configured with parameters
+ * from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * configuration of RadiusClient fails.
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+}
+
+}
+
+/**
+ * Creates a new instance of RadiusAuthentictor, configured with
+ * parameters specified within guacamole.properties.
+ *
+ * @return
+ * A new RadiusAuthenticator instance which has been configured
+ * with parameters from guacamole.proper
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127592891
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,352 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.File;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusClient, configured with parameters
+ * from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * configuration of RadiusClient fails.
+ */
+private void createRadiusConnection() {
--- End diff --
Are the `authenticate()` functions the only usages of this
`createRadiusConnection()` function? If so:
1. It's a little funky to have a function which creates a thing, exposing
said thing through setting a variable at the class level. Why not return the
object?
2. If the `authenticate()` functions invoke this function, which allocates
resources which will not be automatically freed, the requirement that
`disconnect()` must be called to free those resources needs to be documented. A
better approach would be to avoid imposing such a requirement at all, though.
If no other functions need what `createRadiusConnection()` creates, and the
connection created by `createRadiusConnection()` is never reused, it should be
the responsibility of the calling function to clean up after itself.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127592755
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,352 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.File;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusClient, configured with parameters
+ * from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * configuration of RadiusClient fails.
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+}
+
+}
+
+/**
+ * Creates a new instance of RadiusAuthentictor, configured with
+ * parameters specified within guacamole.properties.
+ *
+ * @return
+ * A new RadiusAuthenticator instance which has been configured
+ * with parameters from guacamole.proper
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127546651
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
---
@@ -0,0 +1,223 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import java.util.Arrays;
+import javax.servlet.http.HttpServletRequest;
+import org.apache.guacamole.auth.radius.user.AuthenticatedUser;
+import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField;
+import org.apache.guacamole.auth.radius.form.RadiusStateField;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.form.Field;
+import org.apache.guacamole.net.auth.Credentials;
+import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.dictionary.Attr_State;
+import net.jradius.dictionary.Attr_ReplyMessage;
+import net.jradius.exception.UnknownAttributeException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessAccept;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.AccessReject;
+import net.jradius.packet.AccessRequest;
+import net.jradius.packet.AccessResponse;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+
+/**
+ * Service providing convenience functions for the RADIUS
AuthenticationProvider
+ * implementation.
+ */
+public class AuthenticationProviderService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(AuthenticationProviderService.class);
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+@Inject
+private RadiusConnectionService radiusService;
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+/**
+ * Provider for AuthenticatedUser objects.
+ */
+@Inject
+private Provider authenticatedUserProvider;
+
+/**
+ * Returns an AuthenticatedUser representing the user authenticated by
the
+ * given credentials.
+ *
+ * @param credentials
+ * The credentials to use for authentication.
+ *
+ * @return
+ * An AuthenticatedUser representing the user authenticated by the
+ * given credentials.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while authenticating the user, or if access
is
+ * denied.
+ */
+public AuthenticatedUser authenticateUser(Credentials credentials)
+throws GuacamoleException {
+
+// Grab the HTTP Request from the credentials object
+HttpServletRequest request = credentials.getRequest();
+
+// Set up RadiusPacket object
+RadiusPacket radPack;
+
+// Ignore anonymous users
+if (credentials.getUsername() == null ||
credentials.getUsername().isEmpty())
+return null;
+
+// Password is required
+if (credentials.getPassword() == null ||
credentials.getPassword().isEmpty())
+return null;
+
+// Try to get parameters to see if this is a post-challenge attempt
+String challengeResponse =
request.getParameter(RadiusChallengeResponseField.PARAMETER_NAME);
+
+// We
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127546194
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
---
@@ -0,0 +1,223 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import java.util.Arrays;
+import javax.servlet.http.HttpServletRequest;
+import org.apache.guacamole.auth.radius.user.AuthenticatedUser;
+import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField;
+import org.apache.guacamole.auth.radius.form.RadiusStateField;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.form.Field;
+import org.apache.guacamole.net.auth.Credentials;
+import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.dictionary.Attr_State;
+import net.jradius.dictionary.Attr_ReplyMessage;
+import net.jradius.exception.UnknownAttributeException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessAccept;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.AccessReject;
+import net.jradius.packet.AccessRequest;
+import net.jradius.packet.AccessResponse;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+
+/**
+ * Service providing convenience functions for the RADIUS
AuthenticationProvider
+ * implementation.
+ */
+public class AuthenticationProviderService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(AuthenticationProviderService.class);
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+@Inject
+private RadiusConnectionService radiusService;
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+/**
+ * Provider for AuthenticatedUser objects.
+ */
+@Inject
+private Provider authenticatedUserProvider;
+
+/**
+ * Returns an AuthenticatedUser representing the user authenticated by
the
+ * given credentials.
+ *
+ * @param credentials
+ * The credentials to use for authentication.
+ *
+ * @return
+ * An AuthenticatedUser representing the user authenticated by the
+ * given credentials.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while authenticating the user, or if access
is
+ * denied.
+ */
+public AuthenticatedUser authenticateUser(Credentials credentials)
+throws GuacamoleException {
+
+// Grab the HTTP Request from the credentials object
+HttpServletRequest request = credentials.getRequest();
+
+// Set up RadiusPacket object
+RadiusPacket radPack;
+
+// Ignore anonymous users
+if (credentials.getUsername() == null ||
credentials.getUsername().isEmpty())
+return null;
+
+// Password is required
+if (credentials.getPassword() == null ||
credentials.getPassword().isEmpty())
+return null;
+
+// Try to get parameters to see if this is a post-challenge attempt
+String challengeResponse =
request.getParameter(RadiusChallengeResponseField.PARAMETER_NAME);
+
+// We
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127545726
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
---
@@ -0,0 +1,223 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import java.util.Arrays;
+import javax.servlet.http.HttpServletRequest;
+import org.apache.guacamole.auth.radius.user.AuthenticatedUser;
+import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField;
+import org.apache.guacamole.auth.radius.form.RadiusStateField;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.form.Field;
+import org.apache.guacamole.net.auth.Credentials;
+import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.dictionary.Attr_State;
+import net.jradius.dictionary.Attr_ReplyMessage;
+import net.jradius.exception.UnknownAttributeException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessAccept;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.AccessReject;
+import net.jradius.packet.AccessRequest;
+import net.jradius.packet.AccessResponse;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+
+/**
+ * Service providing convenience functions for the RADIUS
AuthenticationProvider
+ * implementation.
+ */
+public class AuthenticationProviderService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(AuthenticationProviderService.class);
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+@Inject
+private RadiusConnectionService radiusService;
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+/**
+ * Provider for AuthenticatedUser objects.
+ */
+@Inject
+private Provider authenticatedUserProvider;
+
+/**
+ * Returns an AuthenticatedUser representing the user authenticated by
the
+ * given credentials.
+ *
+ * @param credentials
+ * The credentials to use for authentication.
+ *
+ * @return
+ * An AuthenticatedUser representing the user authenticated by the
+ * given credentials.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while authenticating the user, or if access
is
+ * denied.
+ */
+public AuthenticatedUser authenticateUser(Credentials credentials)
+throws GuacamoleException {
+
+// Grab the HTTP Request from the credentials object
+HttpServletRequest request = credentials.getRequest();
+
+// Set up RadiusPacket object
+RadiusPacket radPack;
+
+// Ignore anonymous users
+if (credentials.getUsername() == null ||
credentials.getUsername().isEmpty())
+return null;
+
+// Password is required
+if (credentials.getPassword() == null ||
credentials.getPassword().isEmpty())
+return null;
+
+// Try to get parameters to see if this is a post-challenge attempt
+String challengeResponse =
request.getParameter(RadiusChallengeResponseField.PARAMETER_NAME);
+
+// We
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127544900 --- Diff: extensions/guacamole-auth-radius/pom.xml --- @@ -0,0 +1,248 @@ + + +http://maven.apache.org/POM/4.0.0"; +xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; +xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 +http://maven.apache.org/maven-v4_0_0.xsd";> + +4.0.0 +org.apache.guacamole +guacamole-auth-radius +jar +0.9.11-incubating --- End diff -- Bumped version and rebased to current master. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at [email protected] or file a JIRA ticket with INFRA. ---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127536080
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
---
@@ -0,0 +1,223 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import java.util.Arrays;
+import javax.servlet.http.HttpServletRequest;
+import org.apache.guacamole.auth.radius.user.AuthenticatedUser;
+import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField;
+import org.apache.guacamole.auth.radius.form.RadiusStateField;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.form.Field;
+import org.apache.guacamole.net.auth.Credentials;
+import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.dictionary.Attr_State;
+import net.jradius.dictionary.Attr_ReplyMessage;
+import net.jradius.exception.UnknownAttributeException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessAccept;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.AccessReject;
+import net.jradius.packet.AccessRequest;
+import net.jradius.packet.AccessResponse;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+
+/**
+ * Service providing convenience functions for the RADIUS
AuthenticationProvider
+ * implementation.
+ */
+public class AuthenticationProviderService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(AuthenticationProviderService.class);
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+@Inject
+private RadiusConnectionService radiusService;
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+/**
+ * Provider for AuthenticatedUser objects.
+ */
+@Inject
+private Provider authenticatedUserProvider;
+
+/**
+ * Returns an AuthenticatedUser representing the user authenticated by
the
+ * given credentials.
+ *
+ * @param credentials
+ * The credentials to use for authentication.
+ *
+ * @return
+ * An AuthenticatedUser representing the user authenticated by the
+ * given credentials.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while authenticating the user, or if access
is
+ * denied.
+ */
+public AuthenticatedUser authenticateUser(Credentials credentials)
+throws GuacamoleException {
+
+// Grab the HTTP Request from the credentials object
+HttpServletRequest request = credentials.getRequest();
+
+// Set up RadiusPacket object
+RadiusPacket radPack;
+
+// Ignore anonymous users
+if (credentials.getUsername() == null ||
credentials.getUsername().isEmpty())
+return null;
+
+// Password is required
+if (credentials.getPassword() == null ||
credentials.getPassword().isEmpty())
+return null;
+
+// Try to get parameters to see if this is a post-challenge attempt
+String challengeResponse =
request.getParameter(RadiusChallengeResponseField.PARAMETER_NAME);
+
+// We
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request: https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127535664 --- Diff: extensions/guacamole-auth-radius/src/licenses/LICENSE --- @@ -0,0 +1,255 @@ + + Apache License + Version 2.0, January 2004 +http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensa
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request: https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127535505 --- Diff: extensions/guacamole-auth-radius/pom.xml --- @@ -0,0 +1,248 @@ + + +http://maven.apache.org/POM/4.0.0"; +xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; +xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 +http://maven.apache.org/maven-v4_0_0.xsd";> + +4.0.0 +org.apache.guacamole +guacamole-auth-radius +jar +0.9.11-incubating --- End diff -- Due to timing, this (and the dependencies ... and `guac-manifest.json`) will need to be bumped up to 0.9.13-incubating. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at [email protected] or file a JIRA ticket with INFRA. ---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127535919
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
---
@@ -0,0 +1,223 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import java.util.Arrays;
+import javax.servlet.http.HttpServletRequest;
+import org.apache.guacamole.auth.radius.user.AuthenticatedUser;
+import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField;
+import org.apache.guacamole.auth.radius.form.RadiusStateField;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.form.Field;
+import org.apache.guacamole.net.auth.Credentials;
+import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.dictionary.Attr_State;
+import net.jradius.dictionary.Attr_ReplyMessage;
+import net.jradius.exception.UnknownAttributeException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessAccept;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.AccessReject;
+import net.jradius.packet.AccessRequest;
+import net.jradius.packet.AccessResponse;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+
+/**
+ * Service providing convenience functions for the RADIUS
AuthenticationProvider
+ * implementation.
+ */
+public class AuthenticationProviderService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(AuthenticationProviderService.class);
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+@Inject
+private RadiusConnectionService radiusService;
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+/**
+ * Provider for AuthenticatedUser objects.
+ */
+@Inject
+private Provider authenticatedUserProvider;
+
+/**
+ * Returns an AuthenticatedUser representing the user authenticated by
the
+ * given credentials.
+ *
+ * @param credentials
+ * The credentials to use for authentication.
+ *
+ * @return
+ * An AuthenticatedUser representing the user authenticated by the
+ * given credentials.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while authenticating the user, or if access
is
+ * denied.
+ */
+public AuthenticatedUser authenticateUser(Credentials credentials)
+throws GuacamoleException {
+
+// Grab the HTTP Request from the credentials object
+HttpServletRequest request = credentials.getRequest();
+
+// Set up RadiusPacket object
+RadiusPacket radPack;
+
+// Ignore anonymous users
+if (credentials.getUsername() == null ||
credentials.getUsername().isEmpty())
+return null;
+
+// Password is required
+if (credentials.getPassword() == null ||
credentials.getPassword().isEmpty())
+return null;
+
+// Try to get parameters to see if this is a post-challenge attempt
+String challengeResponse =
request.getParameter(RadiusChallengeResponseField.PARAMETER_NAME);
+
+// We
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r127536583
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
---
@@ -0,0 +1,223 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import java.util.Arrays;
+import javax.servlet.http.HttpServletRequest;
+import org.apache.guacamole.auth.radius.user.AuthenticatedUser;
+import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField;
+import org.apache.guacamole.auth.radius.form.RadiusStateField;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.form.Field;
+import org.apache.guacamole.net.auth.Credentials;
+import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.dictionary.Attr_State;
+import net.jradius.dictionary.Attr_ReplyMessage;
+import net.jradius.exception.UnknownAttributeException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessAccept;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.AccessReject;
+import net.jradius.packet.AccessRequest;
+import net.jradius.packet.AccessResponse;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+
+/**
+ * Service providing convenience functions for the RADIUS
AuthenticationProvider
+ * implementation.
+ */
+public class AuthenticationProviderService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(AuthenticationProviderService.class);
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+@Inject
+private RadiusConnectionService radiusService;
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+/**
+ * Provider for AuthenticatedUser objects.
+ */
+@Inject
+private Provider authenticatedUserProvider;
+
+/**
+ * Returns an AuthenticatedUser representing the user authenticated by
the
+ * given credentials.
+ *
+ * @param credentials
+ * The credentials to use for authentication.
+ *
+ * @return
+ * An AuthenticatedUser representing the user authenticated by the
+ * given credentials.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while authenticating the user, or if access
is
+ * denied.
+ */
+public AuthenticatedUser authenticateUser(Credentials credentials)
+throws GuacamoleException {
+
+// Grab the HTTP Request from the credentials object
+HttpServletRequest request = credentials.getRequest();
+
+// Set up RadiusPacket object
+RadiusPacket radPack;
+
+// Ignore anonymous users
+if (credentials.getUsername() == null ||
credentials.getUsername().isEmpty())
+return null;
+
+// Password is required
+if (credentials.getPassword() == null ||
credentials.getPassword().isEmpty())
+return null;
+
+// Try to get parameters to see if this is a post-challenge attempt
+String challengeResponse =
request.getParameter(RadiusChallengeResponseField.PARAMETER_NAME);
+
+// We
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r111689355 --- Diff: extensions/guacamole-auth-radius/src/licenses/bundled/README --- @@ -0,0 +1,4 @@ +Apache Guacamole includes a number of subcomponents with separate copyright +notices and license terms. Your use of these subcomponents is subject to the --- End diff -- Okay, I got a response on the LEGAL JIRA issue I opened up. See it, here: https://issues.apache.org/jira/browse/LEGAL-299 Based on the response, there, I think we're okay - I have one follow-up that I'll ask on there, but it seems like we're falling very narrowly in the scope of what's okay to do in ASF projects with (L)GPL licenses. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at [email protected] or file a JIRA ticket with INFRA. ---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110965266
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
+ * from guacamole.properties.
+ *
+ * @return
+ * A new RadiusConnection instance which has already been
configured
+ * with parameters from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * requested encryption method is actually not implemented (a bug).
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+return;
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+return;
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+return;
+}
+
+}
+
+/**
+ * Creates a new instance of Radi
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110948923
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/ConfigurationService.java
---
@@ -0,0 +1,314 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.util.Collections;
+import java.util.List;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.environment.Environment;
+
+/**
+ * Service for retrieving configuration information regarding the RADIUS
server.
+ */
+public class ConfigurationService {
+
+/**
+ * The Guacamole server environment.
+ */
+@Inject
+private Environment environment;
+
+/**
+ * Returns the hostname of the RADIUS server as configured with
+ * guacamole.properties. By default, this will be "localhost".
+ *
+ * @return
+ * The hostname of the RADIUS server, as configured with
+ * guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+public String getRadiusServer() throws GuacamoleException {
+return environment.getProperty(
+RadiusGuacamoleProperties.RADIUS_SERVER,
+"localhost"
+);
+}
+
+/**
+ * Returns the authentication port of the RADIUS server configured with
+ * guacamole.properties.
+ *
+ * @return
+ * The authentication port of the RADIUS server, as configured with
+ * guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+public int getRadiusAuthPort() throws GuacamoleException {
+return environment.getProperty(
+RadiusGuacamoleProperties.RADIUS_AUTH_PORT,
+1812
+);
+}
+
+/**
+ * Returns the accounting port of the RADIUS server configured with
+ * guacamole.properties.
+ *
+ * @return
+ * The accouting port of the RADIUS server, as configured with
+ * guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+public int getRadiusAcctPort() throws GuacamoleException {
+return environment.getProperty(
+RadiusGuacamoleProperties.RADIUS_ACCT_PORT,
+1813
+);
+}
+
+/**
+ * Returns the shared secret of the RADIUS server configured with
+ * guacamole.properties.
+ *
+ * @return
+ * The shared secret of the RADIUS server, as configured with
+ * guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+public String getRadiusSharedSecret() throws GuacamoleException {
+return environment.getProperty(
+RadiusGuacamoleProperties.RADIUS_SHARED_SECRET,
+null
--- End diff --
Removed.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110940336 --- Diff: extensions/guacamole-auth-radius/src/licenses/bundled/README --- @@ -0,0 +1,4 @@ +Apache Guacamole includes a number of subcomponents with separate copyright +notices and license terms. Your use of these subcomponents is subject to the --- End diff -- Sounds like there are a couple of potential routes here: - Go with the current roadmap and just distribute the source. - Build/distribute a binary that includes everything except the Category-X licenses, with instructions that these additional dependencies need to be retrieved/downloaded. I don't know how feasible this is with maven - is it possible to tell it there are dependencies, but *not* to package them? Also, if we went this route, is there a place where it would make sense to tell users to drop the JAR file(s) for those dependencies? And is this really any simpler than just telling folks to download a Java compiler and Maven and build it on their own? --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at [email protected] or file a JIRA ticket with INFRA. ---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110925515
--- Diff:
extensions/guacamole-auth-radius/src/main/resources/config/radiusConfig.js ---
@@ -0,0 +1,40 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * Config block which registers Radius-specific field types.
+ */
+angular.module('guacRadius').config(['formServiceProvider',
+function guacRadiusConfig(formServiceProvider) {
+
+// Define field for the challenge from the RADIUS service
+
formServiceProvider.registerFieldType('GUAC_RADIUS_CHALLENGE_RESPONSE', {
+module : 'guacRadius',
+controller : 'radiusResponseController',
+templateUrl : 'app/ext/radius/templates/radiusResponseField.html'
+});
+
+// Define the hidden field for the RADIUS state
+formServiceProvider.registerFieldType('GUAC_RADIUS_STATE', {
+module : 'guacRadius',
+controller : 'radiusStateController',
+template: ''
--- End diff --
Seemed like overkill for as little text as it was, but I'll go for
consistency and move it out to a template file. Also removed ng-hide.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110917525 --- Diff: extensions/guacamole-auth-radius/src/licenses/bundled/README --- @@ -0,0 +1,4 @@ +Apache Guacamole includes a number of subcomponents with separate copyright +notices and license terms. Your use of these subcomponents is subject to the --- End diff -- I started a discussion on the general list. In the meantime I removed the assembly/dist.xml file for the extension, and the entries in pom.xml for the assembly. Are you thinking the entire src/licenses directory should also be removed from the source tree? --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at [email protected] or file a JIRA ticket with INFRA. ---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110914822
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
+ * from guacamole.properties.
+ *
+ * @return
+ * A new RadiusConnection instance which has already been
configured
+ * with parameters from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * requested encryption method is actually not implemented (a bug).
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+return;
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+return;
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+return;
+}
+
+}
+
+/**
+ * Creates a new instance of Radi
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110914719
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
+ * from guacamole.properties.
+ *
+ * @return
+ * A new RadiusConnection instance which has already been
configured
+ * with parameters from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * requested encryption method is actually not implemented (a bug).
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+return;
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+return;
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+return;
+}
+
+}
+
+/**
+ * Creates a new instance of Radi
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110914682
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
+ * from guacamole.properties.
+ *
+ * @return
+ * A new RadiusConnection instance which has already been
configured
+ * with parameters from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * requested encryption method is actually not implemented (a bug).
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+return;
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+return;
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+return;
+}
+
+}
+
+/**
+ * Creates a new instance of Radi
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110910803
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
+ * from guacamole.properties.
+ *
+ * @return
+ * A new RadiusConnection instance which has already been
configured
+ * with parameters from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * requested encryption method is actually not implemented (a bug).
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+return;
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+return;
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+return;
+}
+
+}
+
+/**
+ * Creates a new instance of Radi
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110906793
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
+ * from guacamole.properties.
+ *
+ * @return
+ * A new RadiusConnection instance which has already been
configured
+ * with parameters from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * requested encryption method is actually not implemented (a bug).
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+return;
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+return;
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+return;
+}
+
+}
+
+/**
+ * Creates a new instance of Radi
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110906660
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
+ * from guacamole.properties.
+ *
+ * @return
+ * A new RadiusConnection instance which has already been
configured
+ * with parameters from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * requested encryption method is actually not implemented (a bug).
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+return;
--- End diff --
Removed.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110906584
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
+ * from guacamole.properties.
+ *
+ * @return
+ * A new RadiusConnection instance which has already been
configured
+ * with parameters from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * requested encryption method is actually not implemented (a bug).
--- End diff --
Fixed.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110906519
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
+ * from guacamole.properties.
+ *
+ * @return
--- End diff --
Fixed.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110906483
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
--- End diff --
Fixed.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110906420
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
---
@@ -0,0 +1,224 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import java.util.Arrays;
+import javax.servlet.http.HttpServletRequest;
+import org.apache.guacamole.auth.radius.user.AuthenticatedUser;
+import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField;
+import org.apache.guacamole.auth.radius.form.RadiusStateField;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.form.Field;
+import org.apache.guacamole.net.auth.Credentials;
+import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.dictionary.Attr_State;
+import net.jradius.dictionary.Attr_ReplyMessage;
+import net.jradius.exception.UnknownAttributeException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessAccept;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.AccessReject;
+import net.jradius.packet.AccessRequest;
+import net.jradius.packet.AccessResponse;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+
+/**
+ * Service providing convenience functions for the RADIUS
AuthenticationProvider
+ * implementation.
+ */
+public class AuthenticationProviderService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(AuthenticationProviderService.class);
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+@Inject
+private RadiusConnectionService radiusService;
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+/**
+ * Provider for AuthenticatedUser objects.
+ */
+@Inject
+private Provider authenticatedUserProvider;
+
+/**
+ * Returns an AuthenticatedUser representing the user authenticated by
the
+ * given credentials.
+ *
+ * @param credentials
+ * The credentials to use for authentication.
+ *
+ * @return
+ * An AuthenticatedUser representing the user authenticated by the
+ * given credentials.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while authenticating the user, or if access
is
+ * denied.
+ */
+public AuthenticatedUser authenticateUser(Credentials credentials)
+throws GuacamoleException {
+
+// Grab the HTTP Request from the credentials object
+HttpServletRequest request = credentials.getRequest();
+
+// Set up RadiusPacket object
+RadiusPacket radPack;
+
+// Ignore anonymous users
+if (credentials.getUsername() == null ||
credentials.getUsername().isEmpty())
+return null;
+
+// Password is required
+if (credentials.getPassword() == null ||
credentials.getPassword().isEmpty())
+return null;
+
+// Try to get parameters to see if this is a post-challenge attempt
+String challengeResponse =
request.getParameter(RadiusChallengeResponseField.PARAMETER_NAME);
+String radiu
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110899323
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
---
@@ -0,0 +1,224 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import java.util.Arrays;
+import javax.servlet.http.HttpServletRequest;
+import org.apache.guacamole.auth.radius.user.AuthenticatedUser;
+import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField;
+import org.apache.guacamole.auth.radius.form.RadiusStateField;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.form.Field;
+import org.apache.guacamole.net.auth.Credentials;
+import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.dictionary.Attr_State;
+import net.jradius.dictionary.Attr_ReplyMessage;
+import net.jradius.exception.UnknownAttributeException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessAccept;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.AccessReject;
+import net.jradius.packet.AccessRequest;
+import net.jradius.packet.AccessResponse;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+
+/**
+ * Service providing convenience functions for the RADIUS
AuthenticationProvider
+ * implementation.
+ */
+public class AuthenticationProviderService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(AuthenticationProviderService.class);
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+@Inject
+private RadiusConnectionService radiusService;
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+/**
+ * Provider for AuthenticatedUser objects.
+ */
+@Inject
+private Provider authenticatedUserProvider;
+
+/**
+ * Returns an AuthenticatedUser representing the user authenticated by
the
+ * given credentials.
+ *
+ * @param credentials
+ * The credentials to use for authentication.
+ *
+ * @return
+ * An AuthenticatedUser representing the user authenticated by the
+ * given credentials.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while authenticating the user, or if access
is
+ * denied.
+ */
+public AuthenticatedUser authenticateUser(Credentials credentials)
+throws GuacamoleException {
+
+// Grab the HTTP Request from the credentials object
+HttpServletRequest request = credentials.getRequest();
+
+// Set up RadiusPacket object
+RadiusPacket radPack;
+
+// Ignore anonymous users
+if (credentials.getUsername() == null ||
credentials.getUsername().isEmpty())
+return null;
+
+// Password is required
+if (credentials.getPassword() == null ||
credentials.getPassword().isEmpty())
+return null;
+
+// Try to get parameters to see if this is a post-challenge attempt
+String challengeResponse =
request.getParameter(RadiusChallengeResponseField.PARAMETER_NAME);
+String radiu
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110898383
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
---
@@ -0,0 +1,224 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import java.util.Arrays;
+import javax.servlet.http.HttpServletRequest;
+import org.apache.guacamole.auth.radius.user.AuthenticatedUser;
+import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField;
+import org.apache.guacamole.auth.radius.form.RadiusStateField;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.form.Field;
+import org.apache.guacamole.net.auth.Credentials;
+import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.dictionary.Attr_State;
+import net.jradius.dictionary.Attr_ReplyMessage;
+import net.jradius.exception.UnknownAttributeException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessAccept;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.AccessReject;
+import net.jradius.packet.AccessRequest;
+import net.jradius.packet.AccessResponse;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+
+/**
+ * Service providing convenience functions for the RADIUS
AuthenticationProvider
+ * implementation.
+ */
+public class AuthenticationProviderService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(AuthenticationProviderService.class);
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+@Inject
+private RadiusConnectionService radiusService;
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+/**
+ * Provider for AuthenticatedUser objects.
+ */
+@Inject
+private Provider authenticatedUserProvider;
+
+/**
+ * Returns an AuthenticatedUser representing the user authenticated by
the
+ * given credentials.
+ *
+ * @param credentials
+ * The credentials to use for authentication.
+ *
+ * @return
+ * An AuthenticatedUser representing the user authenticated by the
+ * given credentials.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while authenticating the user, or if access
is
+ * denied.
+ */
+public AuthenticatedUser authenticateUser(Credentials credentials)
+throws GuacamoleException {
+
+// Grab the HTTP Request from the credentials object
+HttpServletRequest request = credentials.getRequest();
+
+// Set up RadiusPacket object
+RadiusPacket radPack;
+
+// Ignore anonymous users
+if (credentials.getUsername() == null ||
credentials.getUsername().isEmpty())
+return null;
+
+// Password is required
+if (credentials.getPassword() == null ||
credentials.getPassword().isEmpty())
+return null;
+
+// Try to get parameters to see if this is a post-challenge attempt
+String challengeResponse =
request.getParameter(RadiusChallengeResponseField.PARAMETER_NAME);
+String radiu
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110819422
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
+ * from guacamole.properties.
+ *
+ * @return
--- End diff --
But it's `void`.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110818674
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
---
@@ -0,0 +1,224 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import java.util.Arrays;
+import javax.servlet.http.HttpServletRequest;
+import org.apache.guacamole.auth.radius.user.AuthenticatedUser;
+import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField;
+import org.apache.guacamole.auth.radius.form.RadiusStateField;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.form.Field;
+import org.apache.guacamole.net.auth.Credentials;
+import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.dictionary.Attr_State;
+import net.jradius.dictionary.Attr_ReplyMessage;
+import net.jradius.exception.UnknownAttributeException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessAccept;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.AccessReject;
+import net.jradius.packet.AccessRequest;
+import net.jradius.packet.AccessResponse;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+
+/**
+ * Service providing convenience functions for the RADIUS
AuthenticationProvider
+ * implementation.
+ */
+public class AuthenticationProviderService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(AuthenticationProviderService.class);
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+@Inject
+private RadiusConnectionService radiusService;
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+/**
+ * Provider for AuthenticatedUser objects.
+ */
+@Inject
+private Provider authenticatedUserProvider;
+
+/**
+ * Returns an AuthenticatedUser representing the user authenticated by
the
+ * given credentials.
+ *
+ * @param credentials
+ * The credentials to use for authentication.
+ *
+ * @return
+ * An AuthenticatedUser representing the user authenticated by the
+ * given credentials.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while authenticating the user, or if access
is
+ * denied.
+ */
+public AuthenticatedUser authenticateUser(Credentials credentials)
+throws GuacamoleException {
+
+// Grab the HTTP Request from the credentials object
+HttpServletRequest request = credentials.getRequest();
+
+// Set up RadiusPacket object
+RadiusPacket radPack;
+
+// Ignore anonymous users
+if (credentials.getUsername() == null ||
credentials.getUsername().isEmpty())
+return null;
+
+// Password is required
+if (credentials.getPassword() == null ||
credentials.getPassword().isEmpty())
+return null;
+
+// Try to get parameters to see if this is a post-challenge attempt
+String challengeResponse =
request.getParameter(RadiusChallengeResponseField.PARAMETER_NAME);
+String radi
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110820961
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
+ * from guacamole.properties.
+ *
+ * @return
+ * A new RadiusConnection instance which has already been
configured
+ * with parameters from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * requested encryption method is actually not implemented (a bug).
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+return;
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+return;
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+return;
+}
+
+}
+
+/**
+ * Creates a new instance of Rad
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110821190
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
+ * from guacamole.properties.
+ *
+ * @return
+ * A new RadiusConnection instance which has already been
configured
+ * with parameters from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * requested encryption method is actually not implemented (a bug).
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+return;
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+return;
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+return;
+}
+
+}
+
+/**
+ * Creates a new instance of Rad
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110818488
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
---
@@ -0,0 +1,224 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import java.util.Arrays;
+import javax.servlet.http.HttpServletRequest;
+import org.apache.guacamole.auth.radius.user.AuthenticatedUser;
+import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField;
+import org.apache.guacamole.auth.radius.form.RadiusStateField;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.form.Field;
+import org.apache.guacamole.net.auth.Credentials;
+import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.dictionary.Attr_State;
+import net.jradius.dictionary.Attr_ReplyMessage;
+import net.jradius.exception.UnknownAttributeException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessAccept;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.AccessReject;
+import net.jradius.packet.AccessRequest;
+import net.jradius.packet.AccessResponse;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+
+/**
+ * Service providing convenience functions for the RADIUS
AuthenticationProvider
+ * implementation.
+ */
+public class AuthenticationProviderService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(AuthenticationProviderService.class);
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+@Inject
+private RadiusConnectionService radiusService;
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+/**
+ * Provider for AuthenticatedUser objects.
+ */
+@Inject
+private Provider authenticatedUserProvider;
+
+/**
+ * Returns an AuthenticatedUser representing the user authenticated by
the
+ * given credentials.
+ *
+ * @param credentials
+ * The credentials to use for authentication.
+ *
+ * @return
+ * An AuthenticatedUser representing the user authenticated by the
+ * given credentials.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while authenticating the user, or if access
is
+ * denied.
+ */
+public AuthenticatedUser authenticateUser(Credentials credentials)
+throws GuacamoleException {
+
+// Grab the HTTP Request from the credentials object
+HttpServletRequest request = credentials.getRequest();
+
+// Set up RadiusPacket object
+RadiusPacket radPack;
+
+// Ignore anonymous users
+if (credentials.getUsername() == null ||
credentials.getUsername().isEmpty())
+return null;
+
+// Password is required
+if (credentials.getPassword() == null ||
credentials.getPassword().isEmpty())
+return null;
+
+// Try to get parameters to see if this is a post-challenge attempt
+String challengeResponse =
request.getParameter(RadiusChallengeResponseField.PARAMETER_NAME);
+String radi
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110820016
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
+ * from guacamole.properties.
+ *
+ * @return
+ * A new RadiusConnection instance which has already been
configured
+ * with parameters from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * requested encryption method is actually not implemented (a bug).
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+return;
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+return;
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+return;
+}
+
+}
+
+/**
+ * Creates a new instance of Rad
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110820786
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
+ * from guacamole.properties.
+ *
+ * @return
+ * A new RadiusConnection instance which has already been
configured
+ * with parameters from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * requested encryption method is actually not implemented (a bug).
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+return;
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+return;
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+return;
+}
+
+}
+
+/**
+ * Creates a new instance of Rad
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110820713
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
+ * from guacamole.properties.
+ *
+ * @return
+ * A new RadiusConnection instance which has already been
configured
+ * with parameters from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * requested encryption method is actually not implemented (a bug).
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+return;
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+return;
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+return;
+}
+
+}
+
+/**
+ * Creates a new instance of Rad
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110819500
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
+ * from guacamole.properties.
+ *
+ * @return
+ * A new RadiusConnection instance which has already been
configured
+ * with parameters from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * requested encryption method is actually not implemented (a bug).
--- End diff --
Presumably copy pasta from LDAP auth? There's no encryption method involved
here.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110819078
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
+ * from guacamole.properties.
+ *
+ * @return
+ * A new RadiusConnection instance which has already been
configured
+ * with parameters from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * requested encryption method is actually not implemented (a bug).
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+return;
+}
+catch (UnknownHostException e) {
+logger.error("Unable to resolve host: {}", e.getMessage());
+logger.debug("Failed to resolve host.", e);
+return;
+}
+catch (IOException e) {
+logger.error("Unable to communicate with host: {}",
e.getMessage());
+logger.debug("Failed to communicate with host.", e);
+return;
+}
+
+}
+
+/**
+ * Creates a new instance of Rad
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110821675
--- Diff:
extensions/guacamole-auth-radius/src/main/resources/config/radiusConfig.js ---
@@ -0,0 +1,40 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * Config block which registers Radius-specific field types.
+ */
+angular.module('guacRadius').config(['formServiceProvider',
+function guacRadiusConfig(formServiceProvider) {
+
+// Define field for the challenge from the RADIUS service
+
formServiceProvider.registerFieldType('GUAC_RADIUS_CHALLENGE_RESPONSE', {
+module : 'guacRadius',
+controller : 'radiusResponseController',
+templateUrl : 'app/ext/radius/templates/radiusResponseField.html'
+});
+
+// Define the hidden field for the RADIUS state
+formServiceProvider.registerFieldType('GUAC_RADIUS_STATE', {
+module : 'guacRadius',
+controller : 'radiusStateController',
+template: ''
--- End diff --
Why is this template not defined in a separate file, like you do with
`GUAC_RADIUS_CHALLENGE_RESPONSE`?
If you're going to hide this with CSS, I'd suggest using a semantic
classname rather than abusing `ng-hide`, but explicit hiding of any sort is
unnecessary here: `hidden` input fields are hidden.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110819402
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
--- End diff --
But it doesn't though, right? It creates a new `RadiusClient`, storing it
internally.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110818818
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
---
@@ -0,0 +1,224 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import java.util.Arrays;
+import javax.servlet.http.HttpServletRequest;
+import org.apache.guacamole.auth.radius.user.AuthenticatedUser;
+import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField;
+import org.apache.guacamole.auth.radius.form.RadiusStateField;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.form.Field;
+import org.apache.guacamole.net.auth.Credentials;
+import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.dictionary.Attr_State;
+import net.jradius.dictionary.Attr_ReplyMessage;
+import net.jradius.exception.UnknownAttributeException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessAccept;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.AccessReject;
+import net.jradius.packet.AccessRequest;
+import net.jradius.packet.AccessResponse;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+
+/**
+ * Service providing convenience functions for the RADIUS
AuthenticationProvider
+ * implementation.
+ */
+public class AuthenticationProviderService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(AuthenticationProviderService.class);
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+@Inject
+private RadiusConnectionService radiusService;
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+/**
+ * Provider for AuthenticatedUser objects.
+ */
+@Inject
+private Provider authenticatedUserProvider;
+
+/**
+ * Returns an AuthenticatedUser representing the user authenticated by
the
+ * given credentials.
+ *
+ * @param credentials
+ * The credentials to use for authentication.
+ *
+ * @return
+ * An AuthenticatedUser representing the user authenticated by the
+ * given credentials.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while authenticating the user, or if access
is
+ * denied.
+ */
+public AuthenticatedUser authenticateUser(Credentials credentials)
+throws GuacamoleException {
+
+// Grab the HTTP Request from the credentials object
+HttpServletRequest request = credentials.getRequest();
+
+// Set up RadiusPacket object
+RadiusPacket radPack;
+
+// Ignore anonymous users
+if (credentials.getUsername() == null ||
credentials.getUsername().isEmpty())
+return null;
+
+// Password is required
+if (credentials.getPassword() == null ||
credentials.getPassword().isEmpty())
+return null;
+
+// Try to get parameters to see if this is a post-challenge attempt
+String challengeResponse =
request.getParameter(RadiusChallengeResponseField.PARAMETER_NAME);
+String radi
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request: https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110815600 --- Diff: extensions/guacamole-auth-radius/src/licenses/LICENSE --- @@ -0,0 +1,255 @@ + + Apache License + Version 2.0, January 2004 +http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensa
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110822016
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/ConfigurationService.java
---
@@ -0,0 +1,314 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.util.Collections;
+import java.util.List;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.environment.Environment;
+
+/**
+ * Service for retrieving configuration information regarding the RADIUS
server.
+ */
+public class ConfigurationService {
+
+/**
+ * The Guacamole server environment.
+ */
+@Inject
+private Environment environment;
+
+/**
+ * Returns the hostname of the RADIUS server as configured with
+ * guacamole.properties. By default, this will be "localhost".
+ *
+ * @return
+ * The hostname of the RADIUS server, as configured with
+ * guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+public String getRadiusServer() throws GuacamoleException {
+return environment.getProperty(
+RadiusGuacamoleProperties.RADIUS_SERVER,
+"localhost"
+);
+}
+
+/**
+ * Returns the authentication port of the RADIUS server configured with
+ * guacamole.properties.
+ *
+ * @return
+ * The authentication port of the RADIUS server, as configured with
+ * guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+public int getRadiusAuthPort() throws GuacamoleException {
+return environment.getProperty(
+RadiusGuacamoleProperties.RADIUS_AUTH_PORT,
+1812
+);
+}
+
+/**
+ * Returns the accounting port of the RADIUS server configured with
+ * guacamole.properties.
+ *
+ * @return
+ * The accouting port of the RADIUS server, as configured with
+ * guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+public int getRadiusAcctPort() throws GuacamoleException {
+return environment.getProperty(
+RadiusGuacamoleProperties.RADIUS_ACCT_PORT,
+1813
+);
+}
+
+/**
+ * Returns the shared secret of the RADIUS server configured with
+ * guacamole.properties.
+ *
+ * @return
+ * The shared secret of the RADIUS server, as configured with
+ * guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+public String getRadiusSharedSecret() throws GuacamoleException {
+return environment.getProperty(
+RadiusGuacamoleProperties.RADIUS_SHARED_SECRET,
+null
--- End diff --
There's no need to explicitly specify `null` as the default if there is no
default. Just using:
environment.getProperty(RadiusGuacamoleProperties.RADIUS_SHARED_SECRET)
has that behavior. It will return `null` if the property is not specified.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110819345
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
---
@@ -0,0 +1,394 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.NoSuchAlgorithmException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.environment.LocalEnvironment;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.client.RadiusClient;
+import net.jradius.exception.RadiusException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessRequest;
+import net.jradius.dictionary.*;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+import net.jradius.client.auth.EAPTLSAuthenticator;
+import net.jradius.client.auth.EAPTTLSAuthenticator;
+import net.jradius.client.auth.RadiusAuthenticator;
+import net.jradius.client.auth.PEAPAuthenticator;
+import net.jradius.packet.attribute.AttributeFactory;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.RadiusResponse;
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+public class RadiusConnectionService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(RadiusConnectionService.class);
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+
+/**
+ * The RADIUS client;
+ */
+private RadiusClient radiusClient;
+
+/**
+ * Creates a new instance of RadiusConnection, configured with
parameters
+ * from guacamole.properties.
+ *
+ * @return
+ * A new RadiusConnection instance which has already been
configured
+ * with parameters from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while parsing guacamole.properties, or if the
+ * requested encryption method is actually not implemented (a bug).
+ */
+private void createRadiusConnection() {
+
+// Create the RADIUS client with the configuration parameters
+try {
+radiusClient = new
RadiusClient(InetAddress.getByName(confService.getRadiusServer()),
+
confService.getRadiusSharedSecret(),
+
confService.getRadiusAuthPort(),
+
confService.getRadiusAcctPort(),
+
confService.getRadiusTimeout());
+}
+catch (GuacamoleException e) {
+logger.error("Unable to initialize RADIUS client: {}",
e.getMessage());
+logger.debug("Failed to init RADIUS client.", e);
+return;
--- End diff --
Each of these is an unnecessary `return`.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request: https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r110818228 --- Diff: extensions/guacamole-auth-radius/src/licenses/bundled/README --- @@ -0,0 +1,4 @@ +Apache Guacamole includes a number of subcomponents with separate copyright +notices and license terms. Your use of these subcomponents is subject to the --- End diff -- > ... Your use of these subcomponents is subject to the terms and conditions of their respective licenses This may actually not be correct here because of the LGPL dependency. My understanding is that the LGPL is "Category X" primarily because it imposes restrictions on larger works, thus this extension would be under additional restrictions imposed by the LGPL once built in binary form (hence why we can't distribute those binaries as a project). Perhaps this is worth opening a thread in the Incubator general list for guidance - someone likely has dealt with this before, but I think I'm officially out of my element. My best guess would be: 1. We can't distribute binaries of this (as we already expect) 2. We shouldn't include the `src/licenses/...` stuff which we normally include, since that's not technically correct in this case 3. Rather than building a `.tar.gz` which contains all the licenses of all bundled dependencies alongside the `.jar`, unless other things will be in that `.tar.gz`, we may just want to restrict the build to the `.jar`. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at [email protected] or file a JIRA ticket with INFRA. ---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r101336776
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/form/RadiusChallengeResponseField.java
---
@@ -0,0 +1,63 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius.form;
+
+import org.apache.guacamole.form.Field;
+import org.codehaus.jackson.annotate.JsonProperty;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class RadiusChallengeResponseField extends Field {
--- End diff --
Added.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r101290697
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusGuacamoleProperties.java
---
@@ -0,0 +1,169 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import org.apache.guacamole.properties.BooleanGuacamoleProperty;
+import org.apache.guacamole.properties.IntegerGuacamoleProperty;
+import org.apache.guacamole.properties.StringGuacamoleProperty;
+
+
+/**
+ * Provides properties required for use of the RADIUS authentication
provider.
+ * These properties will be read from guacamole.properties when the RADIUS
+ * authentication provider is used.
+ *
+ * @author Michael Jumper
+ */
+public class RadiusGuacamoleProperties {
+
+/**
+ * This class should not be instantiated.
+ */
+private RadiusGuacamoleProperties() {}
+
+/**
+ * The port on the RADIUS server to connect to when authenticating
users.
+ */
+public static final IntegerGuacamoleProperty RADIUS_AUTH_PORT = new
IntegerGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-auth-port"; }
+
+};
+
+/**
+ * The port on the RADIUS server to connect to when accounting users.
+ */
+public static final IntegerGuacamoleProperty RADIUS_ACCT_PORT = new
IntegerGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-acct-port"; }
+
+};
+
+
+/**
+ * The hostname or ip of the RADIUS server to connect to when
authenticating users.
+ */
+public static final StringGuacamoleProperty RADIUS_SERVER = new
StringGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-server"; }
+
+};
+
+/**
+ * The shared secret of the RADIUS server to connect to when
authenticating users.
+ */
+public static final StringGuacamoleProperty RADIUS_SHARED_SECRET = new
StringGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-shared-secret"; }
+
+};
+
+/**
+ * The authentication protocol of the RADIUS server to connect to when
authenticating users.
+ */
+public static final StringGuacamoleProperty RADIUS_AUTH_PROTOCOL = new
StringGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-auth-protocol"; }
+
+};
+
+/**
+ * The number of retries when attempting a radius packet transaction.
+ */
+public static final IntegerGuacamoleProperty RADIUS_RETRIES = new
IntegerGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-retries"; }
+
+};
+
+/**
+ * The network timeout when attempting a radius packet transaction.
+ */
+public static final IntegerGuacamoleProperty RADIUS_TIMEOUT = new
IntegerGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-timeout"; }
+
+};
+
+public static final StringGuacamoleProperty RADIUS_CA_FILE = new
StringGuacamoleProperty() {
--- End diff --
Added.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r101289596
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/ConfigurationService.java
---
@@ -0,0 +1,223 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.util.Collections;
+import java.util.List;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.environment.Environment;
+
+/**
+ * Service for retrieving configuration information regarding the RADIUS
server.
+ *
+ * @author Michael Jumper
+ */
+public class ConfigurationService {
+
+/**
+ * The Guacamole server environment.
+ */
+@Inject
+private Environment environment;
+
+/**
+ * Returns the hostname of the RADIUS server as configured with
+ * guacamole.properties. By default, this will be "localhost".
+ *
+ * @return
+ * The hostname of the RADIUS server, as configured with
+ * guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+public String getRadiusServer() throws GuacamoleException {
+return environment.getProperty(
+RadiusGuacamoleProperties.RADIUS_SERVER,
+"localhost"
+);
+}
+
+/**
+ * Returns the authentication port of the RADIUS server configured with
+ * guacamole.properties.
+ *
+ * @return
+ * The authentication port of the RADIUS server, as configured with
+ * guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+public int getRadiusAuthPort() throws GuacamoleException {
+return environment.getProperty(
+RadiusGuacamoleProperties.RADIUS_AUTH_PORT,
+1812
+);
+}
+
+/**
+ * Returns the accounting port of the RADIUS server configured with
+ * guacamole.properties.
+ *
+ * @return
+ * The accouting port of the RADIUS server, as configured with
+ * guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+public int getRadiusAcctPort() throws GuacamoleException {
+return environment.getProperty(
+RadiusGuacamoleProperties.RADIUS_ACCT_PORT,
+1813
+);
+}
+
+/**
+ * Returns the shared secret of the RADIUS server configured with
+ * guacamole.properties.
+ *
+ * @return
+ * The shared secret of the RADIUS server, as configured with
+ * guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+public String getRadiusSharedSecret() throws GuacamoleException {
+return environment.getProperty(
+RadiusGuacamoleProperties.RADIUS_SHARED_SECRET,
+null
+);
+}
+
+/**
+ * Returns the authentication protocol of the RADIUS server
+ * from guacamole.properties.
+ *
+ * @return
+ * The authentication protocol of the RADIUS server,
+ * from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+public String getRadiusAuthProtocol() throws GuacamoleException {
+return environment.getProperty(
+RadiusGuacamoleProperties.RADIUS_AUTH_PROTOCOL,
+null
+);
+}
+
+/**
+ * Retur
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r101286889
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
---
@@ -0,0 +1,223 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import java.util.Arrays;
+import javax.servlet.http.HttpServletRequest;
+import org.apache.guacamole.auth.radius.user.AuthenticatedUser;
+import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField;
+import org.apache.guacamole.auth.radius.form.RadiusStateField;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.form.Field;
+import org.apache.guacamole.net.auth.Credentials;
+import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.dictionary.Attr_State;
+import net.jradius.exception.UnknownAttributeException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessAccept;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.AccessReject;
+import net.jradius.packet.AccessRequest;
+import net.jradius.packet.AccessResponse;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+
+/**
+ * Service providing convenience functions for the RADIUS
AuthenticationProvider
+ * implementation.
+ *
+ * @author Michael Jumper
+ */
+public class AuthenticationProviderService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(AuthenticationProviderService.class);
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+@Inject
+private RadiusConnectionService radiusService;
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+/**
+ * Provider for AuthenticatedUser objects.
+ */
+@Inject
+private Provider authenticatedUserProvider;
+
+/**
+ * Returns an AuthenticatedUser representing the user authenticated by
the
+ * given credentials.
+ *
+ * @param credentials
+ * The credentials to use for authentication.
+ *
+ * @return
+ * An AuthenticatedUser representing the user authenticated by the
+ * given credentials.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while authenticating the user, or if access
is
+ * denied.
+ */
+public AuthenticatedUser authenticateUser(Credentials credentials)
+throws GuacamoleException {
+
+// Grab the HTTP Request from the credentials object
+HttpServletRequest request = credentials.getRequest();
+
+// Set up RadiusPacket object
+RadiusPacket radPack;
+
+// Ignore anonymous users
+if (credentials.getUsername() == null ||
credentials.getUsername().isEmpty())
+return null;
+
+// Password is required
+if (credentials.getPassword() == null ||
credentials.getPassword().isEmpty())
+return null;
+
+String challengeResponse =
request.getParameter(RadiusChallengeResponseField.PARAMETER_NAME);
+String radiusState =
request.getParameter(RadiusStateField.PARAMETER_NAME);
+
+// We do not
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r101286614
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
---
@@ -0,0 +1,223 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import java.util.Arrays;
+import javax.servlet.http.HttpServletRequest;
+import org.apache.guacamole.auth.radius.user.AuthenticatedUser;
+import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField;
+import org.apache.guacamole.auth.radius.form.RadiusStateField;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.form.Field;
+import org.apache.guacamole.net.auth.Credentials;
+import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.dictionary.Attr_State;
+import net.jradius.exception.UnknownAttributeException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessAccept;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.AccessReject;
+import net.jradius.packet.AccessRequest;
+import net.jradius.packet.AccessResponse;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+
+/**
+ * Service providing convenience functions for the RADIUS
AuthenticationProvider
+ * implementation.
+ *
+ * @author Michael Jumper
+ */
+public class AuthenticationProviderService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(AuthenticationProviderService.class);
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+@Inject
+private RadiusConnectionService radiusService;
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+/**
+ * Provider for AuthenticatedUser objects.
+ */
+@Inject
+private Provider authenticatedUserProvider;
+
+/**
+ * Returns an AuthenticatedUser representing the user authenticated by
the
+ * given credentials.
+ *
+ * @param credentials
+ * The credentials to use for authentication.
+ *
+ * @return
+ * An AuthenticatedUser representing the user authenticated by the
+ * given credentials.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while authenticating the user, or if access
is
+ * denied.
+ */
+public AuthenticatedUser authenticateUser(Credentials credentials)
+throws GuacamoleException {
+
+// Grab the HTTP Request from the credentials object
+HttpServletRequest request = credentials.getRequest();
+
+// Set up RadiusPacket object
+RadiusPacket radPack;
+
+// Ignore anonymous users
+if (credentials.getUsername() == null ||
credentials.getUsername().isEmpty())
+return null;
+
+// Password is required
+if (credentials.getPassword() == null ||
credentials.getPassword().isEmpty())
+return null;
+
+String challengeResponse =
request.getParameter(RadiusChallengeResponseField.PARAMETER_NAME);
+String radiusState =
request.getParameter(RadiusStateField.PARAMETER_NAME);
+
+// We do not
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r101281806 --- Diff: extensions/guacamole-auth-radius/src/licenses/LICENSE --- @@ -0,0 +1,274 @@ + + Apache License + Version 2.0, January 2004 +http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensab
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request: https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r101281780 --- Diff: extensions/guacamole-auth-radius/src/licenses/LICENSE --- @@ -0,0 +1,274 @@ + + Apache License + Version 2.0, January 2004 +http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensab
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r10120
--- Diff: extensions/guacamole-auth-radius/pom.xml ---
@@ -0,0 +1,311 @@
+
+
+http://maven.apache.org/POM/4.0.0";
+xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
+http://maven.apache.org/maven-v4_0_0.xsd";>
+
+4.0.0
+org.apache.guacamole
+guacamole-auth-radius
+jar
+0.9.11-incubating
+guacamole-auth-radius
+http://guacamole.incubator.apache.org/
+
+
+UTF-8
+
+
+
+
+
+
+
+org.apache.maven.plugins
+maven-compiler-plugin
+3.3
+
+1.6
+1.6
+
+-Xlint:all
+-Werror
+
+true
+
+
+
+
+
+com.keithbranton.mojo
+angular-maven-plugin
+0.3.2
+
+
+generate-resources
+
+html2js
+
+
+
+
+${basedir}/src/main/resources
+**/*.html
+
${basedir}/src/main/resources/generated/templates-main/templates.js
+app/ext/radius
+
+
+
+
+
+com.samaxes.maven
+minify-maven-plugin
+1.7.5
+
+
+default-cli
+
+UTF-8
+
+
${basedir}/src/main/resources
+
${project.build.directory}/classes
+
+/
+/
+radius.css
+
+
+license.txt
+
+
+
+
**/*.css
+
+
+/
+/
+radius.js
+
+
+license.txt
+
+
+
+**/*.js
+
+
+
+
+
**/*.test.js
+
+CLOSURE
+
+
+
+
OFF
+OFF
+
+
+
+
+minify
+
+
+
+
+
+
+
+
+maven-assembly-plugin
+2.5.3
+
+
${project.artifactId}-${project.version}
+false
+
+src/main/assembly/dist.xml
+
+
+
+
+make-dist-archive
+package
+
+single
+
+
+
+
+
+
+
+org.apache.maven.plugins
+maven-dependency-plugin
+2.10
+
+
+unpack-dependencies
+prepare-package
+
+unpack-dependencies
+
+
+runtime
+
${project.build.directory}/classes
+
+
+
+
+
+
+
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r101266347
--- Diff: extensions/guacamole-auth-radius/pom.xml ---
@@ -0,0 +1,311 @@
+
+
+http://maven.apache.org/POM/4.0.0";
+xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
+http://maven.apache.org/maven-v4_0_0.xsd";>
+
+4.0.0
+org.apache.guacamole
+guacamole-auth-radius
+jar
+0.9.11-incubating
+guacamole-auth-radius
+http://guacamole.incubator.apache.org/
+
+
+UTF-8
+
+
+
+
+
+
+
+org.apache.maven.plugins
+maven-compiler-plugin
+3.3
+
+1.6
+1.6
+
+-Xlint:all
+-Werror
+
+true
+
+
+
+
+
+com.keithbranton.mojo
+angular-maven-plugin
+0.3.2
+
+
+generate-resources
+
+html2js
+
+
+
+
+${basedir}/src/main/resources
+**/*.html
+
${basedir}/src/main/resources/generated/templates-main/templates.js
+app/ext/radius
+
+
+
+
+
+com.samaxes.maven
+minify-maven-plugin
+1.7.5
+
+
+default-cli
+
+UTF-8
+
+
${basedir}/src/main/resources
+
${project.build.directory}/classes
+
+/
+/
+radius.css
+
+
+license.txt
+
+
+
+
**/*.css
+
+
+/
+/
+radius.js
+
+
+license.txt
+
+
+
+**/*.js
+
+
+
+
+
**/*.test.js
+
+CLOSURE
+
+
+
+
OFF
+OFF
+
+
+
+
+minify
+
+
+
+
+
+
+
+
+maven-assembly-plugin
+2.5.3
+
+
${project.artifactId}-${project.version}
+false
+
+src/main/assembly/dist.xml
+
+
+
+
+make-dist-archive
+package
+
+single
+
+
+
+
+
+
+
+org.apache.maven.plugins
+maven-dependency-plugin
+2.10
+
+
+unpack-dependencies
+prepare-package
+
+unpack-dependencies
+
+
+runtime
+
${project.build.directory}/classes
+
+
+
+
+
+
+
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user necouchman commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r101265862
--- Diff: extensions/guacamole-auth-radius/pom.xml ---
@@ -0,0 +1,311 @@
+
+
+http://maven.apache.org/POM/4.0.0";
+xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
+http://maven.apache.org/maven-v4_0_0.xsd";>
+
+4.0.0
+org.apache.guacamole
+guacamole-auth-radius
+jar
+0.9.11-incubating
+guacamole-auth-radius
+http://guacamole.incubator.apache.org/
+
+
+UTF-8
+
+
+
+
+
+
+
+org.apache.maven.plugins
+maven-compiler-plugin
+3.3
+
+1.6
+1.6
+
+-Xlint:all
+-Werror
+
+true
+
+
+
+
+
+com.keithbranton.mojo
+angular-maven-plugin
+0.3.2
+
+
+generate-resources
+
+html2js
+
+
+
+
+${basedir}/src/main/resources
+**/*.html
+
${basedir}/src/main/resources/generated/templates-main/templates.js
+app/ext/radius
+
+
+
+
+
+com.samaxes.maven
+minify-maven-plugin
+1.7.5
+
+
+default-cli
+
+UTF-8
+
+
${basedir}/src/main/resources
+
${project.build.directory}/classes
+
+/
+/
+radius.css
+
+
+license.txt
+
+
+
+
**/*.css
+
+
+/
+/
+radius.js
+
+
+license.txt
+
+
+
+**/*.js
+
+
+
+
+
**/*.test.js
+
+CLOSURE
+
+
+
+
OFF
+OFF
+
+
+
+
+minify
+
+
+
+
+
+
+
+
+maven-assembly-plugin
+2.5.3
+
+
${project.artifactId}-${project.version}
+false
+
+src/main/assembly/dist.xml
+
+
+
+
+make-dist-archive
+package
+
+single
+
+
+
+
+
+
+
+org.apache.maven.plugins
+maven-dependency-plugin
+2.10
+
+
+unpack-dependencies
+prepare-package
+
+unpack-dependencies
+
+
+runtime
+
${project.build.directory}/classes
+
+
+
+
+
+
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r101211766
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
---
@@ -0,0 +1,223 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import java.util.Arrays;
+import javax.servlet.http.HttpServletRequest;
+import org.apache.guacamole.auth.radius.user.AuthenticatedUser;
+import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField;
+import org.apache.guacamole.auth.radius.form.RadiusStateField;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.form.Field;
+import org.apache.guacamole.net.auth.Credentials;
+import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.dictionary.Attr_State;
+import net.jradius.exception.UnknownAttributeException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessAccept;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.AccessReject;
+import net.jradius.packet.AccessRequest;
+import net.jradius.packet.AccessResponse;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+
+/**
+ * Service providing convenience functions for the RADIUS
AuthenticationProvider
+ * implementation.
+ *
+ * @author Michael Jumper
+ */
+public class AuthenticationProviderService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(AuthenticationProviderService.class);
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+@Inject
+private RadiusConnectionService radiusService;
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+/**
+ * Provider for AuthenticatedUser objects.
+ */
+@Inject
+private Provider authenticatedUserProvider;
+
+/**
+ * Returns an AuthenticatedUser representing the user authenticated by
the
+ * given credentials.
+ *
+ * @param credentials
+ * The credentials to use for authentication.
+ *
+ * @return
+ * An AuthenticatedUser representing the user authenticated by the
+ * given credentials.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while authenticating the user, or if access
is
+ * denied.
+ */
+public AuthenticatedUser authenticateUser(Credentials credentials)
+throws GuacamoleException {
+
+// Grab the HTTP Request from the credentials object
+HttpServletRequest request = credentials.getRequest();
+
+// Set up RadiusPacket object
+RadiusPacket radPack;
+
+// Ignore anonymous users
+if (credentials.getUsername() == null ||
credentials.getUsername().isEmpty())
+return null;
+
+// Password is required
+if (credentials.getPassword() == null ||
credentials.getPassword().isEmpty())
+return null;
+
+String challengeResponse =
request.getParameter(RadiusChallengeResponseField.PARAMETER_NAME);
+String radiusState =
request.getParameter(RadiusStateField.PARAMETER_NAME);
+
+// We do no
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r101211201
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/form/RadiusChallengeResponseField.java
---
@@ -0,0 +1,63 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius.form;
+
+import org.apache.guacamole.form.Field;
+import org.codehaus.jackson.annotate.JsonProperty;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class RadiusChallengeResponseField extends Field {
--- End diff --
Missing JavaDoc.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r101211180
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusGuacamoleProperties.java
---
@@ -0,0 +1,169 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import org.apache.guacamole.properties.BooleanGuacamoleProperty;
+import org.apache.guacamole.properties.IntegerGuacamoleProperty;
+import org.apache.guacamole.properties.StringGuacamoleProperty;
+
+
+/**
+ * Provides properties required for use of the RADIUS authentication
provider.
+ * These properties will be read from guacamole.properties when the RADIUS
+ * authentication provider is used.
+ *
+ * @author Michael Jumper
+ */
+public class RadiusGuacamoleProperties {
+
+/**
+ * This class should not be instantiated.
+ */
+private RadiusGuacamoleProperties() {}
+
+/**
+ * The port on the RADIUS server to connect to when authenticating
users.
+ */
+public static final IntegerGuacamoleProperty RADIUS_AUTH_PORT = new
IntegerGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-auth-port"; }
+
+};
+
+/**
+ * The port on the RADIUS server to connect to when accounting users.
+ */
+public static final IntegerGuacamoleProperty RADIUS_ACCT_PORT = new
IntegerGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-acct-port"; }
+
+};
+
+
+/**
+ * The hostname or ip of the RADIUS server to connect to when
authenticating users.
+ */
+public static final StringGuacamoleProperty RADIUS_SERVER = new
StringGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-server"; }
+
+};
+
+/**
+ * The shared secret of the RADIUS server to connect to when
authenticating users.
+ */
+public static final StringGuacamoleProperty RADIUS_SHARED_SECRET = new
StringGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-shared-secret"; }
+
+};
+
+/**
+ * The authentication protocol of the RADIUS server to connect to when
authenticating users.
+ */
+public static final StringGuacamoleProperty RADIUS_AUTH_PROTOCOL = new
StringGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-auth-protocol"; }
+
+};
+
+/**
+ * The number of retries when attempting a radius packet transaction.
+ */
+public static final IntegerGuacamoleProperty RADIUS_RETRIES = new
IntegerGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-retries"; }
+
+};
+
+/**
+ * The network timeout when attempting a radius packet transaction.
+ */
+public static final IntegerGuacamoleProperty RADIUS_TIMEOUT = new
IntegerGuacamoleProperty() {
+
+@Override
+public String getName() { return "radius-timeout"; }
+
+};
+
+public static final StringGuacamoleProperty RADIUS_CA_FILE = new
StringGuacamoleProperty() {
--- End diff --
Missing JavaDoc.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r101211030
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/ConfigurationService.java
---
@@ -0,0 +1,223 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import java.util.Collections;
+import java.util.List;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.environment.Environment;
+
+/**
+ * Service for retrieving configuration information regarding the RADIUS
server.
+ *
+ * @author Michael Jumper
+ */
+public class ConfigurationService {
+
+/**
+ * The Guacamole server environment.
+ */
+@Inject
+private Environment environment;
+
+/**
+ * Returns the hostname of the RADIUS server as configured with
+ * guacamole.properties. By default, this will be "localhost".
+ *
+ * @return
+ * The hostname of the RADIUS server, as configured with
+ * guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+public String getRadiusServer() throws GuacamoleException {
+return environment.getProperty(
+RadiusGuacamoleProperties.RADIUS_SERVER,
+"localhost"
+);
+}
+
+/**
+ * Returns the authentication port of the RADIUS server configured with
+ * guacamole.properties.
+ *
+ * @return
+ * The authentication port of the RADIUS server, as configured with
+ * guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+public int getRadiusAuthPort() throws GuacamoleException {
+return environment.getProperty(
+RadiusGuacamoleProperties.RADIUS_AUTH_PORT,
+1812
+);
+}
+
+/**
+ * Returns the accounting port of the RADIUS server configured with
+ * guacamole.properties.
+ *
+ * @return
+ * The accouting port of the RADIUS server, as configured with
+ * guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+public int getRadiusAcctPort() throws GuacamoleException {
+return environment.getProperty(
+RadiusGuacamoleProperties.RADIUS_ACCT_PORT,
+1813
+);
+}
+
+/**
+ * Returns the shared secret of the RADIUS server configured with
+ * guacamole.properties.
+ *
+ * @return
+ * The shared secret of the RADIUS server, as configured with
+ * guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+public String getRadiusSharedSecret() throws GuacamoleException {
+return environment.getProperty(
+RadiusGuacamoleProperties.RADIUS_SHARED_SECRET,
+null
+);
+}
+
+/**
+ * Returns the authentication protocol of the RADIUS server
+ * from guacamole.properties.
+ *
+ * @return
+ * The authentication protocol of the RADIUS server,
+ * from guacamole.properties.
+ *
+ * @throws GuacamoleException
+ * If guacamole.properties cannot be parsed.
+ */
+public String getRadiusAuthProtocol() throws GuacamoleException {
+return environment.getProperty(
+RadiusGuacamoleProperties.RADIUS_AUTH_PROTOCOL,
+null
+);
+}
+
+/**
+ * Retu
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r101210976
--- Diff:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/AuthenticationProviderService.java
---
@@ -0,0 +1,223 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.auth.radius;
+
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import java.util.Arrays;
+import javax.servlet.http.HttpServletRequest;
+import org.apache.guacamole.auth.radius.user.AuthenticatedUser;
+import org.apache.guacamole.auth.radius.form.RadiusChallengeResponseField;
+import org.apache.guacamole.auth.radius.form.RadiusStateField;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.form.Field;
+import org.apache.guacamole.net.auth.Credentials;
+import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
+import
org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import net.jradius.dictionary.Attr_State;
+import net.jradius.exception.UnknownAttributeException;
+import net.jradius.packet.RadiusPacket;
+import net.jradius.packet.AccessAccept;
+import net.jradius.packet.AccessChallenge;
+import net.jradius.packet.AccessReject;
+import net.jradius.packet.AccessRequest;
+import net.jradius.packet.AccessResponse;
+import net.jradius.packet.attribute.AttributeList;
+import net.jradius.packet.attribute.RadiusAttribute;
+
+/**
+ * Service providing convenience functions for the RADIUS
AuthenticationProvider
+ * implementation.
+ *
+ * @author Michael Jumper
+ */
+public class AuthenticationProviderService {
+
+/**
+ * Logger for this class.
+ */
+private final Logger logger =
LoggerFactory.getLogger(AuthenticationProviderService.class);
+
+/**
+ * Service for creating and managing connections to RADIUS servers.
+ */
+@Inject
+private RadiusConnectionService radiusService;
+
+/**
+ * Service for retrieving RADIUS server configuration information.
+ */
+@Inject
+private ConfigurationService confService;
+
+/**
+ * Provider for AuthenticatedUser objects.
+ */
+@Inject
+private Provider authenticatedUserProvider;
+
+/**
+ * Returns an AuthenticatedUser representing the user authenticated by
the
+ * given credentials.
+ *
+ * @param credentials
+ * The credentials to use for authentication.
+ *
+ * @return
+ * An AuthenticatedUser representing the user authenticated by the
+ * given credentials.
+ *
+ * @throws GuacamoleException
+ * If an error occurs while authenticating the user, or if access
is
+ * denied.
+ */
+public AuthenticatedUser authenticateUser(Credentials credentials)
+throws GuacamoleException {
+
+// Grab the HTTP Request from the credentials object
+HttpServletRequest request = credentials.getRequest();
+
+// Set up RadiusPacket object
+RadiusPacket radPack;
+
+// Ignore anonymous users
+if (credentials.getUsername() == null ||
credentials.getUsername().isEmpty())
+return null;
+
+// Password is required
+if (credentials.getPassword() == null ||
credentials.getPassword().isEmpty())
+return null;
+
+String challengeResponse =
request.getParameter(RadiusChallengeResponseField.PARAMETER_NAME);
+String radiusState =
request.getParameter(RadiusStateField.PARAMETER_NAME);
+
+// We do no
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request: https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r101210092 --- Diff: extensions/guacamole-auth-radius/src/licenses/LICENSE --- @@ -0,0 +1,274 @@ + + Apache License + Version 2.0, January 2004 +http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensa
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r101209714
--- Diff: extensions/guacamole-auth-radius/pom.xml ---
@@ -0,0 +1,311 @@
+
+
+http://maven.apache.org/POM/4.0.0";
+xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
+http://maven.apache.org/maven-v4_0_0.xsd";>
+
+4.0.0
+org.apache.guacamole
+guacamole-auth-radius
+jar
+0.9.11-incubating
+guacamole-auth-radius
+http://guacamole.incubator.apache.org/
+
+
+UTF-8
+
+
+
+
+
+
+
+org.apache.maven.plugins
+maven-compiler-plugin
+3.3
+
+1.6
+1.6
+
+-Xlint:all
+-Werror
+
+true
+
+
+
+
+
+com.keithbranton.mojo
+angular-maven-plugin
+0.3.2
+
+
+generate-resources
+
+html2js
+
+
+
+
+${basedir}/src/main/resources
+**/*.html
+
${basedir}/src/main/resources/generated/templates-main/templates.js
+app/ext/radius
+
+
+
+
+
+com.samaxes.maven
+minify-maven-plugin
+1.7.5
+
+
+default-cli
+
+UTF-8
+
+
${basedir}/src/main/resources
+
${project.build.directory}/classes
+
+/
+/
+radius.css
+
+
+license.txt
+
+
+
+
**/*.css
+
+
+/
+/
+radius.js
+
+
+license.txt
+
+
+
+**/*.js
+
+
+
+
+
**/*.test.js
+
+CLOSURE
+
+
+
+
OFF
+OFF
+
+
+
+
+minify
+
+
+
+
+
+
+
+
+maven-assembly-plugin
+2.5.3
+
+
${project.artifactId}-${project.version}
+false
+
+src/main/assembly/dist.xml
+
+
+
+
+make-dist-archive
+package
+
+single
+
+
+
+
+
+
+
+org.apache.maven.plugins
+maven-dependency-plugin
+2.10
+
+
+unpack-dependencies
+prepare-package
+
+unpack-dependencies
+
+
+runtime
+
${project.build.directory}/classes
+
+
+
+
+
+
+
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r101209469
--- Diff: extensions/guacamole-auth-radius/pom.xml ---
@@ -0,0 +1,311 @@
+
+
+http://maven.apache.org/POM/4.0.0";
+xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
+http://maven.apache.org/maven-v4_0_0.xsd";>
+
+4.0.0
+org.apache.guacamole
+guacamole-auth-radius
+jar
+0.9.11-incubating
+guacamole-auth-radius
+http://guacamole.incubator.apache.org/
+
+
+UTF-8
+
+
+
+
+
+
+
+org.apache.maven.plugins
+maven-compiler-plugin
+3.3
+
+1.6
+1.6
+
+-Xlint:all
+-Werror
+
+true
+
+
+
+
+
+com.keithbranton.mojo
+angular-maven-plugin
+0.3.2
+
+
+generate-resources
+
+html2js
+
+
+
+
+${basedir}/src/main/resources
+**/*.html
+
${basedir}/src/main/resources/generated/templates-main/templates.js
+app/ext/radius
+
+
+
+
+
+com.samaxes.maven
+minify-maven-plugin
+1.7.5
+
+
+default-cli
+
+UTF-8
+
+
${basedir}/src/main/resources
+
${project.build.directory}/classes
+
+/
+/
+radius.css
+
+
+license.txt
+
+
+
+
**/*.css
+
+
+/
+/
+radius.js
+
+
+license.txt
+
+
+
+**/*.js
+
+
+
+
+
**/*.test.js
+
+CLOSURE
+
+
+
+
OFF
+OFF
+
+
+
+
+minify
+
+
+
+
+
+
+
+
+maven-assembly-plugin
+2.5.3
+
+
${project.artifactId}-${project.version}
+false
+
+src/main/assembly/dist.xml
+
+
+
+
+make-dist-archive
+package
+
+single
+
+
+
+
+
+
+
+org.apache.maven.plugins
+maven-dependency-plugin
+2.10
+
+
+unpack-dependencies
+prepare-package
+
+unpack-dependencies
+
+
+runtime
+
${project.build.directory}/classes
+
+
+
+
+
+
+
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
Github user mike-jumper commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/122#discussion_r101209421
--- Diff: extensions/guacamole-auth-radius/pom.xml ---
@@ -0,0 +1,311 @@
+
+
+http://maven.apache.org/POM/4.0.0";
+xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
+http://maven.apache.org/maven-v4_0_0.xsd";>
+
+4.0.0
+org.apache.guacamole
+guacamole-auth-radius
+jar
+0.9.11-incubating
+guacamole-auth-radius
+http://guacamole.incubator.apache.org/
+
+
+UTF-8
+
+
+
+
+
+
+
+org.apache.maven.plugins
+maven-compiler-plugin
+3.3
+
+1.6
+1.6
+
+-Xlint:all
+-Werror
+
+true
+
+
+
+
+
+com.keithbranton.mojo
+angular-maven-plugin
+0.3.2
+
+
+generate-resources
+
+html2js
+
+
+
+
+${basedir}/src/main/resources
+**/*.html
+
${basedir}/src/main/resources/generated/templates-main/templates.js
+app/ext/radius
+
+
+
+
+
+com.samaxes.maven
+minify-maven-plugin
+1.7.5
+
+
+default-cli
+
+UTF-8
+
+
${basedir}/src/main/resources
+
${project.build.directory}/classes
+
+/
+/
+radius.css
+
+
+license.txt
+
+
+
+
**/*.css
+
+
+/
+/
+radius.js
+
+
+license.txt
+
+
+
+**/*.js
+
+
+
+
+
**/*.test.js
+
+CLOSURE
+
+
+
+
OFF
+OFF
+
+
+
+
+minify
+
+
+
+
+
+
+
+
+maven-assembly-plugin
+2.5.3
+
+
${project.artifactId}-${project.version}
+false
+
+src/main/assembly/dist.xml
+
+
+
+
+make-dist-archive
+package
+
+single
+
+
+
+
+
+
+
+org.apache.maven.plugins
+maven-dependency-plugin
+2.10
+
+
+unpack-dependencies
+prepare-package
+
+unpack-dependencies
+
+
+runtime
+
${project.build.directory}/classes
+
+
+
+
+
+
[GitHub] incubator-guacamole-client pull request #122: GUACAMOLE-197: Implement Suppo...
GitHub user necouchman opened a pull request: https://github.com/apache/incubator-guacamole-client/pull/122 GUACAMOLE-197: Implement Support for RADIUS Authentication This PR adds a RADIUS authentication module, allowing users to authenticate against RADIUS via a variety of protocols. It includes support for TLS as well as for 2-factor via the radius AccessChallenge packet. It uses JRadius as the RADIUS implementation. You can merge this pull request into a Git repository by running: $ git pull https://github.com/necouchman/incubator-guacamole-client GUACAMOLE-197 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/incubator-guacamole-client/pull/122.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #122 commit a8b36bd53f12d34e49323257a2ad99b9067873b2 Author: Nick Couchman Date: 2017-02-05T20:02:10Z GUACAMOLE-197: Initial code for the guacamole-auth-radius authentication module. commit fd62a6aaa47bdab3b69f3d9df8cad8018a347e3f Author: Nick Couchman Date: 2017-02-06T00:51:40Z GUACAMOLE-197: Fix if-is-not-a-function style issues, again... commit 30bc96cdb4432fc33aa681bdd2606f97edad4764 Author: Nick Couchman Date: 2017-02-06T01:24:14Z GUACAMOLE-197: Add some comments to document the logic and the functions. commit cc14d933a620d12d30a778e3910d68fb2edb114a Author: Nick Couchman Date: 2017-02-06T01:55:44Z GUACAMOLE-197: Add comments to the AngularJS files. commit 6a9d8e0a5d4de94557dc301ad67cd2f773e9c0e2 Author: Nick Couchman Date: 2017-02-06T14:03:56Z GUACAMOLE-197: Change credentials variable to expectedCredentials for consistency; add username to the response field. commit a276f65607b9916cac6346b54b654ce1c5e69cf9 Author: Nick Couchman Date: 2017-02-06T16:57:25Z GUACAMOLE-197: Fix a couple of style issues and add the username variable to the RadiusChallengeResponseField class. Fixes build error. commit 47f9ab88a9af36d887c09ccd6f7176ba63900c3d Author: Nick Couchman Date: 2017-02-06T16:59:39Z GUACAMOLE-197: Re-enable an exception throw in AuthenticationProviderService that should not have been commented out. commit 277b63888e5ebcd7cb50b671709f1ca6df354533 Author: Nick Couchman Date: 2017-02-06T17:01:14Z GUACAMOLE-197: You can't throw something after you return out of the function, so lets remove the return statement. commit 61a61f07d1346fc62d0e796050c9de76d5d2864e Author: Nick Couchman Date: 2017-02-07T20:37:49Z GUACAMOLE-197: Working RADIUS Authentication, including dealing with Challenge/Response (e.g. 2/Multi-Factor) commit 23c60165a9f6af638525a27eac2c21ac018edf65 Author: Nick Couchman Date: 2017-02-07T20:43:31Z GUACAMOLE-197: Remove debug code from AngularJS files. commit be238d5cfd7975e95edc9f64767e0bd17dcdbade Author: Nick Couchman Date: 2017-02-07T20:49:44Z GUACAMOLE-197: Remove remaining JavaScript debug code. commit 0318f29b1a6407bd833c32f7db29bcc7f44dd96e Author: Nick Couchman Date: 2017-02-08T02:51:04Z GUACAMOLE-197: Fix display issues and add translation strings for the RADIUS response field. commit 02834044d14ff676589a58bd65352894a17f6c89 Author: Nick Couchman Date: 2017-02-08T03:35:59Z GUACAMOLE-197: Add configuration properties for EAP-related authentication protocols. commit 4d8e2abd3cdea56ffe5b27156803192de8bc2770 Author: Nick Couchman Date: 2017-02-09T14:28:06Z GUACAMOLE-197: Organize RADIUS connection and configuration code a little more cleanly. commit cbbcac986014cd4dec403fff424b69d5c199d75e Author: Nick Couchman Date: 2017-02-09T14:30:02Z GUACAMOLE-197: Fix style issues...if is not a function... commit 0a0e24e447a12a5d78d259c9e03b40a99dbab85f Author: Nick Couchman Date: 2017-02-09T20:13:47Z GUACAMOLE-197: Deal correctly with EAP Challenge/Response, which is different from 2/Multi-factor Challenge/Response commit af72d3f8dc377472c9d8c2b7d2c4192900372b9d Author: Nick Couchman Date: 2017-02-10T21:33:19Z GUACAMOLE-197: Correct issues with TLS modules, including EAP-TLS and EAP-TTLS --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at [email protected] or file a JIRA ticket with INFRA. ---
