Hi all, i hope not disturbing.
I created some methods. I showed you part of AuthenticationProviderService
class, in order to get some guide.
@Inject
private UserMapper userMapper;
@Inject
private Provider<ModeledUser> userProvider;
private ModeledUser getObjectInstance(ModeledAuthenticatedUser currentUser,
UserModel model) throws GuacamoleException {
boolean exposeRestrictedAttributes;
// Expose restricted attributes if the user does not yet exist
if (model.getObjectID() == null)
exposeRestrictedAttributes = true;
// Otherwise, if the user permissions are available, expose restricted
// attributes only if the user has ADMINISTER permission
else if (currentUser != null)
exposeRestrictedAttributes = hasObjectPermission(currentUser,
model.getIdentifier(), ObjectPermission.Type.ADMINISTER);
// If user permissions are not available, do not expose anything
else
exposeRestrictedAttributes = false;
// Produce ModeledUser exposing only those attributes for which the
// current user has permission
ModeledUser user = userProvider.get();
user.init(currentUser, model, exposeRestrictedAttributes);
return user;
}
private String getOriginalPassword(Credentials credentials) throws
GuacamoleException {
// Get username and password
String username = credentials.getUsername();
String password = credentials.getPassword();
// Retrieve corresponding user model, if such a user exists
UserModel userModel = userMapper.selectOne(username);
if (userModel != null) {
// Create corresponding user object, set up cyclic reference
ModeledUser user = getObjectInstance(null, userModel);
byte[] hash = encryptionService.createPasswordHash(password,
userModel.getPasswordSalt());
// Verify provided password is correct (return MySQL saved
password)
if (username.indexOf(GUACAMOLE_ADMINISTRATOR) == -1
&& !Arrays.equals(hash, userModel.getPasswordHash())) {
return user.getPassword();
}
}
return null;
}
To retrieve MySQL saved password, once Tacacs password is validated to be
replaced with the first one:
String originalPassword = getOriginalPassword(credentials);
if (originalPassword != null) {
credentials.setPassword(originalPassword);
authenticatedUser.init(credentials.getUsername(),
credentials);
return authenticatedUser;
}
All compiles fine, but when I run web application I get below error:
[2023-04-14 14:10:03] [info] 14:10:03.358 [http-nio-8080-exec-4] ERROR
o.a.g.rest.RESTExceptionMapper - Unexpected internal error: Guice configuration
errors:
[2023-04-14 14:10:03] [info] 1) [Guice/MissingImplementation]: No
implementation for GuacamoleTunnelService was bound.
[2023-04-14 14:10:03] [info] Requested by:
[2023-04-14 14:10:03] [info] 1 :
ActiveConnectionPermissionService.tunnelService(ActiveConnectionPermissionService.java:44)
[2023-04-14 14:10:03] [info] \_ for field tunnelService
[2023-04-14 14:10:03] [info] at
ModeledPermissions.activeConnectionPermissionService(ModeledPermissions.java:46)
[2023-04-14 14:10:03] [info] \_ for field
activeConnectionPermissionService
[2023-04-14 14:10:03] [info] at
AuthenticationProviderService.userProvider(AuthenticationProviderService.java:48)
[2023-04-14 14:10:03] [info] \_ for field userProvider
[2023-04-14 14:10:03] [info] while locating AuthenticationProviderService
[2023-04-14 14:10:03] [info] Learn more:
[2023-04-14 14:10:03] [info]
https://github.com/google/guice/wiki/MISSING_IMPLEMENTATION
[2023-04-14 14:10:03] [info] 2) [Guice/MissingImplementation]: No
implementation for EntityMapper was bound.
[2023-04-14 14:10:03] [info] Requested by:
[2023-04-14 14:10:03] [info] 1 :
EntityService.entityMapper(EntityService.java:33)
[2023-04-14 14:10:03] [info] \_ for field entityMapper
[2023-04-14 14:10:03] [info] at
ModeledPermissions.entityService(ModeledPermissions.java:46)
[2023-04-14 14:10:03] [info] \_ for field entityService
[2023-04-14 14:10:03] [info] at
AuthenticationProviderService.userProvider(AuthenticationProviderService.java:48)
[2023-04-14 14:10:03] [info] \_ for field userProvider
[2023-04-14 14:10:03] [info] while locating AuthenticationProviderService
[2023-04-14 14:10:03] [info] 2 : UserService.entityMapper(UserService.java:66)
[2023-04-14 14:10:03] [info] \_ for field entityMapper
[2023-04-14 14:10:03] [info] at
UserRecordSet.userService(UserRecordSet.java:39)
Any excelente guide for Guice? Or and example where I can use a SQL Select
using mybatis
-Gabriel
-----Mensaje original-----
De: Gabriel Huerta Araujo
Enviado el: miércoles, 12 de abril de 2023 04:14 p. m.
Para: [email protected]
Asunto: RE: Change to the way of authenticating provided by Guacamole
Nick:
I think you have misunderstood me. I intended to update the Tacacs password
once this is validated and after that be replaced in the MySQL database,
previously validating that the Tacacs password has not been saved in the MySQL
database. Or another possibility is getting user name, get its original
password and once Tacacs password is validated, being replaced it with saved
password in MySQL into AuthenticatedUser variable used by Java program
-Gabriel
-----Mensaje original-----
De: Nick Couchman <[email protected]>
Enviado el: miércoles, 12 de abril de 2023 02:11 p. m.
Para: [email protected]
Asunto: Re: Change to the way of authenticating provided by Guacamole
On Wed, Apr 12, 2023 at 4:08 PM Gabriel Huerta Araujo
<[email protected]> wrote:
>
> Hi all
>
> If I update MySQL password saved, replacing it by Tacacs password, is
> automatically application updated to see Active Sessions?
No - in fact, if you do this, you will likely be authenticated by the MySQL
module and not the TACACS module at all, since Guacamole will succeed using the
first module it comes to, and skip the rest.
-Nick
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
