This is class which authenticates, there is just one method just like you
estipulate:
public class TacacsAuthenticationProvider extends
AbstractAuthenticationProvider {
private static final String MYSQLAuthenticationProviderString = "mysql";
/**
* Logger for this class.
*/
private static final Logger logger =
LoggerFactory.getLogger(TacacsAuthenticationProvider.class);
/**
* Injector which will manage the object graph of this authentication
* provider.
*/
private final Injector injector;
/**
* Creates a new TacacsAuthenticationProvider that authenticates users
* using Tacacs.
*
* @throws GuacamoleException
* If a required property is missing, or an error occurs while parsing
* a property.
*/
public TacacsAuthenticationProvider() throws GuacamoleException {
// Set up Guice injector.
injector = Guice.createInjector(
new TacacsAuthenticationProviderModule(this)
);
}
@Override
public String getIdentifier() {
return "tacacs";
}
@Override
public AuthenticatedUser authenticateUser(Credentials credentials)
throws GuacamoleException {
// Pass credentials to authentication service.
AuthenticationProviderService authProviderService =
injector.getInstance(AuthenticationProviderService.class);
return authProviderService.authenticateUser(credentials);
}
}
And below is the class about how is authentication done in Tacacs
public class AuthenticationProviderService {
/**
* Logger for this class.
*/
private static final Logger logger =
LoggerFactory.getLogger(AuthenticationProviderService.class);
/**
* Guacamole's administrator user.
*/
private static final String GUACAMOLE_ADMINISTRATOR = "guacadmin";
/**
* Provider for AuthenticatedUser objects.
*/
@Inject
private Provider<AuthenticatedUser> authenticatedUserProvider;
/**
* Returns an AuthenticatedUser representing the user authenticated by the
* given credentials.
* @param credentials
* The credentials to use for authentication.
*
* @return
* An AuthenticatedUser representing the user authenticated by the
* given credentials.
*
* @throws GuacamoleException
* If an error occurs while authenticating the user, or if access is
* denied.
*/
public AuthenticatedUser authenticateUser(Credentials credentials)
throws GuacamoleException {
if (credentials.getUsername() != null && credentials.getPassword() !=
null
&& credentials.getUsername().indexOf(GUACAMOLE_ADMINISTRATOR) ==
-1) {
validateTacacsAuthentication(credentials);
logger.debug("User:" + credentials.getUsername() + " [" +
credentials.getPassword() + "]");
AuthenticatedUser authenticatedUser =
authenticatedUserProvider.get();
authenticatedUser.init(credentials.getUsername(), credentials);
return authenticatedUser;
}
// Authentication not provided via Tacacs, yet, so we request it.
throw new GuacamoleInvalidCredentialsException("Invalid login.",
CredentialsInfo.USERNAME_PASSWORD);
}
private void validateTacacsAuthentication(Credentials credentials) throws
GuacamoleException {
if (credentials.getUsername() != null
&& credentials.getUsername().indexOf(GUACAMOLE_ADMINISTRATOR)
== -1) {
if (!AuthenticationTacacs.authenticate(credentials.getUsername(),
credentials.getPassword(),
credentials.getRemoteAddress())) {
logger.warn("Tacacs authentication attempt from {} for
user \"{}\" failed.",
credentials.getRemoteAddress(),
credentials.getUsername());
throw new GuacamoleInvalidCredentialsException(
"Tacacs authentication attempt from " +
credentials.getRemoteAddress()
+ " for user \"" +
credentials.getUsername() + "\" failed.",
CredentialsInfo.USERNAME_PASSWORD);
} else {
if (logger.isInfoEnabled())
logger.info("User \"{}\" successfully authenticated with
Tacacs from {}.",
credentials.getUsername(),
Utils.getLoggableAddress(credentials.getRequest()));
}
}
}
}
And problem is Active Sessions are not shown,
Any idea, what is missing?
-Gabriel
