logger.debug("Anonymous bind is not currently allowed by the LDAP authentication provider.");
return null;
}
// Connect to LDAP server
LDAPConnection ldapConnection;
try {
ldapConnection = new LDAPConnection();
ldapConnection.connect(
GuacamoleProperties.getRequiredProperty(LDAPGuacamoleProperties.LDAP_HOSTNAME),
GuacamoleProperties.getRequiredProperty(LDAPGuacamoleProperties.LDAP_PORT)
);
}
catch (LDAPException e) {
throw new GuacamoleServerException("Unable to connect to LDAP server.", e);
}
// Get username attribute
String username_attribute = GuacamoleProperties.getRequiredProperty(
LDAPGuacamoleProperties.LDAP_USERNAME_ATTRIBUTE
);
// Get user base DN
String user_base_dn = GuacamoleProperties.getRequiredProperty(
LDAPGuacamoleProperties.LDAP_USER_BASE_DN
);
// Construct user DN
String user_dn =
escapeDN(username_attribute) + "=" + escapeDN(credentials.getUsername())
+ "," + user_base_dn;
try {
// Bind as user
try {
ldapConnection.bind(
LDAPConnection.LDAP_V3,
user_dn,
credentials.getPassword().getBytes("UTF-8")
);
}
catch (UnsupportedEncodingException e) {
throw new GuacamoleException(e);
}
}
catch (LDAPException e) {
logger.debug("LDAP bind failed.", e);
return null;
}
// Get config base DN
String config_base_dn = GuacamoleProperties.getRequiredProperty(
LDAPGuacamoleProperties.LDAP_CONFIG_BASE_DN
);
// Pull all connections
try {
// Find all guac configs for this user
LDAPSearchResults results = ldapConnection.search(
config_base_dn,
LDAPConnection.SCOPE_SUB,
"(&(objectClass=guacConfigGroup)(member=" + escapeLDAPSearchFilter(user_dn) + "))",
null,
false
);
// Add all configs
Map<String, GuacamoleConfiguration> configs = new TreeMap<String, GuacamoleConfiguration>();
while (results.hasMore()) {
LDAPEntry entry = results.next();
// New empty configuration
GuacamoleConfiguration config = new GuacamoleConfiguration();
// Get CN
LDAPAttribute cn = entry.getAttribute("cn");
if (cn == null)
throw new GuacamoleException("guacConfigGroup without cn");
// Get protocol
LDAPAttribute protocol = entry.getAttribute("guacConfigProtocol");
if (protocol == null)
throw new GuacamoleException("guacConfigGroup without guacConfigProtocol");
// Set protocol
config.setProtocol(protocol.getStringValue());
// Get parameters, if any
LDAPAttribute parameterAttribute = entry.getAttribute("guacConfigParameter");
if (parameterAttribute != null) {
// For each parameter
Enumeration<String> parameters = parameterAttribute.getStringValues();
while (parameters.hasMoreElements()) {
String parameter = parameters.nextElement();
// Parse parameter
int equals = parameter.indexOf('=');
if (equals != -1) {
// Parse name
String name = parameter.substring(0, equals);
String value = parameter.substring(equals+1);
config.setParameter(name, value);
}
}
}
// Store config by CN
configs.put(cn.getStringValue(), config);
}
// Disconnect
ldapConnection.disconnect();
return configs;
}
catch (LDAPException e) {
throw new GuacamoleServerException("Error while querying for connections.", e);