Thanks Nick—shame it's not possible to get that information from the
listener...
I tried looking at the code you mentioned around DelegatingConnection and
DelegatingConnectionGroup but I'm not sure if that's still within the
confines of an authentication plugin or a more significant change to the
code. At the moment, we're just returning a value from the
AuthenticatedUser getEffectiveUserGroups() method which points to a
statically defined (in the database) set of endpoints, using the load
balancing capabilities within guacamole. Within the guac-manifest.json
file, I see we can specify authProviders and listeners, but how do we
integrate these overrides of methods like connect() which aren't part of
auth or events?
As you can probably tell, I'm learning both the language and guac
architecture as we go here, so apologies if this is basic dev stuff. If
there's any other extension code you can recommend I look at to learn how
to structure this, much appreciated.
Kind regards,
David
On Fri, 5 Jul 2024 at 20:08, Nick Couchman <vn...@apache.org> wrote:
> On Thu, Jul 4, 2024 at 11:29 AM David Lomas <d...@pale-eds.co.uk.invalid>
> wrote:
>
>> Hi,
>>
>> I've been able to build our authentication extension which returns a
>> group assigned to a set of potential endpoints (all windows RDP servers),
>> and these are allocated based on availability as people log in. But now
>> we'd like to do some housekeeping on those target machines as people
>> connect, and I'm struggling to get the eventual target host that is
>> returned as part of that flow.
>>
>> I'd hoped to use the TunnelConnectEvent (and TunnelCloseEvent) using
>> something like:
>>
>> public void handleEvent(Object event) throws GuacamoleException {
>>
>> if (event instanceof TunnelConnectEvent) {
>> TunnelConnectEvent tce = (TunnelConnectEvent) event;
>> AuthenticatedUser user = tce.getAuthenticatedUser();
>> GuacamoleTunnel tunnel = tce.getTunnel();
>> GuacamoleSocket socket = tunnel.getSocket();
>>
>> but at that point, the socket is a FailoverGuacamoleSocket which doesn't
>> appear to support getting it's configuration. Is there some other way to
>> get the hostname from that point?
>>
>>
> Yeah, looking at the various GuacamoleSocket implementations, I do not see
> that it is possible to work backward to the connection configuration from
> that object.
>
>
>> For reference, I'd been following
>> https://github.com/atcomputing/guacamole-trigger and that extension
>> specifically doesn't support non-configured sockets.
>>
>>
> Yeah, and even in that example, the author is not working backward from a
> GuacamoleSocket to a specific connection configuration or anything like
> that.
>
> What you might need to do, instead of trying to intercept this with the
> Event classes, is actually wrap either the Connection or ConnectionGroup
> objects and then override the connect() to do any housekeeping before
> calling the wrapped connect() method, and then after that finishes. The
> DelegatingConnection and DelegatingConnectionGroup classes provide a good
> framework for this - extending those classes should allow you to implement
> what you need while passing the actual connection functionality to the
> origin Connection and/or ConnectionGroup class.
>
>
>> Many thanks,
>>
>> David
>>
>> PS—I'm aware this is quite a long way from 'user', but I wasn't sure if
>> this kind of question is appropriate for dev@ Is there a better place
>> for this?
>>
>
> There is a dev@ list, and you're certainly welcome to subscribe to that
> and ask, there. The audience is largely the same, likely a little smaller
> on the dev@ list, and we're not terribly particular about forcing
> conversations into one or the other. The main thing we ask is that people
> don't double or cross-post - that is, same message to both lists, or one
> message to one, then waiting a day for a response and sending it to the
> other list.
>
> -Nick
>
>
