guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Jumper <mike.jum...@guac-dev.org>
Subject Re: showing an error message to the end user
Date Sat, 07 Oct 2017 17:42:23 GMT
On Sat, Oct 7, 2017 at 12:03 AM, shaykeren <Shay.K@quali.com> wrote:

> Our extension inherit from AuthenticationProvider
> In authenticateUser method We are validating credentials.getRequest().
> in case the request(HttpServletRequest) contains invalid parameter an
> exception is raised (GuacamoleException) with the right message.
>
> Basically our users are being redirected to guacamole in order to SSH/RDP.
> Our custom AuthenticationProvider sets GuacamoleConfiguration with the
> pre-selected protocol parameters.
> Thanks!
>
> Any Idea?
>
>
If you throw the lowest-level, Guacamole-specific exception available
(GuacamoleException), there is no semantic information surrounding that
exception for the web application to handle that error in a way which makes
sense. It will be converted to a hard HTTP 500 status code, and
authentication will abort.

Depending on what exactly you're looking for, there are other exceptions
available for:

* Notifying the user that something they've entered is invalid
(GuacamoleClientException). Example: [1]
* Requesting that the user provide entirely new credentials
(GuacamoleInvalidCredentialsException). Example: [2]
* Requesting that the user provide additional credentials
(GuacamoleInsufficientCredentialsException). Example: [3]

Error handling within the web application will not necessarily have the
effect you're looking for, though. If you're only using Guacamole to
service individual connections, you should probably look into building your
own application using the Guacamole API.

It's still unclear exactly what you're aiming for, what the intended user
experience is, etc. It's clear that you are validating HTTP parameters
during authentication, and that you wish to display an error, but the
context of that error is unknown; Guacamole performs authentication on
absolutely all pages, so this parameter could be coming from anywhere. It
would be helpful if you could walk through the user experience, starting
from what they see within the non-Guacamole part of your application.

- Mike

[1]
https://github.com/apache/incubator-guacamole-client/blob/728d9b937c80bbf61ac79dd563dc1775203b34e6/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java#L98-L100

[2]
https://github.com/apache/incubator-guacamole-client/blob/728d9b937c80bbf61ac79dd563dc1775203b34e6/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java#L79-L80

[3]
https://github.com/apache/incubator-guacamole-client/blob/728d9b937c80bbf61ac79dd563dc1775203b34e6/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java#L434-L438

Mime
View raw message