Merge patch branch changes to main.
diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ConnectionService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ConnectionService.java
index b3ed89c..f7c1203 100644
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ConnectionService.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ConnectionService.java
@@ -29,6 +29,8 @@
import java.util.Map;
import java.util.Set;
import org.apache.guacamole.auth.jdbc.user.ModeledAuthenticatedUser;
+import org.apache.guacamole.language.TranslatableGuacamoleClientOverrunException;
+import org.apache.guacamole.language.TranslatableMessage;
import org.apache.guacamole.auth.jdbc.base.ModeledDirectoryObjectMapper;
import org.apache.guacamole.auth.jdbc.tunnel.GuacamoleTunnelService;
import org.apache.guacamole.GuacamoleClientException;
@@ -89,6 +91,11 @@
*/
@Inject
private GuacamoleTunnelService tunnelService;
+
+ /**
+ * Known limit for the size of the connection parameter values.
+ */
+ private static final int CONNECTION_PARAMETER_VALUE_LIMIT = 4096;
@Override
protected ModeledDirectoryObjectMapper<ConnectionModel> getObjectMapper() {
@@ -154,11 +161,50 @@
}
+ /**
+ * Validates that all connection parameter values are within the expected size limit.
+ *
+ * @param parameters
+ * The map of connection parameter name/value pairs to validate.
+ *
+ * @throws GuacamoleClientException
+ * If any of the parameter values exceed the defined limit.
+ */
+ private void validateParameters(Map<String, String> parameters) throws GuacamoleClientException {
+ // Iterate through each parameter to validate its size
+ for (Map.Entry<String, String> parameter : parameters.entrySet()) {
+ String value = parameter.getValue();
+
+ // Check if parameter value exceeds size limit
+ if (value != null && value.length() > CONNECTION_PARAMETER_VALUE_LIMIT) {
+
+ Map<String, Object> vars = new HashMap<>();
+ vars.put("MAX_SIZE", CONNECTION_PARAMETER_VALUE_LIMIT);
+ vars.put("PARAMETER_NAME", parameter.getKey());
+
+ // Create a translatable message with the error key and substitution variables
+ TranslatableMessage translatableMessage = new TranslatableMessage(
+ "CONNECTION_PARAMETERS.DATABASE_PARAMETER_VALUE_TOO_LONG",
+ vars
+ );
+
+ throw new TranslatableGuacamoleClientOverrunException(
+ "The value provided for connection parameter \"" + parameter.getKey() +
+ "\" exceeds the maximum allowed length.",
+ translatableMessage
+ );
+ }
+ }
+ }
+
@Override
protected void beforeCreate(ModeledAuthenticatedUser user,
Connection object, ConnectionModel model)
throws GuacamoleException {
+ // Validate parameters before saving
+ validateParameters(object.getConfiguration().getParameters());
+
super.beforeCreate(user, object, model);
// Name must not be blank
@@ -177,6 +223,9 @@
ModeledConnection object, ConnectionModel model)
throws GuacamoleException {
+ // Validate parameters before saving
+ validateParameters(object.getConfiguration().getParameters());
+
super.beforeUpdate(user, object, model);
// Name must not be blank
diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/resources/translations/en.json b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/resources/translations/en.json
index b286f0c..68e96a8 100644
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/resources/translations/en.json
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/resources/translations/en.json
@@ -108,6 +108,10 @@
"SECTION_HEADER_RESTRICTIONS" : "Group Restrictions"
- }
+ },
+
+ "CONNECTION_PARAMETERS": {
+ "DATABASE_PARAMETER_VALUE_TOO_LONG": "The value provided for connection parameter {PARAMETER_NAME} exceeds the maximum allowed length of {MAX_SIZE} {MAX_SIZE, plural, one{character} other{characters}}."
+ }
}