Table Of Contents

Previous topic

6.3. Plugin response

Next topic

6.5. AAPlugin

6.4. Connection information

class safeguard.sessions.plugin.connection_info.ConnectionInfo(gateway_domain=None, gateway_groups=None, gateway_password=None, gateway_user=None, gateway_username=None, key_value_pairs=None, client_ip=None, client_port=None, connection_name=None, protocol=None, session_id=None, target_domain=None, target_host=None, target_port=None, target_server=None, target_username=None)

The ConnectionInfo class gives easy access to the parameters passed to a plugin. It is meant to represent a read-only record of the SPS sessions being processed. It is also the means to pass many parameters between functions if needed. Note: SPS does not always know or pass all parameters in all hooks, in which case the corresponding value shall be None.

connection_name

Name of the connection policy (<protocol> Control -> Connections).

client_ip

A string containing the IP address of the client.

client_port

The port number of the client. Only available for AA plugins.

gateway_domain

The domain name of the gateway user if known. Only set for Credential Store plugins.

New in version 1.2.0.

gateway_groups

The gateway groups of the gateway user as calculated by SPS.

gateway_password

The gateway password as used, detected by SPS. Only set for Credential Store plugins. It is possible to have an empty string here in case the gateway authentication does not reveal the password itself. Empty string is presented in case of terminal server gateway mode of RDP.

New in version 1.2.0.

gateway_user

See gateway_username(). For backwards compatibility.

gateway_username

Contains the gateway username of the client, if already available (for example, if the user performed inband gateway authentication), otherwise its value is None.

key_value_pairs

A dictionary containing plugin-specific information, for example, it may include the username. This dictionary also contains any key-value pairs that the user specified. In the plugin, such fields are already parsed into separate key-value pairs.

protocol

The protocol used in the connection, one of ssh, telnet, rdp.

session_id

The unique identifier of the session.

target_domain

The domain name of the target user if known. Only set for Credential Store plugins.

New in version 1.2.0.

target_ip

A string containing the IP address of the target server.

New in version 1.2.0.

target_host

See target_ip(). For backwards compatibility.

New in version 1.2.0.

target_port

The port number on the target server.

target_server

See target_ip(). For backwards compatibility.

target_username

The user name SPS uses to authenticate on the target server.