1 karl 1.26 //%2006////////////////////////////////////////////////////////////////////////
|
2 mike 1.2 //
|
3 karl 1.22 // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
4 // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
5 // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
|
6 karl 1.18 // IBM Corp.; EMC Corporation, The Open Group.
|
7 karl 1.22 // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
8 // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
|
9 karl 1.24 // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.;
10 // EMC Corporation; VERITAS Software Corporation; The Open Group.
|
11 karl 1.26 // Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.;
12 // EMC Corporation; Symantec Corporation; The Open Group.
|
13 mike 1.2 //
|
14 kumpf 1.7 // Permission is hereby granted, free of charge, to any person obtaining a copy
15 // of this software and associated documentation files (the "Software"), to
16 // deal in the Software without restriction, including without limitation the
17 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
18 // sell copies of the Software, and to permit persons to whom the Software is
19 // furnished to do so, subject to the following conditions:
20 //
21 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
22 // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
23 // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
24 // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
25 // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
26 // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
27 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
29 mike 1.2 //
30 //==============================================================================
31 //
32 //%/////////////////////////////////////////////////////////////////////////////
33
34 #ifndef Pegasus_AuthenticationInfo_h
35 #define Pegasus_AuthenticationInfo_h
36
37 #include <Pegasus/Common/Config.h>
|
38 kumpf 1.10 #include <Pegasus/Common/InternalException.h>
|
39 kumpf 1.5 #include <Pegasus/Common/Tracer.h>
40 #include <Pegasus/Common/AuthenticationInfoRep.h>
|
41 kumpf 1.8 #include <Pegasus/Common/Linkage.h>
|
42 h.sterling 1.19 #include <Pegasus/Common/SSLContext.h>
|
43 mike 1.2
|
44 gerarda 1.13 #ifdef PEGASUS_KERBEROS_AUTHENTICATION
|
45 gerarda 1.15 #include <Pegasus/Common/CIMKerberosSecurityAssociation.h>
|
46 gerarda 1.13 #endif
|
47 mike 1.2
48 PEGASUS_NAMESPACE_BEGIN
49
|
50 kumpf 1.5
|
51 mike 1.2 /**
|
52 kumpf 1.29 This class keeps the authentication information of a connection
53 persistent until the connection is destroyed.
|
54 mike 1.3
|
55 kumpf 1.29 The HTTPConnection object creates a AuthenticationInfo object on a new
56 socket connection and includes this object reference in the HTTPMessage
|
57 kumpf 1.5 that gets passed to the Delegator and in turn to the AuthenticationManager.
|
58 kumpf 1.29 The AuthenticationManager and the related authentication classes use the
59 AuthenticationInfo to store and access the persistent authentication
|
60 kumpf 1.5 information for a connection.
|
61 mike 1.2 */
62 class PEGASUS_COMMON_LINKAGE AuthenticationInfo
63 {
64 public:
65
|
66 sushma.fernandes 1.34 /** Constructor - Creates an uninitialized new AuthenticationInfo
67 object representing an AuthenticationInfo class. The class object
|
68 kumpf 1.5 created by this constructor can only be used in an operation such as the
|
69 sushma.fernandes 1.34 copy constructor. It cannot be used to do method calls such as
70 getAuthType, since it is uninitialized.
|
71 kumpf 1.5
|
72 kumpf 1.29 Use one of the other constructors to create an initiated new
73 AuthenticationInfo class object. Throws an exception
74 "unitialized handle" if this unitialized handle is used for
|
75 kumpf 1.5 method calls.
76 */
77 AuthenticationInfo() : _rep(0)
78 {
79 PEG_METHOD_ENTER(
80 TRC_AUTHENTICATION, "AuthenticationInfo::AuthenticationInfo");
81
82
83 PEG_METHOD_EXIT();
84 }
85
|
86 kumpf 1.29 /** Creates and instantiates a AuthenticationInfo from another
|
87 kumpf 1.5 AuthenticationInfo instance
88 @return pointer to the new AuthenticationInfo instance
89 */
90 AuthenticationInfo(const AuthenticationInfo& x)
91 {
92 PEG_METHOD_ENTER(
93 TRC_AUTHENTICATION, "AuthenticationInfo::AuthenticationInfo");
94
95 Inc(_rep = x._rep);
96
97 PEG_METHOD_EXIT();
98 }
99
100 /** Assignment operator */
101 AuthenticationInfo& operator=(const AuthenticationInfo& x)
102 {
103 PEG_METHOD_ENTER(
104 TRC_AUTHENTICATION, "AuthenticationInfo::AuthenticationInfo");
105
106 if (x._rep != _rep)
107 {
108 kumpf 1.5 Dec(_rep);
109 Inc(_rep = x._rep);
110 }
111
112 PEG_METHOD_EXIT();
113 return *this;
114 }
115
|
116 kumpf 1.29 /** Constructor - Instantiates a AuthenticationInfo object.
|
117 kumpf 1.5 @param flag - used only to distinguish from the default constructor.
118 */
119 AuthenticationInfo(Boolean flag)
120 {
121 PEG_METHOD_ENTER(
122 TRC_AUTHENTICATION, "AuthenticationInfo::AuthenticationInfo");
|
123 mike 1.2
|
124 kumpf 1.5 _rep = new AuthenticationInfoRep(flag);
125
126 PEG_METHOD_EXIT();
127 }
|
128 mike 1.2
129 /** Destructor */
|
130 kumpf 1.5 ~AuthenticationInfo()
131 {
132 PEG_METHOD_ENTER(
133 TRC_AUTHENTICATION, "AuthenticationInfo::~AuthenticationInfo");
134
135 Dec(_rep);
136
137 PEG_METHOD_EXIT();
138 }
139
|
140 sushma.fernandes 1.34 /** Sets the connection authentication status of the request to the
141 status specified.
|
142 kumpf 1.5 @param status - the new authentication status
143 */
|
144 sushma.fernandes 1.34 void setConnectionAuthenticated(Boolean status)
|
145 kumpf 1.29 {
|
146 marek 1.37 CheckRep(_rep);
|
147 sushma.fernandes 1.34 _rep->setConnectionAuthenticated(status);
|
148 kumpf 1.5 }
149
150 /** Get the previously authenticated user name
151 @return the authenticated user name
152 */
|
153 kumpf 1.29 String getAuthenticatedUser() const
154 {
|
155 marek 1.37 CheckRep(_rep);
|
156 kumpf 1.29 return _rep->getAuthenticatedUser();
|
157 kumpf 1.5 }
158
159 /** Sets the authenticated user name
160 @param userName - string containing the authenticated user name
161 */
162 void setAuthenticatedUser(const String& userName)
|
163 kumpf 1.29 {
|
164 marek 1.37 CheckRep(_rep);
|
165 kumpf 1.29 _rep->setAuthenticatedUser(userName);
|
166 kumpf 1.5 }
167
|
168 thilo.boehm 1.36 #ifdef PEGASUS_OS_ZOS
169
170 /** The connection user is for z/OS only.
171 On z/OS Unix Local Domain Sockets and sockets
172 protected by AT-TLS are able to get the user ID of
173 the connected user.
174 This information is needed for later authentication
175 steps.
176 */
177
178 /** Get the connection user name
179 @return the connection user name
180 */
181 String getConnectionUser() const
182 {
|
183 marek 1.37 CheckRep(_rep);
|
184 thilo.boehm 1.36 return _rep->getConnectionUser();
185 }
186
187 /** Sets the connection user name
188 @param userName - string containing the user name
189 provided by the connection
190 */
191 void setConnectionUser(const String& userName)
192 {
|
193 marek 1.37 CheckRep(_rep);
|
194 thilo.boehm 1.36 _rep->setConnectionUser(userName);
195 }
196
197 #endif
198
|
199 kumpf 1.16 /** Get the previously authenticated password
200 @return the authenticated password
201 */
|
202 kumpf 1.29 String getAuthenticatedPassword() const
203 {
|
204 marek 1.37 CheckRep(_rep);
|
205 kumpf 1.29 return _rep->getAuthenticatedPassword();
|
206 kumpf 1.16 }
207
208 /** Sets the authenticated password
209 @param password - string containing the authenticated password
210 */
211 void setAuthenticatedPassword(const String& password)
|
212 kumpf 1.29 {
|
213 marek 1.37 CheckRep(_rep);
|
214 kumpf 1.29 _rep->setAuthenticatedPassword(password);
|
215 kumpf 1.16 }
|
216 kumpf 1.29
|
217 kumpf 1.35 /** Get the local authentication file path that was sent to client
218 @return string containing the authentication file path
219 */
220 String getLocalAuthFilePath() const
221 {
|
222 marek 1.37 CheckRep(_rep);
|
223 kumpf 1.35 return _rep->getLocalAuthFilePath();
224 }
225
226 /** Set the local authentication file path to the specified file path
227 @param filePath String containing the authentication file path
228 */
229 void setLocalAuthFilePath(const String& filePath)
230 {
|
231 marek 1.37 CheckRep(_rep);
|
232 kumpf 1.35 _rep->setLocalAuthFilePath(filePath);
233 }
234
|
235 sushma.fernandes 1.33 /** Get the local authentication secret that was sent to client
|
236 kumpf 1.5 @return string containing the authentication secret
237 */
|
238 sushma.fernandes 1.33 String getLocalAuthSecret() const
|
239 kumpf 1.29 {
|
240 marek 1.37 CheckRep(_rep);
|
241 sushma.fernandes 1.33 return _rep->getLocalAuthSecret();
|
242 kumpf 1.5 }
243
|
244 sushma.fernandes 1.33 /** Set the local authentication secret to the specified secret
|
245 kumpf 1.5 @param secret - string containing the authentication secret
246 */
|
247 sushma.fernandes 1.33 void setLocalAuthSecret(const String& secret)
|
248 kumpf 1.29 {
|
249 marek 1.37 CheckRep(_rep);
|
250 sushma.fernandes 1.33 _rep->setLocalAuthSecret(secret);
|
251 kumpf 1.5 }
252
253 /** Is the request authenticated
254 */
255 /** Returns the authentication status of the current connection.
256 @return true if the connection was authenticated, false otherwise
257 */
|
258 sushma.fernandes 1.34 Boolean isConnectionAuthenticated() const
|
259 kumpf 1.29 {
|
260 marek 1.37 CheckRep(_rep);
|
261 sushma.fernandes 1.34 return _rep->isConnectionAuthenticated();
|
262 kumpf 1.5 }
263
264 /** Set the authentication type to the specified type
265 @param string containing the authentication type
266 */
267 void setAuthType(const String& authType)
|
268 kumpf 1.29 {
|
269 marek 1.37 CheckRep(_rep);
|
270 kumpf 1.5 _rep->setAuthType(authType);
271 }
272
273 /** Get the authentication type of the connection
274 @return string containing the authentication type
275 */
|
276 kumpf 1.29 String getAuthType() const
277 {
|
278 marek 1.37 CheckRep(_rep);
|
279 kumpf 1.5 return _rep->getAuthType();
280 }
|
281 gerarda 1.13
|
282 kumpf 1.29 /**
|
283 sushma.fernandes 1.28 Set the IP address to the specified IP address
284 @param string containing the IP address
285 */
286 void setIpAddress(const String& ipAddress)
287 {
|
288 marek 1.37 CheckRep(_rep);
|
289 sushma.fernandes 1.28 _rep->setIpAddress(ipAddress);
290 }
291
|
292 kumpf 1.29 /**
|
293 sushma.fernandes 1.28 Get the IP address of the connection
294
|
295 kumpf 1.29 NOTE: The IP address is for debug use only.
|
296 sushma.fernandes 1.28 It should not be used for authentication purposes.
297
298 @return string containing the IP address
299 */
300 String getIpAddress() const
301 {
|
302 marek 1.37 CheckRep(_rep);
|
303 sushma.fernandes 1.28 return _rep->getIpAddress();
304 }
305
306
|
307 gerarda 1.13 #ifdef PEGASUS_KERBEROS_AUTHENTICATION
|
308 kumpf 1.29 /** Get the CIM Security Association
|
309 gerarda 1.14 @return a pointer to the CIM Security Association
|
310 gerarda 1.13 */
|
311 kumpf 1.29 CIMKerberosSecurityAssociation* getSecurityAssociation() const
312 {
|
313 marek 1.37 CheckRep(_rep);
|
314 kumpf 1.29 return _rep->getSecurityAssociation();
|
315 gerarda 1.14 }
316
|
317 kumpf 1.29 /** Set the CIM Security Association
|
318 gerarda 1.14 The pointer will only be set once. If it is already set it will
319 not reset it.
320 */
321 void setSecurityAssociation()
|
322 kumpf 1.29 {
|
323 marek 1.37 CheckRep(_rep);
|
324 kumpf 1.29 _rep->setSecurityAssociation();
|
325 gerarda 1.13 }
326 #endif
|
327 h.sterling 1.19
|
328 h.sterling 1.25 Array<SSLCertificateInfo*> getClientCertificateChain()
|
329 kumpf 1.29 {
|
330 marek 1.37 CheckRep(_rep);
|
331 h.sterling 1.25 return _rep->getClientCertificateChain();
|
332 kumpf 1.29 }
|
333 h.sterling 1.23
|
334 kumpf 1.29 void setClientCertificateChain(Array<SSLCertificateInfo*> clientCertificate)
335 {
|
336 marek 1.37 CheckRep(_rep);
|
337 h.sterling 1.25 _rep->setClientCertificateChain(clientCertificate);
|
338 kumpf 1.29 }
|
339 h.sterling 1.23
|
340 marek 1.30 /** Set flag to show that isRemotePrivilegedUserAccess check has been done
341 this function should only be used by OpenPegasus AuthenticationHandlers
342 */
343 void setRemotePrivilegedUserAccessChecked()
344 {
|
345 marek 1.37 CheckRep(_rep);
|
346 marek 1.30 _rep->setRemotePrivilegedUserAccessChecked();
347 }
348
|
349 kumpf 1.31 /** Indicates whether the isRemotePrivilegedUserAccess check has been
350 performed. This method should only be used by OpenPegasus
351 AuthenticationHandlers
|
352 marek 1.30 */
353 Boolean getRemotePrivilegedUserAccessChecked()
354 {
|
355 marek 1.37 CheckRep(_rep);
|
356 marek 1.30 return _rep->getRemotePrivilegedUserAccessChecked();
357 }
358
|
359 mike 1.2 private:
360
|
361 kumpf 1.5 AuthenticationInfo(AuthenticationInfoRep* rep) : _rep(rep)
362 {
|
363 mike 1.2
|
364 kumpf 1.5 }
|
365 marek 1.37
|
366 kumpf 1.5 AuthenticationInfoRep* _rep;
|
367 mike 1.2 };
368
369 PEGASUS_NAMESPACE_END
370
371 #endif /* Pegasus_AuthenticationInfo_h*/
|