1 martin 1.39 //%LICENSE////////////////////////////////////////////////////////////////
|
2 martin 1.40 //
|
3 martin 1.39 // Licensed to The Open Group (TOG) under one or more contributor license
4 // agreements. Refer to the OpenPegasusNOTICE.txt file distributed with
5 // this work for additional information regarding copyright ownership.
6 // Each contributor licenses this file to you under the OpenPegasus Open
7 // Source License; you may not use this file except in compliance with the
8 // License.
|
9 martin 1.40 //
|
10 martin 1.39 // Permission is hereby granted, free of charge, to any person obtaining a
11 // copy of this software and associated documentation files (the "Software"),
12 // to deal in the Software without restriction, including without limitation
13 // the rights to use, copy, modify, merge, publish, distribute, sublicense,
14 // and/or sell copies of the Software, and to permit persons to whom the
15 // Software is furnished to do so, subject to the following conditions:
|
16 martin 1.40 //
|
17 martin 1.39 // The above copyright notice and this permission notice shall be included
18 // in all copies or substantial portions of the Software.
|
19 martin 1.40 //
|
20 martin 1.39 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
|
21 martin 1.40 // OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
22 martin 1.39 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
23 // IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
24 // CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
25 // TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
26 // SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
27 martin 1.40 //
|
28 martin 1.39 //////////////////////////////////////////////////////////////////////////
|
29 mike 1.2 //
30 //%/////////////////////////////////////////////////////////////////////////////
31
32 #ifndef Pegasus_AuthenticationInfo_h
33 #define Pegasus_AuthenticationInfo_h
34
35 #include <Pegasus/Common/Config.h>
|
36 kumpf 1.10 #include <Pegasus/Common/InternalException.h>
|
37 kumpf 1.5 #include <Pegasus/Common/Tracer.h>
38 #include <Pegasus/Common/AuthenticationInfoRep.h>
|
39 kumpf 1.8 #include <Pegasus/Common/Linkage.h>
|
40 h.sterling 1.19 #include <Pegasus/Common/SSLContext.h>
|
41 mike 1.2
42
43 PEGASUS_NAMESPACE_BEGIN
44
45 /**
|
46 kumpf 1.29 This class keeps the authentication information of a connection
47 persistent until the connection is destroyed.
|
48 mike 1.3
|
49 kumpf 1.29 The HTTPConnection object creates a AuthenticationInfo object on a new
50 socket connection and includes this object reference in the HTTPMessage
|
51 kumpf 1.5 that gets passed to the Delegator and in turn to the AuthenticationManager.
|
52 kumpf 1.29 The AuthenticationManager and the related authentication classes use the
53 AuthenticationInfo to store and access the persistent authentication
|
54 kumpf 1.5 information for a connection.
|
55 mike 1.2 */
56 class PEGASUS_COMMON_LINKAGE AuthenticationInfo
57 {
58 public:
59
|
60 sushma.fernandes 1.34 /** Constructor - Creates an uninitialized new AuthenticationInfo
61 object representing an AuthenticationInfo class. The class object
|
62 kumpf 1.5 created by this constructor can only be used in an operation such as the
|
63 sushma.fernandes 1.34 copy constructor. It cannot be used to do method calls such as
64 getAuthType, since it is uninitialized.
|
65 kumpf 1.5
|
66 kumpf 1.29 Use one of the other constructors to create an initiated new
67 AuthenticationInfo class object. Throws an exception
68 "unitialized handle" if this unitialized handle is used for
|
69 kumpf 1.5 method calls.
70 */
71 AuthenticationInfo() : _rep(0)
72 {
73 PEG_METHOD_ENTER(
74 TRC_AUTHENTICATION, "AuthenticationInfo::AuthenticationInfo");
75
76
77 PEG_METHOD_EXIT();
78 }
79
|
80 kumpf 1.29 /** Creates and instantiates a AuthenticationInfo from another
|
81 kumpf 1.5 AuthenticationInfo instance
82 @return pointer to the new AuthenticationInfo instance
83 */
84 AuthenticationInfo(const AuthenticationInfo& x)
85 {
86 PEG_METHOD_ENTER(
87 TRC_AUTHENTICATION, "AuthenticationInfo::AuthenticationInfo");
88
89 Inc(_rep = x._rep);
90
91 PEG_METHOD_EXIT();
92 }
93
94 /** Assignment operator */
95 AuthenticationInfo& operator=(const AuthenticationInfo& x)
96 {
97 PEG_METHOD_ENTER(
98 TRC_AUTHENTICATION, "AuthenticationInfo::AuthenticationInfo");
99
100 if (x._rep != _rep)
101 {
102 kumpf 1.5 Dec(_rep);
103 Inc(_rep = x._rep);
104 }
105
106 PEG_METHOD_EXIT();
107 return *this;
108 }
109
|
110 kumpf 1.29 /** Constructor - Instantiates a AuthenticationInfo object.
|
111 kumpf 1.5 @param flag - used only to distinguish from the default constructor.
112 */
|
113 karl 1.41.8.1 AuthenticationInfo(Boolean)
|
114 kumpf 1.5 {
115 PEG_METHOD_ENTER(
116 TRC_AUTHENTICATION, "AuthenticationInfo::AuthenticationInfo");
|
117 mike 1.2
|
118 karl 1.41.8.1 _rep = new AuthenticationInfoRep();
|
119 kumpf 1.5
120 PEG_METHOD_EXIT();
121 }
|
122 mike 1.2
123 /** Destructor */
|
124 kumpf 1.5 ~AuthenticationInfo()
125 {
126 PEG_METHOD_ENTER(
127 TRC_AUTHENTICATION, "AuthenticationInfo::~AuthenticationInfo");
128
129 Dec(_rep);
130
131 PEG_METHOD_EXIT();
132 }
133
|
134 kumpf 1.41 /** Sets the connection authentication status of the request to the
|
135 sushma.fernandes 1.34 status specified.
|
136 kumpf 1.5 @param status - the new authentication status
137 */
|
138 sushma.fernandes 1.34 void setConnectionAuthenticated(Boolean status)
|
139 kumpf 1.29 {
|
140 marek 1.37 CheckRep(_rep);
|
141 sushma.fernandes 1.34 _rep->setConnectionAuthenticated(status);
|
142 kumpf 1.5 }
143
144 /** Get the previously authenticated user name
145 @return the authenticated user name
146 */
|
147 kumpf 1.29 String getAuthenticatedUser() const
148 {
|
149 marek 1.37 CheckRep(_rep);
|
150 kumpf 1.29 return _rep->getAuthenticatedUser();
|
151 kumpf 1.5 }
152
153 /** Sets the authenticated user name
154 @param userName - string containing the authenticated user name
155 */
156 void setAuthenticatedUser(const String& userName)
|
157 kumpf 1.29 {
|
158 marek 1.37 CheckRep(_rep);
|
159 kumpf 1.29 _rep->setAuthenticatedUser(userName);
|
160 kumpf 1.5 }
161
|
162 thilo.boehm 1.36 #ifdef PEGASUS_OS_ZOS
163
164 /** The connection user is for z/OS only.
165 On z/OS Unix Local Domain Sockets and sockets
166 protected by AT-TLS are able to get the user ID of
167 the connected user.
|
168 kumpf 1.41 This information is needed for later authentication
|
169 thilo.boehm 1.36 steps.
170 */
171
172 /** Get the connection user name
173 @return the connection user name
174 */
175 String getConnectionUser() const
176 {
|
177 marek 1.37 CheckRep(_rep);
|
178 thilo.boehm 1.36 return _rep->getConnectionUser();
179 }
180
181 /** Sets the connection user name
|
182 kumpf 1.41 @param userName - string containing the user name
|
183 thilo.boehm 1.36 provided by the connection
184 */
185 void setConnectionUser(const String& userName)
186 {
|
187 marek 1.37 CheckRep(_rep);
|
188 thilo.boehm 1.36 _rep->setConnectionUser(userName);
189 }
190
191 #endif
192
|
193 kumpf 1.16 /** Get the previously authenticated password
194 @return the authenticated password
195 */
|
196 kumpf 1.29 String getAuthenticatedPassword() const
197 {
|
198 marek 1.37 CheckRep(_rep);
|
199 kumpf 1.29 return _rep->getAuthenticatedPassword();
|
200 kumpf 1.16 }
201
202 /** Sets the authenticated password
203 @param password - string containing the authenticated password
204 */
205 void setAuthenticatedPassword(const String& password)
|
206 kumpf 1.29 {
|
207 marek 1.37 CheckRep(_rep);
|
208 kumpf 1.29 _rep->setAuthenticatedPassword(password);
|
209 kumpf 1.16 }
|
210 kumpf 1.29
|
211 kumpf 1.35 /** Get the local authentication file path that was sent to client
212 @return string containing the authentication file path
213 */
214 String getLocalAuthFilePath() const
215 {
|
216 marek 1.37 CheckRep(_rep);
|
217 kumpf 1.35 return _rep->getLocalAuthFilePath();
218 }
219
220 /** Set the local authentication file path to the specified file path
221 @param filePath String containing the authentication file path
222 */
223 void setLocalAuthFilePath(const String& filePath)
224 {
|
225 marek 1.37 CheckRep(_rep);
|
226 kumpf 1.35 _rep->setLocalAuthFilePath(filePath);
227 }
228
|
229 sushma.fernandes 1.33 /** Get the local authentication secret that was sent to client
|
230 kumpf 1.5 @return string containing the authentication secret
231 */
|
232 sushma.fernandes 1.33 String getLocalAuthSecret() const
|
233 kumpf 1.29 {
|
234 marek 1.37 CheckRep(_rep);
|
235 sushma.fernandes 1.33 return _rep->getLocalAuthSecret();
|
236 kumpf 1.5 }
237
|
238 sushma.fernandes 1.33 /** Set the local authentication secret to the specified secret
|
239 kumpf 1.5 @param secret - string containing the authentication secret
240 */
|
241 sushma.fernandes 1.33 void setLocalAuthSecret(const String& secret)
|
242 kumpf 1.29 {
|
243 marek 1.37 CheckRep(_rep);
|
244 sushma.fernandes 1.33 _rep->setLocalAuthSecret(secret);
|
245 kumpf 1.5 }
246
247 /** Is the request authenticated
248 */
249 /** Returns the authentication status of the current connection.
250 @return true if the connection was authenticated, false otherwise
251 */
|
252 sushma.fernandes 1.34 Boolean isConnectionAuthenticated() const
|
253 kumpf 1.29 {
|
254 marek 1.37 CheckRep(_rep);
|
255 sushma.fernandes 1.34 return _rep->isConnectionAuthenticated();
|
256 kumpf 1.5 }
257
258 /** Set the authentication type to the specified type
259 @param string containing the authentication type
260 */
261 void setAuthType(const String& authType)
|
262 kumpf 1.29 {
|
263 marek 1.37 CheckRep(_rep);
|
264 kumpf 1.5 _rep->setAuthType(authType);
265 }
266
267 /** Get the authentication type of the connection
268 @return string containing the authentication type
269 */
|
270 kumpf 1.29 String getAuthType() const
271 {
|
272 marek 1.37 CheckRep(_rep);
|
273 kumpf 1.5 return _rep->getAuthType();
274 }
|
275 gerarda 1.13
|
276 kumpf 1.29 /**
|
277 sushma.fernandes 1.28 Set the IP address to the specified IP address
278 @param string containing the IP address
279 */
280 void setIpAddress(const String& ipAddress)
281 {
|
282 marek 1.37 CheckRep(_rep);
|
283 sushma.fernandes 1.28 _rep->setIpAddress(ipAddress);
284 }
285
|
286 kumpf 1.29 /**
|
287 sushma.fernandes 1.28 Get the IP address of the connection
288
|
289 kumpf 1.29 NOTE: The IP address is for debug use only.
|
290 sushma.fernandes 1.28 It should not be used for authentication purposes.
291
292 @return string containing the IP address
293 */
294 String getIpAddress() const
295 {
|
296 marek 1.37 CheckRep(_rep);
|
297 sushma.fernandes 1.28 return _rep->getIpAddress();
298 }
299
300
|
301 h.sterling 1.25 Array<SSLCertificateInfo*> getClientCertificateChain()
|
302 kumpf 1.29 {
|
303 marek 1.37 CheckRep(_rep);
|
304 h.sterling 1.25 return _rep->getClientCertificateChain();
|
305 kumpf 1.29 }
|
306 h.sterling 1.23
|
307 kumpf 1.29 void setClientCertificateChain(Array<SSLCertificateInfo*> clientCertificate)
308 {
|
309 marek 1.37 CheckRep(_rep);
|
310 h.sterling 1.25 _rep->setClientCertificateChain(clientCertificate);
|
311 kumpf 1.29 }
|
312 h.sterling 1.23
|
313 marek 1.30 /** Set flag to show that isRemotePrivilegedUserAccess check has been done
314 this function should only be used by OpenPegasus AuthenticationHandlers
315 */
316 void setRemotePrivilegedUserAccessChecked()
317 {
|
318 marek 1.37 CheckRep(_rep);
|
319 marek 1.30 _rep->setRemotePrivilegedUserAccessChecked();
320 }
321
|
322 kumpf 1.31 /** Indicates whether the isRemotePrivilegedUserAccess check has been
323 performed. This method should only be used by OpenPegasus
324 AuthenticationHandlers
|
325 marek 1.30 */
326 Boolean getRemotePrivilegedUserAccessChecked()
327 {
|
328 marek 1.37 CheckRep(_rep);
|
329 marek 1.30 return _rep->getRemotePrivilegedUserAccessChecked();
330 }
331
|
332 karl 1.41.8.1 void setAuthHandle(const AuthHandle & authHandle)
333 {
334 CheckRep(_rep);
335 _rep->setAuthHandle(authHandle);
336 }
337
338 AuthHandle getAuthHandle()
339 {
340 CheckRep(_rep);
341 return _rep->getAuthHandle();
342 }
343
|
344 karl 1.41.8.2 void setUserRole(const String & userRole)
345 {
346 CheckRep(_rep);
347 _rep->setUserRole(userRole);
348 }
349
350 String getUserRole()
351 {
352 CheckRep(_rep);
353 return _rep->getUserRole();
354 }
355
356 void setExpiredPassword(Boolean status)
357 {
358 CheckRep(_rep);
359 _rep->setExpiredPassword(status);
360 }
361
362 Boolean isExpiredPassword() const
363 {
364 CheckRep(_rep);
365 karl 1.41.8.2 return _rep->isExpiredPassword();
366 }
367
|
368 mike 1.2 private:
369
|
370 kumpf 1.5 AuthenticationInfo(AuthenticationInfoRep* rep) : _rep(rep)
371 {
|
372 mike 1.2
|
373 kumpf 1.5 }
|
374 kumpf 1.41
|
375 kumpf 1.5 AuthenticationInfoRep* _rep;
|
376 mike 1.2 };
377
378 PEGASUS_NAMESPACE_END
379
380 #endif /* Pegasus_AuthenticationInfo_h*/
|