pegasus/src/Pegasus/Common/AuthenticationInfoRep.cpp - diff

Return to AuthenticationInfoRep.cpp CVS log

Up to [Pegasus] / pegasus / src / Pegasus / Common

Diff for /pegasus/src/Pegasus/Common/AuthenticationInfoRep.cpp between version 1.7.4.2 and 1.28

version 1.7.4.2, 2004/04/25 20:39:57

version 1.28, 2008/12/01 17:49:47

Line 1

//%2003////////////////////////////////////////////////////////////////////////

//%LICENSE////////////////////////////////////////////////////////////////

// Licensed to The Open Group (TOG) under one or more contributor license

// Company, L. P., IBM Corp., The Open Group, Tivoli Systems.

// agreements. Refer to the OpenPegasusNOTICE.txt file distributed with

// this work for additional information regarding copyright ownership.

// IBM Corp.; EMC Corporation, The Open Group.

// Each contributor licenses this file to you under the OpenPegasus Open

// Source License; you may not use this file except in compliance with the

// Permission is hereby granted, free of charge, to any person obtaining a copy

// License.

// of this software and associated documentation files (the "Software"), to

// deal in the Software without restriction, including without limitation the

// Permission is hereby granted, free of charge, to any person obtaining a

// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or

// copy of this software and associated documentation files (the "Software"),

// sell copies of the Software, and to permit persons to whom the Software is

// to deal in the Software without restriction, including without limitation

// furnished to do so, subject to the following conditions:

// the rights to use, copy, modify, merge, publish, distribute, sublicense,

// and/or sell copies of the Software, and to permit persons to whom the

// THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN

// Software is furnished to do so, subject to the following conditions:

// ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED

// "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT

// The above copyright notice and this permission notice shall be included

// LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR

// in all copies or substantial portions of the Software.

// PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT

// HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN

// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS

// ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION

// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF

// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.

// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY

// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,

// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE

// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

//==============================================================================

//////////////////////////////////////////////////////////////////////////

// Author: Nag Boranna, Hewlett-Packard Company(nagaraja_boranna@hp.com)

// Modified By: Jair Santos, Hewlett-Packard Company (jair.santos@hp.com)

// Heather Sterling, IBM (hsterl@us.ibm.com)

//%/////////////////////////////////////////////////////////////////////////////

#include <Pegasus/Common/Config.h>

#include <Pegasus/Common/Tracer.h>

#include "AuthenticationInfoRep.h"

#include <Pegasus/Common/SSLContext.h>

#ifdef PEGASUS_HAS_SSL

#include <Pegasus/Common/TLS.h>

#endif

PEGASUS_USING_STD;

PEGASUS_NAMESPACE_BEGIN

const String AuthenticationInfoRep::AUTH_TYPE_SSL = "SSL";

const String AuthenticationInfoRep::AUTH_TYPE_ZOS_LOCAL_DOMIAN_SOCKET = "LDS";

const String AuthenticationInfoRep::AUTH_TYPE_ZOS_ATTLS = "ATTLS";

AuthenticationInfoRep::AuthenticationInfoRep(Boolean flag)

: _connectionAuthenticated(false),

_authUser(String::EMPTY),

_wasRemotePrivilegedUserAccessChecked(false)

_authPassword(String::EMPTY),

_authChallenge(String::EMPTY),

_authSecret(String::EMPTY),

_privileged(false),

_authType(String::EMPTY),

_authStatus(NEW_REQUEST)

{

PEG_METHOD_ENTER(

TRC_AUTHENTICATION, "AuthenticationInfoRep::AuthenticationInfoRep");

#ifdef PEGASUS_KERBEROS_AUTHENTICATION

_securityAssoc = NULL;

#endif

#ifdef PEGASUS_USE_232_CLIENT_VERIFICATION

#ifdef PEGASUS_HAS_SSL

_peerCertificate = NULL;

_certificateStatus = 0;

#endif

PEG_METHOD_EXIT();

}

AuthenticationInfoRep::~AuthenticationInfoRep()

{

PEG_METHOD_ENTER(

TRC_AUTHENTICATION, "AuthenticationInfoRep::~AuthenticationInfoRep");

#ifdef PEGASUS_KERBEROS_AUTHENTICATION

PEG_METHOD_EXIT();

if (_securityAssoc)

{

delete _securityAssoc;

_securityAssoc = 0;

}

#endif

void AuthenticationInfoRep::setConnectionAuthenticated(

Boolean connectionAuthenticated)

{

PEG_METHOD_ENTER(TRC_AUTHENTICATION,

"AuthenticationInfoRep::setConnectionAuthenticated");

_connectionAuthenticated = connectionAuthenticated;

PEG_METHOD_EXIT();

}

void AuthenticationInfoRep::setAuthStatus(AuthStatus status)

#ifdef PEGASUS_OS_ZOS

// The connection user is for z/OS only.

// On z/OS Unix Local Domain Sockets and sockets

// protected by AT-TLS are able to get the user ID of

// the connected user.

// This information is needed for later authentication

// steps.

void AuthenticationInfoRep::setConnectionUser(const String& userName)

{

PEG_METHOD_ENTER(

TRC_AUTHENTICATION, "AuthenticationInfoRep::setAuthStatus");

TRC_AUTHENTICATION, "AuthenticationInfoRep::setConnectionUser()");

_authStatus = status;

_connectionUser = userName;

PEG_METHOD_EXIT();

}

#endif

void AuthenticationInfoRep::setAuthenticatedUser(const String& userName)

{

Line 117

Line 111

PEG_METHOD_EXIT();

}

void AuthenticationInfoRep::setAuthChallenge(const String& challenge)

void AuthenticationInfoRep::setLocalAuthFilePath(const String& filePath)

{

PEG_METHOD_ENTER(

TRC_AUTHENTICATION, "AuthenticationInfoRep::setAuthChallenge");

TRC_AUTHENTICATION, "AuthenticationInfoRep::setLocalAuthFilePath");

_authChallenge = challenge;

_localAuthFilePath = filePath;

PEG_METHOD_EXIT();

}

void AuthenticationInfoRep::setAuthSecret(const String& secret)

void AuthenticationInfoRep::setLocalAuthSecret(const String& secret)

{

PEG_METHOD_ENTER(

TRC_AUTHENTICATION, "AuthenticationInfoRep::setAuthSecret");

TRC_AUTHENTICATION, "AuthenticationInfoRep::setLocalAuthSecret");

_authSecret = secret;

_localAuthSecret = secret;

PEG_METHOD_EXIT();

}

void AuthenticationInfoRep::setPrivileged(Boolean privileged)

{

PEG_METHOD_ENTER(

TRC_AUTHENTICATION, "AuthenticationInfoRep::setPrivileged");

_privileged = privileged;

PEG_METHOD_EXIT();

}

Line 163

Line 147

PEG_METHOD_ENTER(

TRC_AUTHENTICATION, "AuthenticationInfoRep::setSecurityAssociation");

if ( !_securityAssoc )

if ( !_securityAssoc.get() )

{

_securityAssoc = new CIMKerberosSecurityAssociation;

_securityAssoc.reset(new CIMKerberosSecurityAssociation);

}

PEG_METHOD_EXIT();

}

#endif

#ifdef PEGASUS_USE_232_CLIENT_VERIFICATION

void AuthenticationInfoRep::setClientCertificateChain(

#ifdef PEGASUS_HAS_SSL

Array<SSLCertificateInfo*> clientCertificate)

void AuthenticationInfoRep::setPeerCertificate(SSLCertificateInfo* peerCertificate)

{

PEG_METHOD_ENTER(

TRC_AUTHENTICATION, "AuthenticationInfoRep::setCertificateStatus");

_peerCertificate = peerCertificate;

PEG_METHOD_EXIT();

}

void AuthenticationInfoRep::setCertificateStatus(Sint32 certificateStatus)

{

PEG_METHOD_ENTER(

PEG_METHOD_ENTER(TRC_AUTHENTICATION,

TRC_AUTHENTICATION, "AuthenticationInfoRep::setCertificateStatus");

"AuthenticationInfoRep::setClientCertificateChain");

_certificateStatus = certificateStatus;

_clientCertificate = clientCertificate;

// check the certificate authentication status to determine whether or not this

// client is trusted

if (_certificateStatus == SSLSocket::CERT_SUCCESS)

{

PEG_TRACE_STRING(TRC_DISCARDED_DATA, Tracer::LEVEL2,

"AuthenticationInfoRep::Client authenticated via SSL certificate");

_authStatus = AUTHENTICATED;

_privileged = true;

}

PEG_METHOD_EXIT();

}

#endif

PEGASUS_NAMESPACE_END

Legend:

Removed from v.1.7.4.2
changed lines
	Added in v.1.28

No CVS admin address has been configured