|
version 1.19, 2006/10/20 18:06:02
|
version 1.37, 2014/09/26 07:46:58
|
|
|
|
| //%2006//////////////////////////////////////////////////////////////////////// |
//%LICENSE//////////////////////////////////////////////////////////////// |
| // | // |
| // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development |
// Licensed to The Open Group (TOG) under one or more contributor license |
| // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems. |
// agreements. Refer to the OpenPegasusNOTICE.txt file distributed with |
| // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.; |
// this work for additional information regarding copyright ownership. |
| // IBM Corp.; EMC Corporation, The Open Group. |
// Each contributor licenses this file to you under the OpenPegasus Open |
| // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.; |
// Source License; you may not use this file except in compliance with the |
| // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group. |
// License. |
| // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.; |
|
| // EMC Corporation; VERITAS Software Corporation; The Open Group. |
|
| // Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.; |
|
| // EMC Corporation; Symantec Corporation; The Open Group. |
|
| // |
|
| // Permission is hereby granted, free of charge, to any person obtaining a copy |
|
| // of this software and associated documentation files (the "Software"), to |
|
| // deal in the Software without restriction, including without limitation the |
|
| // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or |
|
| // sell copies of the Software, and to permit persons to whom the Software is |
|
| // furnished to do so, subject to the following conditions: |
|
| // |
|
| // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN |
|
| // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED |
|
| // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT |
|
| // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR |
|
| // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT |
|
| // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN |
|
| // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION |
|
| // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
|
| // | // |
| //============================================================================== |
// Permission is hereby granted, free of charge, to any person obtaining a |
| |
// copy of this software and associated documentation files (the "Software"), |
| |
// to deal in the Software without restriction, including without limitation |
| |
// the rights to use, copy, modify, merge, publish, distribute, sublicense, |
| |
// and/or sell copies of the Software, and to permit persons to whom the |
| |
// Software is furnished to do so, subject to the following conditions: |
| |
// |
| |
// The above copyright notice and this permission notice shall be included |
| |
// in all copies or substantial portions of the Software. |
| |
// |
| |
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS |
| |
// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF |
| |
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. |
| |
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY |
| |
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, |
| |
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE |
| |
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
| |
// |
| |
////////////////////////////////////////////////////////////////////////// |
| // | // |
| //%///////////////////////////////////////////////////////////////////////////// | //%///////////////////////////////////////////////////////////////////////////// |
| | |
|
|
|
| #include <Pegasus/Common/Sharable.h> | #include <Pegasus/Common/Sharable.h> |
| #include <Pegasus/Common/Linkage.h> | #include <Pegasus/Common/Linkage.h> |
| #include <Pegasus/Common/SSLContext.h> | #include <Pegasus/Common/SSLContext.h> |
| |
#include <Pegasus/Common/AuthHandle.h> |
| | |
| #ifdef PEGASUS_KERBEROS_AUTHENTICATION |
|
| #include <Pegasus/Common/CIMKerberosSecurityAssociation.h> |
#ifdef PEGASUS_NEGOTIATE_AUTHENTICATION |
| #endif |
#include <Pegasus/Common/Negotiate.h> |
| |
#endif //PEGASUS_NEGOTIATE_AUTHENTICATION |
| | |
| PEGASUS_NAMESPACE_BEGIN | PEGASUS_NAMESPACE_BEGIN |
| | |
|
|
|
| class PEGASUS_COMMON_LINKAGE AuthenticationInfoRep : public Sharable | class PEGASUS_COMMON_LINKAGE AuthenticationInfoRep : public Sharable |
| { | { |
| public: | public: |
| enum AuthStatus { NEW_REQUEST, CHALLENGE_SENT, AUTHENTICATED }; |
|
| | |
| //ATTN: we should be using an enumeration for the authtype instead of a string. |
//ATTN: we should be using an enumeration for the authtype instead of a |
| |
//string. |
| //In the AuthenticationManager, the authtype is set to Basic, Digest, etc | //In the AuthenticationManager, the authtype is set to Basic, Digest, etc |
| //We also need to be able to check whether the type is SSL, so I'm adding a | //We also need to be able to check whether the type is SSL, so I'm adding a |
| //string here to make it less arbitrary. PEP165 | //string here to make it less arbitrary. PEP165 |
| static const String AUTH_TYPE_SSL; | static const String AUTH_TYPE_SSL; |
| |
static const String AUTH_TYPE_ZOS_LOCAL_DOMIAN_SOCKET; |
| |
static const String AUTH_TYPE_ZOS_ATTLS; |
| |
static const String AUTH_TYPE_COOKIE; |
| | |
| AuthenticationInfoRep(Boolean flag); |
AuthenticationInfoRep(); |
| | |
| ~AuthenticationInfoRep(); | ~AuthenticationInfoRep(); |
| | |
| AuthStatus getAuthStatus() const |
void setConnectionAuthenticated(Boolean connectionAuthenticated); |
| { |
|
| return _authStatus; |
|
| } |
|
| |
|
| void setAuthStatus(AuthStatus status); |
|
| | |
| String getAuthenticatedUser() const | String getAuthenticatedUser() const |
| { | { |
|
|
|
| | |
| void setAuthenticatedUser(const String& userName); | void setAuthenticatedUser(const String& userName); |
| | |
| String getAuthenticatedPassword() const |
#ifdef PEGASUS_OS_ZOS |
| { |
|
| return _authPassword; |
// The connection user is for z/OS only. |
| |
// On z/OS Unix Local Domain Sockets and sockets |
| |
// protected by AT-TLS are able to get the user ID of |
| |
// the connected user. |
| |
// This information is needed for later authentication |
| |
// steps. |
| |
|
| |
String getConnectionUser() const |
| |
{ return _connectionUser; |
| } | } |
| | |
| void setAuthenticatedPassword(const String& password); |
void setConnectionUser(const String& userName); |
| | |
| String getAuthChallenge() const |
#endif |
| |
|
| |
String getAuthenticatedPassword() const |
| { | { |
| return _authChallenge; |
return _authPassword; |
| } | } |
| | |
| void setAuthChallenge(const String& challenge); |
void setAuthenticatedPassword(const String& password); |
| | |
| String getAuthSecret() const |
String getLocalAuthFilePath() const |
| { | { |
| return _authSecret; |
return _localAuthFilePath; |
| } | } |
| | |
| void setAuthSecret(const String& secret); |
void setLocalAuthFilePath(const String& filePath); |
| | |
| Boolean isPrivileged() const |
String getLocalAuthSecret() const |
| { | { |
| return _privileged; |
return _localAuthSecret; |
| } | } |
| | |
| void setPrivileged(Boolean privileged); |
void setLocalAuthSecret(const String& secret); |
| | |
| Boolean isAuthenticated() const |
Boolean isConnectionAuthenticated() const |
| { | { |
| return (_authStatus == AUTHENTICATED) ? true : false; |
return _connectionAuthenticated; |
| } | } |
| | |
| String getAuthType() const | String getAuthType() const |
|
|
|
| return _ipAddress; | return _ipAddress; |
| } | } |
| | |
| #ifdef PEGASUS_KERBEROS_AUTHENTICATION |
#ifdef PEGASUS_NEGOTIATE_AUTHENTICATION |
| CIMKerberosSecurityAssociation* getSecurityAssociation() const |
/** Get GSSAPI context for this connection. */ |
| |
SharedPtr<NegotiateServerSession> getNegotiateSession() |
| { | { |
| return _securityAssoc.get(); |
return _session; |
| } | } |
| |
#endif //PEGASUS_NEGOTIATE_AUTHENTICATION |
| | |
| void setSecurityAssociation(); |
|
| #endif |
|
| |
|
| //PEP187 |
|
| Array<SSLCertificateInfo*> getClientCertificateChain() | Array<SSLCertificateInfo*> getClientCertificateChain() |
| { | { |
| return _clientCertificate; | return _clientCertificate; |
| } | } |
| | |
| //PEP187 |
void setClientCertificateChain( |
| void setClientCertificateChain(Array<SSLCertificateInfo*> |
Array<SSLCertificateInfo*> clientCertificate); |
| clientCertificate); |
|
| | |
| private: |
void setRemotePrivilegedUserAccessChecked() |
| |
{ |
| |
_wasRemotePrivilegedUserAccessChecked = true; |
| |
} |
| | |
| /** Constructors */ |
Boolean getRemotePrivilegedUserAccessChecked() |
| AuthenticationInfoRep(); |
{ |
| |
return _wasRemotePrivilegedUserAccessChecked; |
| |
} |
| | |
| AuthenticationInfoRep(const AuthenticationInfoRep& x); |
void setAuthHandle(const AuthHandle& authHandle) |
| |
{ |
| |
_authHandle = authHandle; |
| |
} |
| |
|
| |
AuthHandle getAuthHandle() |
| |
{ |
| |
return _authHandle; |
| |
} |
| |
|
| |
void setUserRole(const String& userRole) |
| |
{ |
| |
_userRole = userRole; |
| |
} |
| |
|
| |
String getUserRole() |
| |
{ |
| |
return _userRole; |
| |
} |
| |
|
| |
void setExpiredPassword(Boolean status) |
| |
{ |
| |
_isExpiredPassword = status; |
| |
} |
| |
|
| |
Boolean isExpiredPassword() const |
| |
{ |
| |
return _isExpiredPassword; |
| |
} |
| |
|
| |
void setCookie(const String &value) |
| |
{ |
| |
_cookie = value; |
| |
} |
| | |
| |
String getCookie() const |
| |
{ |
| |
return _cookie; |
| |
} |
| |
|
| |
private: |
| |
|
| |
/** Default Copy Constructor and assignment operator */ |
| |
AuthenticationInfoRep(const AuthenticationInfoRep& x); |
| AuthenticationInfoRep& operator=(const AuthenticationInfoRep& x); | AuthenticationInfoRep& operator=(const AuthenticationInfoRep& x); |
| | |
| String _authUser; | String _authUser; |
| String _authPassword; | String _authPassword; |
| String _authChallenge; |
String _localAuthSecret; |
| String _authSecret; |
String _localAuthFilePath; |
| Boolean _privileged; |
#ifdef PEGASUS_OS_ZOS |
| |
String _connectionUser; |
| |
#endif |
| String _authType; | String _authType; |
| AuthStatus _authStatus; |
Boolean _connectionAuthenticated; |
| String _ipAddress; | String _ipAddress; |
| #ifdef PEGASUS_KERBEROS_AUTHENTICATION |
|
| AutoPtr<CIMKerberosSecurityAssociation> _securityAssoc;//PEP101 |
#ifdef PEGASUS_NEGOTIATE_AUTHENTICATION |
| #endif |
SharedPtr<NegotiateServerSession> _session; |
| |
#endif //PEGASUS_NEGOTIATE_AUTHENTICATION |
| |
|
| |
Boolean _wasRemotePrivilegedUserAccessChecked; |
| | |
| Array<SSLCertificateInfo*> _clientCertificate; | Array<SSLCertificateInfo*> _clientCertificate; |
| |
|
| |
AuthHandle _authHandle; |
| |
String _userRole; |
| |
Boolean _isExpiredPassword; |
| |
String _cookie; |
| }; | }; |
| | |
| PEGASUS_NAMESPACE_END | PEGASUS_NAMESPACE_END |
Return to
AuthenticationInfoRep.h
CVS log
Up to [Pegasus] / pegasus / src / Pegasus / Common