version 1.22.8.1, 2006/02/10 16:13:17
|
version 1.25.4.1, 2007/03/23 17:36:55
|
|
|
// | // |
//============================================================================== | //============================================================================== |
// | // |
// Author: Nag Boranna, Hewlett-Packard Company(nagaraja_boranna@hp.com) |
|
// |
|
// Modified By: Dave Rosckes (rosckes@us.ibm.com) |
|
// Josephine Eskaline Joyce (jojustin@in.ibm.com) for PEP#101 |
|
// Sushma Fernandes, Hewlett-Packard Company(sushma_fernandes@hp.com) |
|
// |
|
//%///////////////////////////////////////////////////////////////////////////// | //%///////////////////////////////////////////////////////////////////////////// |
| |
#include <Pegasus/Common/System.h> | #include <Pegasus/Common/System.h> |
|
|
// | // |
// delete authentication handlers | // delete authentication handlers |
// | // |
if ( _localAuthHandler ) |
|
{ |
|
delete _localAuthHandler; | delete _localAuthHandler; |
} |
|
if ( _httpAuthHandler ) |
|
{ |
|
delete _httpAuthHandler; | delete _httpAuthHandler; |
} |
|
| |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
} | } |
| |
|
Boolean AuthenticationManager::isRemotePrivilegedUserAccessAllowed( |
|
String & userName) |
|
{ |
|
// |
|
// Reject access if the user is privileged and remote privileged user |
|
// access is not enabled. |
|
// |
|
if (!ConfigManager::parseBooleanValue(ConfigManager::getInstance()-> |
|
getCurrentValue("enableRemotePrivilegedUserAccess")) |
|
&& System::isPrivilegedUser(userName)) |
|
{ |
|
Tracer::trace(TRC_AUTHENTICATION, Tracer::LEVEL2, |
|
"Authentication failed for user '%s' because " |
|
"enableRemotePrivilegedUserAccess is not set to 'true'.", |
|
(const char*) userName.getCString()); |
|
Logger::put_l( |
|
Logger::STANDARD_LOG, System::CIMSERVER, Logger::INFORMATION, |
|
"Security.Authentication.BasicAuthenticationHandler." |
|
"PRIVILEGED_ACCESS_DISABLED", |
|
"Authentication failed for user '$0' because " |
|
"enableRemotePrivilegedUserAccess is not set to 'true'.", |
|
userName); |
|
return false; |
|
} |
|
return true; |
|
} |
|
|
// | // |
// Perform http authentication | // Perform http authentication |
// | // |
|
|
| |
if ( authenticated ) | if ( authenticated ) |
{ | { |
authInfo->setAuthStatus(AuthenticationInfoRep::AUTHENTICATED); |
|
|
|
authInfo->setAuthType(authType); | authInfo->setAuthType(authType); |
} | } |
| |
|
|
String cookie = String::EMPTY; | String cookie = String::EMPTY; |
| |
Logger::put(Logger::STANDARD_LOG, System::CIMSERVER, Logger::TRACE, | Logger::put(Logger::STANDARD_LOG, System::CIMSERVER, Logger::TRACE, |
"AuthenticationManager:: performPegasusAuthentication - Authority Header: $0", |
"AuthenticationManager:: performPegasusAuthentication " |
authHeader); |
"- Authority Header: $0", authHeader); |
| |
// | // |
// Parse the pegasus authentication header authentication information | // Parse the pegasus authentication header authentication information |
|
|
} | } |
#endif | #endif |
| |
if ( String::equalNoCase(authType, "Local") ) |
// The HTTPAuthenticatorDelegator ensures only local authentication |
{ |
// requests get here. |
if (authInfo->isAuthenticated() && |
PEGASUS_ASSERT(authType == "Local"); |
String::equal(userName, authInfo->getAuthenticatedUser())) |
|
{ |
|
PEG_METHOD_EXIT(); |
|
return true; |
|
} |
|
} |
|
else |
|
{ |
|
PEG_METHOD_EXIT(); |
|
return false; |
|
} |
|
|
|
// |
|
// Check if the authentication information is present |
|
// |
|
if ( String::equal(cookie, String::EMPTY) ) |
|
{ |
|
PEG_METHOD_EXIT(); |
|
return false; |
|
} |
|
| |
authenticated = | authenticated = |
_localAuthHandler->authenticate(cookie, authInfo); | _localAuthHandler->authenticate(cookie, authInfo); |
| |
if ( authenticated ) | if ( authenticated ) |
{ | { |
authInfo->setAuthStatus(AuthenticationInfoRep::AUTHENTICATED); |
|
|
|
#if defined(PEGASUS_LOCAL_PRIVILEGED_AUTHENTICATION) | #if defined(PEGASUS_LOCAL_PRIVILEGED_AUTHENTICATION) |
if ( String::equal(authType, "LocalPrivileged") ) | if ( String::equal(authType, "LocalPrivileged") ) |
{ | { |