|
version 1.25.4.1, 2007/03/23 17:36:55
|
version 1.30, 2007/06/22 17:35:52
|
|
|
|
| getCurrentValue("enableRemotePrivilegedUserAccess")) | getCurrentValue("enableRemotePrivilegedUserAccess")) |
| && System::isPrivilegedUser(userName)) | && System::isPrivilegedUser(userName)) |
| { | { |
| Tracer::trace(TRC_AUTHENTICATION, Tracer::LEVEL2, |
PEG_TRACE((TRC_AUTHENTICATION, Tracer::LEVEL2, |
| "Authentication failed for user '%s' because " | "Authentication failed for user '%s' because " |
| "enableRemotePrivilegedUserAccess is not set to 'true'.", | "enableRemotePrivilegedUserAccess is not set to 'true'.", |
| (const char*) userName.getCString()); |
(const char*) userName.getCString())); |
| Logger::put_l( | Logger::put_l( |
| Logger::STANDARD_LOG, System::CIMSERVER, Logger::INFORMATION, | Logger::STANDARD_LOG, System::CIMSERVER, Logger::INFORMATION, |
| "Security.Authentication.BasicAuthenticationHandler." | "Security.Authentication.BasicAuthenticationHandler." |
|
|
|
| // | // |
| // Perform http authentication | // Perform http authentication |
| // | // |
| Boolean AuthenticationManager::performHttpAuthentication |
Boolean AuthenticationManager::performHttpAuthentication( |
| ( |
|
| const String& authHeader, | const String& authHeader, |
| AuthenticationInfo* authInfo |
AuthenticationInfo* authInfo) |
| ) |
|
| { | { |
| PEG_METHOD_ENTER( |
PEG_METHOD_ENTER(TRC_AUTHENTICATION, |
| TRC_AUTHENTICATION, "AuthenticationManager::performHttpAuthentication()"); |
"AuthenticationManager::performHttpAuthentication()"); |
| |
|
| String authType = String::EMPTY; |
|
| | |
| String cookie = String::EMPTY; |
String authType; |
| |
String cookie; |
| | |
| Logger::put(Logger::STANDARD_LOG, System::CIMSERVER, Logger::TRACE, | Logger::put(Logger::STANDARD_LOG, System::CIMSERVER, Logger::TRACE, |
| "AuthenticationManager:: performHttpAuthentication - Authority Header: $0", authHeader); |
"AuthenticationManager:: performHttpAuthentication - " |
| |
"Authority Header: $0", |
| |
authHeader); |
| | |
| // | // |
| // Parse the HTTP authentication header for authentication information | // Parse the HTTP authentication header for authentication information |
|
|
|
| | |
| PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
| | |
| return ( authenticated ); |
return authenticated; |
| } | } |
| | |
| // | // |
| // Perform pegasus sepcific local authentication | // Perform pegasus sepcific local authentication |
| // | // |
| Boolean AuthenticationManager::performPegasusAuthentication |
Boolean AuthenticationManager::performPegasusAuthentication( |
| ( |
|
| const String& authHeader, | const String& authHeader, |
| AuthenticationInfo* authInfo |
AuthenticationInfo* authInfo) |
| ) |
|
| { | { |
| PEG_METHOD_ENTER( |
PEG_METHOD_ENTER(TRC_AUTHENTICATION, |
| TRC_AUTHENTICATION, "AuthenticationManager::performPegasusAuthentication()"); |
"AuthenticationManager::performPegasusAuthentication()"); |
| | |
| Boolean authenticated = false; | Boolean authenticated = false; |
| | |
| String authType = String::EMPTY; |
String authType; |
| String userName = String::EMPTY; |
String userName; |
| String cookie = String::EMPTY; |
String cookie; |
| | |
| Logger::put(Logger::STANDARD_LOG, System::CIMSERVER, Logger::TRACE, | Logger::put(Logger::STANDARD_LOG, System::CIMSERVER, Logger::TRACE, |
| "AuthenticationManager:: performPegasusAuthentication " |
"AuthenticationManager:: performPegasusAuthentication - " |
| "- Authority Header: $0", authHeader); |
"Authority Header: $0", |
| |
authHeader); |
| | |
| // | // |
| // Parse the pegasus authentication header authentication information | // Parse the pegasus authentication header authentication information |
|
|
|
| return false; | return false; |
| } | } |
| | |
| // |
|
| // Note: Pegasus LocalPrivileged authentication is not being used, but the |
|
| // code is kept here so that we can use it in the future if needed. |
|
| // |
|
| #if defined(PEGASUS_LOCAL_PRIVILEGED_AUTHENTICATION) |
|
| if ( String::equalNoCase(authType, "LocalPrivileged") ) |
|
| { |
|
| if (authInfo->isAuthenticated() && authInfo->isPrivileged() && |
|
| String::equal(userName, authInfo->getAuthenticatedUser())) |
|
| { |
|
| PEG_METHOD_EXIT(); |
|
| return true; |
|
| } |
|
| } |
|
| #endif |
|
| |
|
| // The HTTPAuthenticatorDelegator ensures only local authentication | // The HTTPAuthenticatorDelegator ensures only local authentication |
| // requests get here. | // requests get here. |
| PEGASUS_ASSERT(authType == "Local"); | PEGASUS_ASSERT(authType == "Local"); |
|
|
|
| | |
| if ( authenticated ) | if ( authenticated ) |
| { | { |
| #if defined(PEGASUS_LOCAL_PRIVILEGED_AUTHENTICATION) |
|
| if ( String::equal(authType, "LocalPrivileged") ) |
|
| { |
|
| authInfo->setPrivileged(true); |
|
| } |
|
| else |
|
| { |
|
| authInfo->setPrivileged(false); |
|
| } |
|
| #endif |
|
| |
|
| authInfo->setAuthType(authType); | authInfo->setAuthType(authType); |
| } | } |
| | |
| PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
| | |
| return ( authenticated ); |
return authenticated; |
| } | } |
| | |
| // | // |
|
|
|
| // | // |
| // Get pegasus/local authentication response header | // Get pegasus/local authentication response header |
| // | // |
| String AuthenticationManager::getPegasusAuthResponseHeader |
String AuthenticationManager::getPegasusAuthResponseHeader( |
| ( |
|
| const String& authHeader, | const String& authHeader, |
| AuthenticationInfo* authInfo |
AuthenticationInfo* authInfo) |
| ) |
|
| { | { |
| PEG_METHOD_ENTER( |
PEG_METHOD_ENTER(TRC_AUTHENTICATION, |
| TRC_AUTHENTICATION, "AuthenticationManager::getPegasusAuthResponseHeader()"); |
"AuthenticationManager::getPegasusAuthResponseHeader()"); |
| | |
| String respHeader = String::EMPTY; |
String respHeader; |
| | |
| String authType = String::EMPTY; |
String authType; |
| String userName = String::EMPTY; |
String userName; |
| String cookie = String::EMPTY; |
String cookie; |
| | |
| // | // |
| // Parse the pegasus authentication header authentication information | // Parse the pegasus authentication header authentication information |
|
|
|
| if ( !_parseLocalAuthHeader(authHeader, authType, userName, cookie) ) | if ( !_parseLocalAuthHeader(authHeader, authType, userName, cookie) ) |
| { | { |
| PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
| return (respHeader); |
return respHeader; |
| } | } |
| | |
| // | // |
|
|
|
| if ( String::equal(userName, String::EMPTY) ) | if ( String::equal(userName, String::EMPTY) ) |
| { | { |
| PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
| return (respHeader); |
return respHeader; |
| } | } |
| | |
| respHeader = | respHeader = |
|
|
|
| | |
| PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
| | |
| return (respHeader); |
return respHeader; |
| | |
| } | } |
| | |
|
|
|
| // Get HTTP authentication response header | // Get HTTP authentication response header |
| // | // |
| #ifdef PEGASUS_KERBEROS_AUTHENTICATION | #ifdef PEGASUS_KERBEROS_AUTHENTICATION |
| String AuthenticationManager::getHttpAuthResponseHeader( AuthenticationInfo* authInfo ) |
String AuthenticationManager::getHttpAuthResponseHeader( |
| |
AuthenticationInfo* authInfo) |
| #else | #else |
| String AuthenticationManager::getHttpAuthResponseHeader() | String AuthenticationManager::getHttpAuthResponseHeader() |
| #endif | #endif |
| { | { |
| PEG_METHOD_ENTER( |
PEG_METHOD_ENTER(TRC_AUTHENTICATION, |
| TRC_AUTHENTICATION, "AuthenticationManager::getHttpAuthResponseHeader()"); |
"AuthenticationManager::getHttpAuthResponseHeader()"); |
| | |
| #ifdef PEGASUS_KERBEROS_AUTHENTICATION | #ifdef PEGASUS_KERBEROS_AUTHENTICATION |
| String respHeader = _httpAuthHandler->getAuthResponseHeader( | String respHeader = _httpAuthHandler->getAuthResponseHeader( |
|
|
|
| | |
| PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
| | |
| return (respHeader); |
return respHeader; |
| } | } |
| | |
| // | // |
|
|
|
| { | { |
| handler.reset(0); | handler.reset(0); |
| } | } |
| // L10N TODO DONE |
|
| //Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
|
| //"CIMOM server authentication handler for Kerberos failed to initialize properly. The CIMOM server is not started."); |
|
| Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, | Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
| "Security.Authentication.AuthenticationManager.AUTHENTICATION_HANDLER_KERBEROS_FAILED_TO_INITIALIZE", |
"Security.Authentication.AuthenticationManager." |
| "CIMOM server authentication handler for Kerberos failed to initialize properly. The CIMOM server is not started."); |
"AUTHENTICATION_HANDLER_KERBEROS_FAILED_TO_INITIALIZE", |
| // end the server because Kerberos could not initialized. |
"CIMOM server authentication handler for Kerberos failed to " |
| MessageLoaderParms parms( "Security.Authentication.AuthenticationManager.AUTHENTICATION_HANDLER_KERBEROS_FAILED_TO_INITIALIZE", |
"initialize properly."); |
| "CIMOM server authentication handler for Kerberos failed to initialize properly. The CIMOM server is not started."); |
MessageLoaderParms parms( |
| |
"Security.Authentication.AuthenticationManager." |
| |
"AUTHENTICATION_HANDLER_KERBEROS_FAILED_TO_INITIALIZE", |
| |
"CIMOM server authentication handler for Kerberos failed to " |
| |
"initialize properly."); |
| throw Exception(parms); | throw Exception(parms); |
| } | } |
| } | } |
Return to
AuthenticationManager.cpp
CVS log
Up to [Pegasus] / pegasus / src / Pegasus / Security / Authentication