pegasus/src/Pegasus/Security/Authentication/AuthenticationManager.cpp - diff

Return to AuthenticationManager.cpp CVS log

Up to [Pegasus] / pegasus / src / Pegasus / Security / Authentication

Diff for /pegasus/src/Pegasus/Security/Authentication/AuthenticationManager.cpp between version 1.23.2.1 and 1.27

version 1.23.2.1, 2007/04/03 19:01:45

version 1.27, 2007/03/16 17:16:58

Line 29

//==============================================================================

// Author: Nag Boranna, Hewlett-Packard Company(nagaraja_boranna@hp.com)

// Modified By: Dave Rosckes (rosckes@us.ibm.com)

// Josephine Eskaline Joyce (jojustin@in.ibm.com) for PEP#101

// Sushma Fernandes, Hewlett-Packard Company(sushma_fernandes@hp.com)

//%/////////////////////////////////////////////////////////////////////////////

#include <Pegasus/Common/System.h>

Line 88

Line 82

// delete authentication handlers

if ( _localAuthHandler )

{

delete _localAuthHandler;

}

if ( _httpAuthHandler )

{

delete _httpAuthHandler;

}

PEG_METHOD_EXIT();

}

Boolean AuthenticationManager::isRemotePrivilegedUserAccessAllowed(

String & userName)

{

// Reject access if the user is privileged and remote privileged user

// access is not enabled.

if (!ConfigManager::parseBooleanValue(ConfigManager::getInstance()->

getCurrentValue("enableRemotePrivilegedUserAccess"))

&& System::isPrivilegedUser(userName))

{

PEG_TRACE((TRC_AUTHENTICATION, Tracer::LEVEL2,

"Authentication failed for user '%s' because "

"enableRemotePrivilegedUserAccess is not set to 'true'.",

(const char*) userName.getCString()));

Logger::put_l(

Logger::STANDARD_LOG, System::CIMSERVER, Logger::INFORMATION,

"Security.Authentication.BasicAuthenticationHandler."

"PRIVILEGED_ACCESS_DISABLED",

"Authentication failed for user '$0' because "

"enableRemotePrivilegedUserAccess is not set to 'true'.",

userName);

return false;

}

return true;

}

// Perform http authentication

Line 150

Line 165

if ( authenticated )

{

authInfo->setAuthStatus(AuthenticationInfoRep::AUTHENTICATED);

authInfo->setAuthType(authType);

}

Line 177

Line 194

String cookie = String::EMPTY;

Logger::put(Logger::STANDARD_LOG, System::CIMSERVER, Logger::TRACE,

"AuthenticationManager:: performPegasusAuthentication "

"AuthenticationManager:: performPegasusAuthentication - Authority Header: $0",

"- Authority Header: $0", authHeader);

authHeader);

// Parse the pegasus authentication header authentication information

Line 189

Line 206

return false;

}

if ( String::equalNoCase(authType, "Local") )

// Note: Pegasus LocalPrivileged authentication is not being used, but the

// code is kept here so that we can use it in the future if needed.

#if defined(PEGASUS_LOCAL_PRIVILEGED_AUTHENTICATION)

if ( String::equalNoCase(authType, "LocalPrivileged") )

{

if (authInfo->isAuthenticated() && authInfo->isPrivileged() &&

if (authInfo->isAuthenticated() &&

String::equal(userName, authInfo->getAuthenticatedUser()))

{

PEG_METHOD_EXIT();

return true;

}

#endif

else

{

PEG_METHOD_EXIT();

return false;

}

// The HTTPAuthenticatorDelegator ensures only local authentication

// requests get here.

// Check if the authentication information is present

PEGASUS_ASSERT(authType == "Local");

if ( String::equal(cookie, String::EMPTY) )

{

PEG_METHOD_EXIT();

return false;

}

authenticated =

_localAuthHandler->authenticate(cookie, authInfo);

if ( authenticated )

{

#if defined(PEGASUS_LOCAL_PRIVILEGED_AUTHENTICATION)

authInfo->setAuthStatus(AuthenticationInfoRep::AUTHENTICATED);

if ( String::equal(authType, "LocalPrivileged") )

{

authInfo->setPrivileged(true);

}

else

{

authInfo->setPrivileged(false);

}

#endif

authInfo->setAuthType(authType);

}

Legend:

Removed from v.1.23.2.1
changed lines
	Added in v.1.27

No CVS admin address has been configured