pegasus/src/Pegasus/Security/Authentication/AuthenticationManager.h - view

Return to AuthenticationManager.h CVS log

Up to [Pegasus] / pegasus / src / Pegasus / Security / Authentication

File: [Pegasus] / pegasus / src / Pegasus / Security / Authentication / AuthenticationManager.h (download)
Revision: 1.13, Wed Nov 8 12:41:28 2006 UTC (17 years, 7 months ago) by marek
Branch: MAIN
CVS Tags: TASK-PEP291_IPV6-root, TASK-PEP291_IPV6-branch, TASK-PEP286_PRIVILEGE_SEPARATION-root, TASK-PEP286_PRIVILEGE_SEPARATION-branch, TASK-PEP274_dacim-root, TASK-PEP274_dacim-merged_out_to_branch, TASK-PEP274_dacim-merged_out_from_trunk, TASK-PEP274_dacim-merged_in_to_trunk, TASK-PEP274_dacim-merged_in_from_branch, TASK-PEP274_dacim-branch, TASK-Bug2102_RCMPIWindows-root, TASK-Bug2102_RCMPIWindows-merged_out_to_branch, TASK-Bug2102_RCMPIWindows-merged_out_from_trunk, TASK-Bug2102_RCMPIWindows-merged_in_to_trunk, TASK-Bug2102_RCMPIWindows-merged_in_from_branch, TASK-Bug2102_RCMPIWindows-branch, TASK-Bug2102Final-root, TASK-Bug2102Final-merged_out_to_branch, TASK-Bug2102Final-merged_out_from_trunk, TASK-Bug2102Final-merged_in_to_trunk, TASK-Bug2102Final-merged_in_from_branch, TASK-Bug2102Final-branch, TASK-BUG7240-root, TASK-BUG7240-branch, RELEASE_2_6_3-RC2, RELEASE_2_6_3-RC1, RELEASE_2_6_3, RELEASE_2_6_2-RC1, RELEASE_2_6_2, RELEASE_2_6_1-RC1, RELEASE_2_6_1, RELEASE_2_6_0-RC1, RELEASE_2_6_0-FC, RELEASE_2_6_0, RELEASE_2_6-root, RELEASE_2_6-branch-clean, RELEASE_2_6-branch, PEP286_PRIVILEGE_SEPARATION_ROOT, PEP286_PRIVILEGE_SEPARATION_1
Branch point for: PEP286_PRIVILEGE_SEPARATION_BRANCH
Changes since 1.12: +3 -5 lines

BUG#:5821
TITLE: Check enableRemotePrivilegedUserAccess before/at authentication

DESCRIPTION:

//%2006////////////////////////////////////////////////////////////////////////
//
// Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
// Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
// Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
// IBM Corp.; EMC Corporation, The Open Group.
// Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
// IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
// Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.;
// EMC Corporation; VERITAS Software Corporation; The Open Group.
// Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.;
// EMC Corporation; Symantec Corporation; The Open Group.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to
// deal in the Software without restriction, including without limitation the
// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
// sell copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
// 
// THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
// ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
// "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
// LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
// PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
// HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
// ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
//==============================================================================
//
//%/////////////////////////////////////////////////////////////////////////////

#ifndef Pegasus_AuthenticationManager_h
#define Pegasus_AuthenticationManager_h

#include <Pegasus/Common/Config.h>

#include "Authenticator.h"

#include <Pegasus/Security/Authentication/Linkage.h>

#ifdef PEGASUS_KERBEROS_AUTHENTICATION
#include <Pegasus/Common/AuthenticationInfo.h>
#endif

PEGASUS_NAMESPACE_BEGIN

/** This class implements the HTTP authentication and Pegasus Local 
    authentication mecahnism. It provides methods to perform authentication
    and to generate authentication challenge headers.
*/

class PEGASUS_SECURITY_LINKAGE AuthenticationManager
{
public:

    /**Constructor */
    AuthenticationManager();

    /**Destructor */
    ~AuthenticationManager();

    /** Authenticates the requests from HTTP connections.
        @param authHeader String containing the Authorization header
        @param authInfo Reference to AuthenticationInfo object that holds the
        authentication information for the given connection.
        @return true on successful authentication, false otherwise
    */
    Boolean performHttpAuthentication(
        const String& authHeader,
        AuthenticationInfo* authInfo);

    /** Authenticates the requests from Local connections.
        @param authHeader String containing the Authorization header
        @param authInfo Reference to AuthenticationInfo object that holds the
        authentication information for the given connection.
        @return true on successful authentication, false otherwise
    */
    Boolean performPegasusAuthentication(
        const String& authHeader,
        AuthenticationInfo* authInfo);

    /** Validates whether the user is a valid user for requests
        from HTTP connections.
        @param  userName  name of the user
        @return true on successful validation, false otherwise
    */
    Boolean validateUserForHttpAuth (const String& userName);

    /** Constructs the Pegasus Local authentication challenge header.
        @param authHeader String containing the Authorization header
        @param authInfo reference to AuthenticationInfo object that holds the
        authentication information for the given connection.
        @return String containing the authentication challenge
    */
    String getPegasusAuthResponseHeader(
        const String& authHeader,
        AuthenticationInfo* authInfo);

    /** Constructs the HTTP authentication challenge header.
        @return String containing the authentication challenge
    */
#ifdef PEGASUS_KERBEROS_AUTHENTICATION
    String AuthenticationManager::getHttpAuthResponseHeader(
	AuthenticationInfo* authInfo = 0);
#else
    String getHttpAuthResponseHeader();
#endif

    static Boolean isRemotePrivilegedUserAccessAllowed(
        String & userName);

private:

    Boolean _parseLocalAuthHeader(
        const String& authHeader, 
        String& authType, 
        String& userName, 
        String& cookie);

    Boolean _parseHttpAuthHeader(
        const String& authHeader, 
        String& authType, 
        String& cookie);

    Authenticator* _getLocalAuthHandler();

    Authenticator* _getHttpAuthHandler();

    Authenticator* _localAuthHandler;
    Authenticator* _httpAuthHandler;
    String         _httpAuthType;

};

PEGASUS_NAMESPACE_END

#endif /* Pegasus_AuthenticationManager_h */

No CVS admin address has been configured