pegasus/src/Pegasus/Security/Authentication/LocalAuthenticationHandler.cpp - diff

Return to LocalAuthenticationHandler.cpp CVS log

Up to [Pegasus] / pegasus / src / Pegasus / Security / Authentication

Diff for /pegasus/src/Pegasus/Security/Authentication/LocalAuthenticationHandler.cpp between version 1.14.2.1 and 1.18

version 1.14.2.1, 2007/04/03 19:01:45

version 1.18, 2007/03/02 19:00:44

Line 29

//==============================================================================

// Author: Nag Boranna, Hewlett-Packard Company(nagaraja_boranna@hp.com)

// Modified By: Josephine Eskaline Joyce (jojustin@in.ibm.com) for PEP#101

// Sushma Fernandes, Hewlett-Packard Company(sushma_fernandes@hp.com)

//%/////////////////////////////////////////////////////////////////////////////

#include <Pegasus/Common/AuditLogger.h>

#include <Pegasus/Common/Logger.h>

#include <Pegasus/Common/Tracer.h>

#include "SecureLocalAuthenticator.h"

#include "LocalAuthenticationHandler.h"

#ifdef PEGASUS_ZOS_SECURITY

// This include file will not be provided in the OpenGroup CVS for now.

// Do NOT try to include it in your compile

#include <Pegasus/Common/safCheckzOS_inline.h>

#endif

PEGASUS_USING_STD;

Line 73

Line 74

PEG_METHOD_ENTER(TRC_AUTHENTICATION,

"LocalAuthenticationHandler::authenticate()");

Boolean authenticated = false;

// Look for ':' seperator

Uint32 colon1 = authHeader.find(':');

if ( colon1 == PEG_NOT_FOUND )

{

PEG_METHOD_EXIT();

return false;

return ( authenticated );

}

String userName = authHeader.subString(0, colon1);

Line 105

Line 108

}

// Check if the authentication information is present

if (secretReceived.size() == 0 || userName.size() == 0)

{

PEG_METHOD_EXIT();

return false;

}

String authenticatedUsername = authInfo->getAuthenticatedUser();

// If this connection has been previously authenticated then ensure

// the username passed with the current request matches the

// username previously authenticated.

if (authenticatedUsername.size() != 0 &&

userName != authenticatedUsername)

{

PEG_METHOD_EXIT();

return false;

}

// Check if the user is a valid system user

if ( !System::isSystemUser( userName.getCString() ) )

{

PEG_METHOD_EXIT();

return false;

return (authenticated);

}

// Check if the user is authorized to CIMSERV

#ifdef PEGASUS_ZOS_SECURITY

if ( !CheckProfileCIMSERVclassWBEM(userName, __READ_RESOURCE) )

{

Logger::put_l(Logger::TRACE_LOG, ZOS_SECURITY_NAME, Logger::WARNING,

"Security.Authentication.LocalAuthenticationHandler"

".NOREAD_CIMSERV_ACCESS.PEGASUS_OS_ZOS",

"Request UserID $0 doesn't have READ permission to profile CIMSERV CL(WBEM).",

userName);

return (authenticated);

}

#endif

Boolean authenticated = _localAuthenticator->authenticate(filePath,

// it is not necessary to check remote privileged user access local

secretReceived, authInfo->getAuthChallenge());

// set the flag to "check done"

authInfo->setRemotePrivilegedUserAccessChecked();

authenticated = _localAuthenticator->authenticate(filePath,

secretReceived, authInfo->getLocalAuthSecret());

PEG_AUDIT_LOG(logLocalAuthentication(

userName,

authenticated));

if (authenticated)

{

Line 162

Line 163

PEG_METHOD_ENTER(TRC_AUTHENTICATION,

"LocalAuthenticationHandler::getAuthResponseHeader()");

String challenge = String::EMPTY;

String secret;

String authResp = String::EMPTY;

String authResp;

// Check if the user is a valid system user

Line 174

Line 175

return ( authResp );

}

authResp = _localAuthenticator->getAuthResponseHeader(authType, userName, challenge);

authResp = _localAuthenticator->getAuthResponseHeader(authType, userName, secret);

authInfo->setAuthChallenge(challenge);

authInfo->setLocalAuthSecret(secret);

PEG_METHOD_EXIT();

Legend:

Removed from v.1.14.2.1
changed lines
	Added in v.1.18

No CVS admin address has been configured