version 1.11, 2004/03/23 03:06:31
|
version 1.20, 2006/08/09 21:13:04
|
|
|
//%2003//////////////////////////////////////////////////////////////////////// |
//%2006//////////////////////////////////////////////////////////////////////// |
// | // |
// Copyright (c) 2000, 2001, 2002 BMC Software, Hewlett-Packard Development |
// Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development |
// Company, L. P., IBM Corp., The Open Group, Tivoli Systems. |
// Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems. |
// Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L. P.; | // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L. P.; |
// IBM Corp.; EMC Corporation, The Open Group. | // IBM Corp.; EMC Corporation, The Open Group. |
|
// Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.; |
|
// IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group. |
|
// Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.; |
|
// EMC Corporation; VERITAS Software Corporation; The Open Group. |
|
// Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.; |
|
// EMC Corporation; Symantec Corporation; The Open Group. |
// | // |
// Permission is hereby granted, free of charge, to any person obtaining a copy | // Permission is hereby granted, free of charge, to any person obtaining a copy |
// of this software and associated documentation files (the "Software"), to | // of this software and associated documentation files (the "Software"), to |
|
|
#define Pegasus_PAMBasicAuthenticator_h | #define Pegasus_PAMBasicAuthenticator_h |
| |
#include <Pegasus/Common/Config.h> | #include <Pegasus/Common/Config.h> |
#include <Pegasus/Common/IPC.h> |
#include <Pegasus/Common/Mutex.h> |
#include "BasicAuthenticator.h" | #include "BasicAuthenticator.h" |
| |
| |
|
|
const String& userName, | const String& userName, |
const String& password); | const String& password); |
| |
private: |
/** Verify PAM account management for the requesting user. |
/** |
@param userName String containing the user name |
A mutex to serialize authentication calls. |
@return true on successful authentication, false otherwise |
*/ | */ |
static Mutex _authSerializeMutex; |
Boolean validateUser(const String& userName); |
| |
|
private: |
String _realm; | String _realm; |
| |
|
// Indicates that an authentication operation must be performed. |
|
static const String OPERATION_PAM_AUTHENTICATION; |
|
|
|
// Indicates that an account management operation must be performed. |
|
static const String OPERATION_PAM_ACCT_MGMT; |
|
|
|
// Indicates that authentication/account management operation was successful. |
|
static const String PAM_OPERATION_SUCCESS; |
|
|
|
#if defined(PEGASUS_HAS_SIGNALS) |
|
/** |
|
Process ID of the active Provider Agent. |
|
*/ |
|
pid_t _pid; |
|
#endif |
|
|
Boolean _authenticateByPAM( | Boolean _authenticateByPAM( |
const String& userName, | const String& userName, |
const String& password); | const String& password); |
| |
void _createPAMStandalone(); | void _createPAMStandalone(); |
|
|
|
// |
|
// Indicates the status of a write operation. |
|
// |
|
enum _Status |
|
{ |
|
BROKEN_CONNECTION, // If the conntection is broken |
|
OTHER_ERROR, // Any other error |
|
SUCCESS |
|
}; |
|
|
|
// |
|
// Sends a text string to the Stand Alone PAM Process. |
|
// @param text String to be sent |
|
// @return the status of the write operation |
|
// |
|
// |
|
_Status _writeString(const String& text); |
|
|
|
// |
|
// Read a response string from the Stand Alone Process. |
|
// @return reply from the PAM process |
|
// |
|
String _readString(); |
|
|
|
// |
|
// Restarts PAM Stand Alone Process |
|
// |
|
void _restartProcess(void); |
}; | }; |
| |
#endif /* if defined(PEGASUS_USE_PAM_STANDALONE_PROC) */ | #endif /* if defined(PEGASUS_USE_PAM_STANDALONE_PROC) */ |
|
|
const String& userName, | const String& userName, |
const String& password); | const String& password); |
| |
|
/** Verify whether the user is valid. |
|
@param userName String containing the user name |
|
@return true on successful validation, false otherwise |
|
*/ |
|
Boolean validateUser( const String& userName); |
|
|
/** Construct and return the HTTP Basic authentication challenge header | /** Construct and return the HTTP Basic authentication challenge header |
@return A string containing the authentication challenge header. | @return A string containing the authentication challenge header. |
*/ | */ |
|
|
@param num_msg int containing the message count | @param num_msg int containing the message count |
@param msg pointer to a pam_message structure | @param msg pointer to a pam_message structure |
@param resp pointer to a pam_respone structure | @param resp pointer to a pam_respone structure |
@param appdata_prt application data pointer |
@param appdata_ptr application data pointer |
@return PAM_SUCCESS on successful execution, a PAM error code otherwise | @return PAM_SUCCESS on successful execution, a PAM error code otherwise |
*/ | */ |
static Sint32 PAMCallback( | static Sint32 PAMCallback( |
|
|
struct pam_response **resp, | struct pam_response **resp, |
void *appdata_ptr); | void *appdata_ptr); |
| |
|
/** PAM AcctMgmt Call back function, the pointer to this function |
|
is passed to the PAM module. |
|
|
|
@param num_msg int containing the message count |
|
@param msg pointer to a pam_message structure |
|
@param resp pointer to a pam_respone structure |
|
@param appdata_ptr application data pointer |
|
|
|
@return PAM_SUCCESS on successful execution, a PAM error code otherwise |
|
*/ |
|
static Sint32 pamValidateUserCallback( |
|
Sint32 num_msg, |
|
#if defined (PEGASUS_OS_LINUX) |
|
|
|
const struct pam_message **msg, |
|
#else |
|
struct pam_message **msg, |
|
#endif |
|
struct pam_response **resp, |
|
void *appdata_ptr); |
|
|
private: | private: |
/** | /** |
A mutex to serialize authentication calls. | A mutex to serialize authentication calls. |
|
|
const String& userName, | const String& userName, |
const String& password); | const String& password); |
| |
#if defined (PEGASUS_OS_HPUX) || defined (PEGASUS_PLATFORM_LINUX_GENERIC_GNU) |
#if defined(PEGASUS_USE_PAM_STANDALONE_PROC) |
Boolean _usePAM; |
PAMBasicAuthenticatorStandAlone _pamBasicAuthenticatorStandAlone; |
|
|
Boolean _authenticateByPwnam( |
|
const char* userName, |
|
const String& password); |
|
|
|
PAMBasicAuthenticatorStandAlone* _pamBasicAuthenticatorStandAlone; |
|
#endif | #endif |
|
|
}; | }; |
| |
| |