|
version 1.1.2.1, 2001/10/06 00:33:10
|
version 1.13, 2007/05/25 18:35:18
|
|
|
|
| //%///////////////////////////////////////////////////////////////////////////// |
//%2006//////////////////////////////////////////////////////////////////////// |
| // |
|
| // Copyright (c) 2000, 2001 BMC Software, Hewlett-Packard Company, IBM, |
|
| // The Open Group, Tivoli Systems |
|
| // | // |
| // Permission is hereby granted, free of charge, to any person obtaining a |
// Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development |
| // copy of this software and associated documentation files (the "Software"), |
// Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems. |
| // to deal in the Software without restriction, including without limitation |
// Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.; |
| // the rights to use, copy, modify, merge, publish, distribute, sublicense, |
// IBM Corp.; EMC Corporation, The Open Group. |
| // and/or sell copies of the Software, and to permit persons to whom the |
// Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.; |
| // Software is furnished to do so, subject to the following conditions: |
// IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group. |
| // |
// Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.; |
| // The above copyright notice and this permission notice shall be included in |
// EMC Corporation; VERITAS Software Corporation; The Open Group. |
| // all copies of substantial portions of this software. |
// Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.; |
| // |
// EMC Corporation; Symantec Corporation; The Open Group. |
| // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
// |
| // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
// Permission is hereby granted, free of charge, to any person obtaining a copy |
| // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL |
// of this software and associated documentation files (the "Software"), to |
| // THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
// deal in the Software without restriction, including without limitation the |
| // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING |
// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or |
| // FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER |
// sell copies of the Software, and to permit persons to whom the Software is |
| // DEALINGS IN THE SOFTWARE. |
// furnished to do so, subject to the following conditions: |
| |
// |
| |
// THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN |
| |
// ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED |
| |
// "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT |
| |
// LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR |
| |
// PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT |
| |
// HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN |
| |
// ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION |
| |
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
| // | // |
| //============================================================================== | //============================================================================== |
| // | // |
| // Author: Nag Boranna, Hewlett-Packard Company(nagaraja_boranna@hp.com) |
|
| // |
|
| // Modified By: |
|
| // |
|
| //%///////////////////////////////////////////////////////////////////////////// | //%///////////////////////////////////////////////////////////////////////////// |
| | |
| | |
| #include <Pegasus/Security/Authentication/LocalAuthFile.h> |
#include <Pegasus/Common/FileSystem.h> |
| |
#include <Pegasus/Common/Tracer.h> |
| |
#include <Pegasus/Common/Executor.h> |
| |
#include <Executor/Strlcpy.h> |
| |
|
| |
#include "LocalAuthFile.h" |
| #include "SecureLocalAuthenticator.h" | #include "SecureLocalAuthenticator.h" |
| | |
| |
PEGASUS_USING_STD; |
| |
|
| PEGASUS_NAMESPACE_BEGIN | PEGASUS_NAMESPACE_BEGIN |
| | |
| | |
| |
/** |
| |
Constant representing the pegasus authentication challenge header. |
| |
*/ |
| |
static const String PEGASUS_CHALLENGE_HEADER = "WWW-Authenticate: "; |
| |
|
| |
|
| /* constructor. */ | /* constructor. */ |
| SecureLocalAuthenticator::SecureLocalAuthenticator() | SecureLocalAuthenticator::SecureLocalAuthenticator() |
| { | { |
| |
PEG_METHOD_ENTER(TRC_AUTHENTICATION, |
| |
"SecureLocalAuthenticator::SecureLocalAuthenticator()"); |
| |
|
| |
PEG_METHOD_EXIT(); |
| | |
| } | } |
| | |
| /* destructor. */ | /* destructor. */ |
| SecureLocalAuthenticator::~SecureLocalAuthenticator() | SecureLocalAuthenticator::~SecureLocalAuthenticator() |
| { | { |
| |
PEG_METHOD_ENTER(TRC_AUTHENTICATION, |
| |
"SecureLocalAuthenticator::~SecureLocalAuthenticator()"); |
| | |
| } |
PEG_METHOD_EXIT(); |
| | |
| Boolean SecureLocalAuthenticator::authenticate(String userName, String password) |
|
| { |
|
| // not supported for local authentication, so return false. |
|
| return (false); |
|
| } | } |
| | |
| // | // |
| // Does local authentication | // Does local authentication |
| // | // |
| Boolean SecureLocalAuthenticator::authenticate |
Boolean SecureLocalAuthenticator::authenticate( |
| ( |
const String& filePath, |
| String userName, |
const String& secretReceived, |
| String secretReceived, |
const String& secretKept) |
| String secretKept |
|
| ) |
|
| { | { |
| |
PEG_METHOD_ENTER(TRC_AUTHENTICATION, |
| |
"SecureLocalAuthenticator::authenticate()"); |
| |
|
| Boolean authenticated = false; | Boolean authenticated = false; |
| | |
| if ((!String::equal(secretReceived, String::EMPTY)) && |
// Use executor, if present. |
| (!String::equal(secretKept, String::EMPTY))) |
|
| |
if (Executor::detectExecutor() == 0) |
| { | { |
| if (String::equal(secretKept, secretReceived)) |
if (!String::equal(secretKept, String::EMPTY) && |
| |
String::equal(secretKept, secretReceived)) |
| { | { |
| authenticated = true; | authenticated = true; |
| } | } |
| |
else if (Executor::authenticateLocal( |
| |
(const char*)filePath.getCString(), |
| |
(const char*)secretReceived.getCString()) == 0) |
| |
{ |
| |
authenticated = true; |
| |
} |
| |
} |
| |
else |
| |
{ |
| |
// Check secret. |
| |
|
| |
if (!String::equal(secretKept, String::EMPTY) && |
| |
String::equal(secretKept, secretReceived)) |
| |
{ |
| |
authenticated = true; |
| |
} |
| |
|
| |
// Remove the auth file created for this user request |
| |
|
| |
if (filePath.size()) |
| |
{ |
| |
if (FileSystem::exists(filePath)) |
| |
{ |
| |
FileSystem::removeFile(filePath); |
| |
} |
| } | } |
| |
} |
| |
|
| |
PEG_METHOD_EXIT(); |
| |
|
| |
return authenticated; |
| |
} |
| |
|
| |
Boolean SecureLocalAuthenticator::validateUser (const String& userName) |
| |
{ |
| |
PEG_METHOD_ENTER(TRC_AUTHENTICATION, |
| |
"SecureLocalAuthenticator::validateUser()"); |
| |
|
| |
Boolean authenticated = false; |
| | |
| // ATTN: Delete the authentication secret file |
if (System::isSystemUser(userName.getCString())) |
| //if (!localAuthFile.deleteFile()) |
{ |
| //{ |
authenticated = true; |
| //} |
} |
| | |
| |
PEG_METHOD_EXIT(); |
| return (authenticated); | return (authenticated); |
| } | } |
| | |
|
|
|
| // Create authentication response header | // Create authentication response header |
| // | // |
| String SecureLocalAuthenticator::getAuthResponseHeader( | String SecureLocalAuthenticator::getAuthResponseHeader( |
| String userName, |
const String& authType, |
| String& challenge) |
const String& userName, |
| |
String& filePath, |
| |
String& secret) |
| { | { |
| String responseHeader = String::EMPTY; |
PEG_METHOD_ENTER(TRC_AUTHENTICATION, |
| |
"SecureLocalAuthenticator::getAuthResponseHeader()"); |
| | |
| // |
String responseHeader = PEGASUS_CHALLENGE_HEADER; |
| |
responseHeader.append(authType); |
| |
responseHeader.append(" \""); |
| |
|
| |
// Use executor, if present. |
| |
|
| |
if (Executor::detectExecutor() == 0) |
| |
{ |
| |
char filePathBuffer[EXECUTOR_BUFFER_SIZE]; |
| |
|
| |
if (Executor::challengeLocal( |
| |
userName.getCString(), filePathBuffer) != 0) |
| |
{ |
| |
throw CannotOpenFile(filePathBuffer); |
| |
} |
| |
filePath = filePathBuffer; |
| |
secret.clear(); |
| |
|
| |
responseHeader.append(filePath); |
| |
responseHeader.append("\""); |
| |
} |
| |
else |
| |
{ |
| // create a file using user name and write a random number in it. | // create a file using user name and write a random number in it. |
| // |
|
| LocalAuthFile localAuthFile(userName); | LocalAuthFile localAuthFile(userName); |
| String filePath = localAuthFile.create(); |
filePath = localAuthFile.create(); |
| | |
| // | // |
| // get the challenge string |
// get the secret string |
| // | // |
| challenge = localAuthFile.getChallengeString(); |
secret = localAuthFile.getSecretString(); |
| | |
| // |
|
| // build response header with file path and challenge string. | // build response header with file path and challenge string. |
| // |
responseHeader.append(filePath); |
| responseHeader.assign(filePath); |
responseHeader.append("\""); |
| |
|
| return (responseHeader); |
|
| } | } |
| | |
| |
PEG_METHOD_EXIT(); |
| |
|
| |
return responseHeader; |
| |
} |
| | |
| PEGASUS_NAMESPACE_END | PEGASUS_NAMESPACE_END |
Return to
SecureLocalAuthenticator.cpp
CVS log
Up to [Pegasus] / pegasus / src / Pegasus / Security / Authentication