version 1.10, 2005/07/12 18:05:09
|
version 1.20, 2013/06/05 14:09:26
|
|
|
//%2005//////////////////////////////////////////////////////////////////////// |
//%LICENSE//////////////////////////////////////////////////////////////// |
// | // |
// Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development |
// Licensed to The Open Group (TOG) under one or more contributor license |
// Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems. |
// agreements. Refer to the OpenPegasusNOTICE.txt file distributed with |
// Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.; |
// this work for additional information regarding copyright ownership. |
// IBM Corp.; EMC Corporation, The Open Group. |
// Each contributor licenses this file to you under the OpenPegasus Open |
// Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.; |
// Source License; you may not use this file except in compliance with the |
// IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group. |
// License. |
// Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.; |
// |
// EMC Corporation; VERITAS Software Corporation; The Open Group. |
// Permission is hereby granted, free of charge, to any person obtaining a |
// |
// copy of this software and associated documentation files (the "Software"), |
// Permission is hereby granted, free of charge, to any person obtaining a copy |
// to deal in the Software without restriction, including without limitation |
// of this software and associated documentation files (the "Software"), to |
// the rights to use, copy, modify, merge, publish, distribute, sublicense, |
// deal in the Software without restriction, including without limitation the |
// and/or sell copies of the Software, and to permit persons to whom the |
// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or |
// Software is furnished to do so, subject to the following conditions: |
// sell copies of the Software, and to permit persons to whom the Software is |
// |
// furnished to do so, subject to the following conditions: |
// The above copyright notice and this permission notice shall be included |
// |
// in all copies or substantial portions of the Software. |
// THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN |
// |
// ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED |
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS |
// "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT |
// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF |
// LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR |
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. |
// PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT |
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY |
// HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN |
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, |
// ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION |
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE |
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
// | // |
//============================================================================== |
////////////////////////////////////////////////////////////////////////// |
// |
|
// Author: Nag Boranna, Hewlett-Packard Company(nagaraja_boranna@hp.com) |
|
// |
|
// Modified By: |
|
// | // |
//%///////////////////////////////////////////////////////////////////////////// | //%///////////////////////////////////////////////////////////////////////////// |
| |
| |
#include <Pegasus/Common/FileSystem.h> | #include <Pegasus/Common/FileSystem.h> |
#include <Pegasus/Common/Tracer.h> | #include <Pegasus/Common/Tracer.h> |
|
#include <Pegasus/Common/Executor.h> |
| |
#include "LocalAuthFile.h" | #include "LocalAuthFile.h" |
#include "SecureLocalAuthenticator.h" | #include "SecureLocalAuthenticator.h" |
|
|
// | // |
// Does local authentication | // Does local authentication |
// | // |
Boolean SecureLocalAuthenticator::authenticate |
AuthenticationStatus SecureLocalAuthenticator::authenticate( |
( |
|
const String& filePath, | const String& filePath, |
const String& secretReceived, | const String& secretReceived, |
const String& secretKept |
const String& secretKept) |
) |
|
{ | { |
PEG_METHOD_ENTER(TRC_AUTHENTICATION, | PEG_METHOD_ENTER(TRC_AUTHENTICATION, |
"SecureLocalAuthenticator::authenticate()"); | "SecureLocalAuthenticator::authenticate()"); |
| |
Boolean authenticated = false; | Boolean authenticated = false; |
| |
|
// Use executor, if present. |
| |
if ((!String::equal(secretReceived, String::EMPTY)) && |
if (Executor::detectExecutor() == 0) |
(!String::equal(secretKept, String::EMPTY))) |
{ |
|
if (!String::equal(secretKept, String::EMPTY) && |
|
String::equal(secretKept, secretReceived)) |
{ | { |
if (String::equal(secretKept, secretReceived)) |
authenticated = true; |
|
} |
|
else if (Executor::authenticateLocal( |
|
(const char*)filePath.getCString(), |
|
(const char*)secretReceived.getCString()) == 0) |
{ | { |
authenticated = true; | authenticated = true; |
} | } |
} | } |
|
else |
|
{ |
|
// Check secret. |
|
|
|
if (!String::equal(secretKept, String::EMPTY) && |
|
String::equal(secretKept, secretReceived)) |
|
{ |
|
authenticated = true; |
|
} |
|
|
|
// Remove the auth file created for this user request |
| |
// |
|
// remove the auth file created for this user request |
|
// |
|
if (filePath.size()) | if (filePath.size()) |
{ | { |
if (FileSystem::exists(filePath)) | if (FileSystem::exists(filePath)) |
|
|
FileSystem::removeFile(filePath); | FileSystem::removeFile(filePath); |
} | } |
} | } |
|
} |
| |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
| |
return (authenticated); |
return AuthenticationStatus(authenticated); |
} | } |
| |
|
AuthenticationStatus SecureLocalAuthenticator::validateUser( |
Boolean SecureLocalAuthenticator::validateUser (const String& userName) |
const String& userName, |
|
AuthenticationInfo* authInfo) |
{ | { |
PEG_METHOD_ENTER(TRC_AUTHENTICATION, | PEG_METHOD_ENTER(TRC_AUTHENTICATION, |
"SecureLocalAuthenticator::validateUser()"); | "SecureLocalAuthenticator::validateUser()"); |
|
|
} | } |
| |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
return (authenticated); |
return AuthenticationStatus(authenticated); |
} | } |
| |
// | // |
|
|
String SecureLocalAuthenticator::getAuthResponseHeader( | String SecureLocalAuthenticator::getAuthResponseHeader( |
const String& authType, | const String& authType, |
const String& userName, | const String& userName, |
String& challenge) |
String& filePath, |
|
String& secret) |
{ | { |
PEG_METHOD_ENTER(TRC_AUTHENTICATION, | PEG_METHOD_ENTER(TRC_AUTHENTICATION, |
"SecureLocalAuthenticator::getAuthResponseHeader()"); | "SecureLocalAuthenticator::getAuthResponseHeader()"); |
|
|
responseHeader.append(authType); | responseHeader.append(authType); |
responseHeader.append(" \""); | responseHeader.append(" \""); |
| |
// |
// Use executor, if present. |
|
|
|
if (Executor::detectExecutor() == 0) |
|
{ |
|
char filePathBuffer[EXECUTOR_BUFFER_SIZE]; |
|
|
|
if (Executor::challengeLocal( |
|
userName.getCString(), filePathBuffer) != 0) |
|
{ |
|
PEG_METHOD_EXIT(); |
|
throw CannotOpenFile(filePathBuffer); |
|
} |
|
filePath = filePathBuffer; |
|
secret.clear(); |
|
|
|
responseHeader.append(filePath); |
|
responseHeader.append("\""); |
|
} |
|
else |
|
{ |
// create a file using user name and write a random number in it. | // create a file using user name and write a random number in it. |
// |
|
LocalAuthFile localAuthFile(userName); | LocalAuthFile localAuthFile(userName); |
String filePath = localAuthFile.create(); |
filePath = localAuthFile.create(); |
| |
// | // |
// get the challenge string |
// get the secret string |
// | // |
String temp = localAuthFile.getChallengeString(); |
secret = localAuthFile.getSecretString(); |
challenge = temp; |
|
| |
// |
|
// build response header with file path and challenge string. | // build response header with file path and challenge string. |
// |
|
responseHeader.append(filePath); | responseHeader.append(filePath); |
responseHeader.append("\""); | responseHeader.append("\""); |
|
} |
| |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
|
return responseHeader; |
return (responseHeader); |
|
} | } |
| |
|
|
PEGASUS_NAMESPACE_END | PEGASUS_NAMESPACE_END |