1 karl 1.11 //%2006////////////////////////////////////////////////////////////////////////
|
2 mike 1.2 //
|
3 karl 1.8 // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
4 // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
5 // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
|
6 karl 1.7 // IBM Corp.; EMC Corporation, The Open Group.
|
7 karl 1.8 // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
8 // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
|
9 karl 1.9 // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.;
10 // EMC Corporation; VERITAS Software Corporation; The Open Group.
|
11 karl 1.11 // Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.;
12 // EMC Corporation; Symantec Corporation; The Open Group.
|
13 mike 1.2 //
|
14 kumpf 1.6 // Permission is hereby granted, free of charge, to any person obtaining a copy
15 // of this software and associated documentation files (the "Software"), to
16 // deal in the Software without restriction, including without limitation the
17 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
18 // sell copies of the Software, and to permit persons to whom the Software is
19 // furnished to do so, subject to the following conditions:
20 //
21 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
22 // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
23 // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
24 // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
25 // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
26 // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
27 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
29 mike 1.2 //
30 //==============================================================================
31 //
32 // Author: Nag Boranna, Hewlett-Packard Company(nagaraja_boranna@hp.com)
33 //
34 // Modified By:
35 //
36 //%/////////////////////////////////////////////////////////////////////////////
37
38
39 #include <Pegasus/Common/FileSystem.h>
|
40 kumpf 1.3 #include <Pegasus/Common/Tracer.h>
|
41 kumpf 1.5
42 #include "LocalAuthFile.h"
|
43 mike 1.2 #include "SecureLocalAuthenticator.h"
44
|
45 kumpf 1.5 PEGASUS_USING_STD;
46
|
47 mike 1.2 PEGASUS_NAMESPACE_BEGIN
48
49
|
50 kumpf 1.5 /**
51 Constant representing the pegasus authentication challenge header.
52 */
53 static const String PEGASUS_CHALLENGE_HEADER = "WWW-Authenticate: ";
54
55
|
56 mike 1.2 /* constructor. */
57 SecureLocalAuthenticator::SecureLocalAuthenticator()
58 {
|
59 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHENTICATION,
60 "SecureLocalAuthenticator::SecureLocalAuthenticator()");
|
61 kumpf 1.3
|
62 kumpf 1.5 PEG_METHOD_EXIT();
|
63 mike 1.2
64 }
65
66 /* destructor. */
67 SecureLocalAuthenticator::~SecureLocalAuthenticator()
68 {
|
69 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHENTICATION,
70 "SecureLocalAuthenticator::~SecureLocalAuthenticator()");
|
71 kumpf 1.3
|
72 kumpf 1.5 PEG_METHOD_EXIT();
|
73 mike 1.2
74 }
75
76 //
77 // Does local authentication
78 //
79 Boolean SecureLocalAuthenticator::authenticate
80 (
|
81 kumpf 1.3 const String& filePath,
82 const String& secretReceived,
83 const String& secretKept
|
84 mike 1.2 )
85 {
|
86 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHENTICATION,
87 "SecureLocalAuthenticator::authenticate()");
|
88 kumpf 1.3
|
89 kumpf 1.5 Boolean authenticated = false;
|
90 kumpf 1.3
|
91 mike 1.2
92 if ((!String::equal(secretReceived, String::EMPTY)) &&
93 (!String::equal(secretKept, String::EMPTY)))
94 {
95 if (String::equal(secretKept, secretReceived))
96 {
97 authenticated = true;
98 }
99 }
100
101 //
102 // remove the auth file created for this user request
103 //
|
104 kumpf 1.4 if (filePath.size())
|
105 mike 1.2 {
|
106 kumpf 1.4 if (FileSystem::exists(filePath))
|
107 mike 1.2 {
|
108 kumpf 1.4 FileSystem::removeFile(filePath);
|
109 mike 1.2 }
110 }
111
|
112 kumpf 1.5 PEG_METHOD_EXIT();
|
113 kumpf 1.3
|
114 mike 1.2 return (authenticated);
115 }
116
|
117 sushma.fernandes 1.10
118 Boolean SecureLocalAuthenticator::validateUser (const String& userName)
119 {
120 PEG_METHOD_ENTER(TRC_AUTHENTICATION,
121 "SecureLocalAuthenticator::validateUser()");
122
123 Boolean authenticated = false;
124
125 if (System::isSystemUser(userName.getCString()))
126 {
127 authenticated = true;
128 }
129
130 PEG_METHOD_EXIT();
131 return (authenticated);
132 }
133
|
134 mike 1.2 //
135 // Create authentication response header
136 //
137 String SecureLocalAuthenticator::getAuthResponseHeader(
|
138 kumpf 1.3 const String& authType,
139 const String& userName,
|
140 mike 1.2 String& challenge)
141 {
|
142 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHENTICATION,
143 "SecureLocalAuthenticator::getAuthResponseHeader()");
|
144 kumpf 1.3
|
145 kumpf 1.5 String responseHeader = PEGASUS_CHALLENGE_HEADER;
|
146 kumpf 1.3 responseHeader.append(authType);
147 responseHeader.append(" \"");
|
148 kumpf 1.5
|
149 mike 1.2 //
150 // create a file using user name and write a random number in it.
151 //
152 LocalAuthFile localAuthFile(userName);
153 String filePath = localAuthFile.create();
154
155 //
156 // get the challenge string
157 //
158 String temp = localAuthFile.getChallengeString();
159 challenge = temp;
160
161 //
162 // build response header with file path and challenge string.
163 //
164 responseHeader.append(filePath);
165 responseHeader.append("\"");
|
166 kumpf 1.3
|
167 kumpf 1.5 PEG_METHOD_EXIT();
|
168 mike 1.2
169 return (responseHeader);
170 }
171
172
173 PEGASUS_NAMESPACE_END
|