pegasus/src/Pegasus/Security/Authentication/SecureLocalAuthenticator.cpp - annotate

Return to SecureLocalAuthenticator.cpp CVS log

Up to [Pegasus] / pegasus / src / Pegasus / Security / Authentication

1 karl 1.11 //%2006////////////////////////////////////////////////////////////////////////
2 mike 1.2 //
3 karl 1.8 // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development 4 // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems. 5 // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
6 karl 1.7 // IBM Corp.; EMC Corporation, The Open Group.
7 karl 1.8 // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.; 8 // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
9 karl 1.9 // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.; 10 // EMC Corporation; VERITAS Software Corporation; The Open Group.
11 karl 1.11 // Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.; 12 // EMC Corporation; Symantec Corporation; The Open Group.
13 mike 1.2 //
14 kumpf 1.6 // Permission is hereby granted, free of charge, to any person obtaining a copy 15 // of this software and associated documentation files (the "Software"), to 16 // deal in the Software without restriction, including without limitation the 17 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or 18 // sell copies of the Software, and to permit persons to whom the Software is 19 // furnished to do so, subject to the following conditions: 20 // 21 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN 22 // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED 23 // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT 24 // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR 25 // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT 26 // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 27 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
29 mike 1.2 // 30 //============================================================================== 31 // 32 // Author: Nag Boranna, Hewlett-Packard Company(nagaraja_boranna@hp.com) 33 // 34 // Modified By: 35 // 36 //%///////////////////////////////////////////////////////////////////////////// 37 38 39 #include <Pegasus/Common/FileSystem.h>
40 kumpf 1.3 #include <Pegasus/Common/Tracer.h>
41 mike 1.11.30.3 #include <Pegasus/Common/Executor.h>
42 mike 1.11.30.4 #include <Executor/Strlcpy.h>
43 kumpf 1.5 44 #include "LocalAuthFile.h"
45 mike 1.2 #include "SecureLocalAuthenticator.h" 46
47 kumpf 1.5 PEGASUS_USING_STD; 48
49 mike 1.2 PEGASUS_NAMESPACE_BEGIN 50 51
52 kumpf 1.5 /** 53 Constant representing the pegasus authentication challenge header. 54 */ 55 static const String PEGASUS_CHALLENGE_HEADER = "WWW-Authenticate: "; 56 57
58 mike 1.2 /* constructor. */ 59 SecureLocalAuthenticator::SecureLocalAuthenticator() 60 {
61 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHENTICATION, 62 "SecureLocalAuthenticator::SecureLocalAuthenticator()");
63 kumpf 1.3
64 kumpf 1.5 PEG_METHOD_EXIT();
65 mike 1.2 66 } 67 68 /* destructor. */ 69 SecureLocalAuthenticator::~SecureLocalAuthenticator() 70 {
71 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHENTICATION, 72 "SecureLocalAuthenticator::~SecureLocalAuthenticator()");
73 kumpf 1.3
74 kumpf 1.5 PEG_METHOD_EXIT();
75 mike 1.2 76 } 77 78 // 79 // Does local authentication 80 // 81 Boolean SecureLocalAuthenticator::authenticate 82 (
83 kumpf 1.3 const String& filePath, 84 const String& secretReceived, 85 const String& secretKept
86 mike 1.2 ) 87 {
88 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHENTICATION, 89 "SecureLocalAuthenticator::authenticate()");
90 kumpf 1.3
91 kumpf 1.5 Boolean authenticated = false;
92 kumpf 1.3
93 mike 1.11.30.4 // Use executor, if present.
94 mike 1.2
95 mike 1.11.30.4 if (Executor::detectExecutor() == 0)
96 mike 1.2 {
97 mike 1.11.30.4 SessionKey key; 98 Strlcpy( 99 key.data, (const char)secretKept.getCString(), sizeof(key.data)); 100 101 SessionKey newKey; 102 103 if (Executor::finishLocalAuth( 104 &key, (const char)secretReceived.getCString(), &newKey) == 0)
105 mike 1.2 { 106 authenticated = true; 107 } 108 }
109 mike 1.11.30.4 else
110 mike 1.2 {
111 mike 1.11.30.4 // Check secret. 112 113 if ((!String::equal(secretReceived, String::EMPTY)) && 114 (!String::equal(secretKept, String::EMPTY))) 115 { 116 if (String::equal(secretKept, secretReceived)) 117 { 118 authenticated = true; 119 } 120 } 121 122 // Remove the auth file created for this user request 123 124 if (filePath.size())
125 mike 1.2 {
126 mike 1.11.30.4 if (FileSystem::exists(filePath)) 127 { 128 FileSystem::removeFile(filePath); 129 }
130 mike 1.2 } 131 } 132
133 kumpf 1.5 PEG_METHOD_EXIT();
134 kumpf 1.3
135 mike 1.11.30.4 return authenticated;
136 mike 1.2 } 137
138 sushma.fernandes 1.10 Boolean SecureLocalAuthenticator::validateUser (const String& userName) 139 { 140 PEG_METHOD_ENTER(TRC_AUTHENTICATION, 141 "SecureLocalAuthenticator::validateUser()"); 142 143 Boolean authenticated = false; 144 145 if (System::isSystemUser(userName.getCString())) 146 { 147 authenticated = true; 148 } 149 150 PEG_METHOD_EXIT(); 151 return (authenticated); 152 } 153
154 mike 1.2 // 155 // Create authentication response header 156 // 157 String SecureLocalAuthenticator::getAuthResponseHeader(
158 kumpf 1.3 const String& authType, 159 const String& userName,
160 mike 1.2 String& challenge) 161 {
162 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHENTICATION, 163 "SecureLocalAuthenticator::getAuthResponseHeader()");
164 kumpf 1.3
165 kumpf 1.5 String responseHeader = PEGASUS_CHALLENGE_HEADER;
166 kumpf 1.3 responseHeader.append(authType); 167 responseHeader.append(" \"");
168 kumpf 1.5
169 mike 1.11.30.4 // Use executor, if present. 170 171 if (Executor::detectExecutor() == 0) 172 { 173 char path[EXECUTOR_BUFFER_SIZE]; 174 SessionKey key; 175 176 if (Executor::startLocalAuth(userName.getCString(), path, &key) != 0) 177 throw CannotOpenFile(path); 178 179 challenge = key.data; 180 181 responseHeader.append(path); 182 responseHeader.append("\""); 183 } 184 else 185 { 186 // create a file using user name and write a random number in it. 187 LocalAuthFile localAuthFile(userName); 188 String filePath = localAuthFile.create(); 189 190 mike 1.11.30.4 // get the challenge string 191 String temp = localAuthFile.getChallengeString(); 192 challenge = temp; 193 194 // build response header with file path and challenge string. 195 responseHeader.append(filePath); 196 responseHeader.append("\""); 197 }
198 kumpf 1.3
199 kumpf 1.5 PEG_METHOD_EXIT();
200 mike 1.2
201 mike 1.11.30.4 return responseHeader;
202 mike 1.2 } 203 204 PEGASUS_NAMESPACE_END

No CVS admin address has been configured