1 karl 1.11 //%2006////////////////////////////////////////////////////////////////////////
|
2 mike 1.2 //
|
3 karl 1.8 // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
4 // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
5 // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
|
6 karl 1.7 // IBM Corp.; EMC Corporation, The Open Group.
|
7 karl 1.8 // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
8 // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
|
9 karl 1.9 // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.;
10 // EMC Corporation; VERITAS Software Corporation; The Open Group.
|
11 karl 1.11 // Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.;
12 // EMC Corporation; Symantec Corporation; The Open Group.
|
13 mike 1.2 //
|
14 kumpf 1.6 // Permission is hereby granted, free of charge, to any person obtaining a copy
15 // of this software and associated documentation files (the "Software"), to
16 // deal in the Software without restriction, including without limitation the
17 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
18 // sell copies of the Software, and to permit persons to whom the Software is
19 // furnished to do so, subject to the following conditions:
20 //
21 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
22 // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
23 // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
24 // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
25 // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
26 // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
27 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
29 mike 1.2 //
30 //==============================================================================
31 //
32 // Author: Nag Boranna, Hewlett-Packard Company(nagaraja_boranna@hp.com)
33 //
34 // Modified By:
35 //
36 //%/////////////////////////////////////////////////////////////////////////////
37
38
39 #include <Pegasus/Common/FileSystem.h>
|
40 kumpf 1.3 #include <Pegasus/Common/Tracer.h>
|
41 mike 1.11.30.3 #include <Pegasus/Common/Executor.h>
|
42 mike 1.11.30.4 #include <Executor/Strlcpy.h>
|
43 kumpf 1.5
44 #include "LocalAuthFile.h"
|
45 mike 1.2 #include "SecureLocalAuthenticator.h"
46
|
47 kumpf 1.5 PEGASUS_USING_STD;
48
|
49 mike 1.2 PEGASUS_NAMESPACE_BEGIN
50
51
|
52 kumpf 1.5 /**
53 Constant representing the pegasus authentication challenge header.
54 */
55 static const String PEGASUS_CHALLENGE_HEADER = "WWW-Authenticate: ";
56
57
|
58 mike 1.2 /* constructor. */
59 SecureLocalAuthenticator::SecureLocalAuthenticator()
60 {
|
61 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHENTICATION,
62 "SecureLocalAuthenticator::SecureLocalAuthenticator()");
|
63 kumpf 1.3
|
64 kumpf 1.5 PEG_METHOD_EXIT();
|
65 mike 1.2
66 }
67
68 /* destructor. */
69 SecureLocalAuthenticator::~SecureLocalAuthenticator()
70 {
|
71 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHENTICATION,
72 "SecureLocalAuthenticator::~SecureLocalAuthenticator()");
|
73 kumpf 1.3
|
74 kumpf 1.5 PEG_METHOD_EXIT();
|
75 mike 1.2
76 }
77
78 //
79 // Does local authentication
80 //
|
81 mike 1.11.30.6 Boolean SecureLocalAuthenticator::authenticate(
|
82 kumpf 1.3 const String& filePath,
83 const String& secretReceived,
|
84 mike 1.11.30.6 const String& secretKept,
85 SessionKey& sessionKey)
|
86 mike 1.2 {
|
87 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHENTICATION,
88 "SecureLocalAuthenticator::authenticate()");
|
89 kumpf 1.3
|
90 kumpf 1.5 Boolean authenticated = false;
|
91 kumpf 1.3
|
92 mike 1.11.30.6 sessionKey.clear();
93
|
94 mike 1.11.30.4 // Use executor, if present.
|
95 mike 1.2
|
96 mike 1.11.30.4 if (Executor::detectExecutor() == 0)
|
97 mike 1.2 {
|
98 mike 1.11.30.4 Strlcpy(
|
99 mike 1.11.30.6 (char*)sessionKey.data(),
100 (const char*)secretKept.getCString(),
101 sessionKey.size());
|
102 mike 1.11.30.4
|
103 mike 1.11.30.7 if (Executor::authenticateLocal(
|
104 mike 1.11.30.6 sessionKey, (const char*)secretReceived.getCString()) == 0)
|
105 mike 1.2 {
106 authenticated = true;
107 }
108 }
|
109 mike 1.11.30.4 else
|
110 mike 1.2 {
|
111 mike 1.11.30.4 // Check secret.
112
113 if ((!String::equal(secretReceived, String::EMPTY)) &&
114 (!String::equal(secretKept, String::EMPTY)))
115 {
116 if (String::equal(secretKept, secretReceived))
117 {
118 authenticated = true;
119 }
120 }
121
122 // Remove the auth file created for this user request
123
124 if (filePath.size())
|
125 mike 1.2 {
|
126 mike 1.11.30.4 if (FileSystem::exists(filePath))
127 {
128 FileSystem::removeFile(filePath);
129 }
|
130 mike 1.2 }
131 }
132
|
133 kumpf 1.5 PEG_METHOD_EXIT();
|
134 kumpf 1.3
|
135 mike 1.11.30.4 return authenticated;
|
136 mike 1.2 }
137
|
138 sushma.fernandes 1.10 Boolean SecureLocalAuthenticator::validateUser (const String& userName)
139 {
140 PEG_METHOD_ENTER(TRC_AUTHENTICATION,
141 "SecureLocalAuthenticator::validateUser()");
142
143 Boolean authenticated = false;
144
145 if (System::isSystemUser(userName.getCString()))
146 {
147 authenticated = true;
148 }
149
150 PEG_METHOD_EXIT();
151 return (authenticated);
152 }
153
|
154 mike 1.2 //
155 // Create authentication response header
156 //
157 String SecureLocalAuthenticator::getAuthResponseHeader(
|
158 kumpf 1.3 const String& authType,
159 const String& userName,
|
160 mike 1.2 String& challenge)
161 {
|
162 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHENTICATION,
163 "SecureLocalAuthenticator::getAuthResponseHeader()");
|
164 kumpf 1.3
|
165 kumpf 1.5 String responseHeader = PEGASUS_CHALLENGE_HEADER;
|
166 kumpf 1.3 responseHeader.append(authType);
167 responseHeader.append(" \"");
|
168 kumpf 1.5
|
169 mike 1.11.30.4 // Use executor, if present.
170
171 if (Executor::detectExecutor() == 0)
172 {
173 char path[EXECUTOR_BUFFER_SIZE];
|
174 mike 1.11.30.6 SessionKey sessionKey;
|
175 mike 1.11.30.4
|
176 mike 1.11.30.7 if (Executor::challengeLocal(
|
177 mike 1.11.30.6 userName.getCString(), path, sessionKey) != 0)
178 {
|
179 mike 1.11.30.4 throw CannotOpenFile(path);
|
180 mike 1.11.30.6 }
|
181 mike 1.11.30.4
|
182 mike 1.11.30.6 challenge = sessionKey.data();
|
183 mike 1.11.30.4
184 responseHeader.append(path);
185 responseHeader.append("\"");
186 }
187 else
188 {
189 // create a file using user name and write a random number in it.
190 LocalAuthFile localAuthFile(userName);
191 String filePath = localAuthFile.create();
192
193 // get the challenge string
194 String temp = localAuthFile.getChallengeString();
195 challenge = temp;
196
197 // build response header with file path and challenge string.
198 responseHeader.append(filePath);
199 responseHeader.append("\"");
200 }
|
201 kumpf 1.3
|
202 kumpf 1.5 PEG_METHOD_EXIT();
|
203 mike 1.2
|
204 mike 1.11.30.4 return responseHeader;
|
205 mike 1.2 }
206
207 PEGASUS_NAMESPACE_END
|