|
version 1.3, 2001/12/21 01:10:02
|
version 1.8.6.1, 2003/07/29 15:08:30
|
|
|
|
| //%//////////////////////////////////////////////////////////////////////////// |
//%///////////////////////////////////////////////////////////////////////////// |
| // | // |
| // Copyright (c) 2000, 2001 BMC Software, Hewlett-Packard Company, IBM, |
// Copyright (c) 2000, 2001, 2002 BMC Software, Hewlett-Packard Company, IBM, |
| // The Open Group, Tivoli Systems | // The Open Group, Tivoli Systems |
| // | // |
| // Permission is hereby granted, free of charge, to any person obtaining a copy | // Permission is hereby granted, free of charge, to any person obtaining a copy |
|
|
|
| // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION | // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION |
| // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. | // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
| // | // |
| //============================================================================= |
//============================================================================== |
| // | // |
| // Author: Sushma Fernandes, Hewlett Packard Company (sushma_fernandes@hp.com) | // Author: Sushma Fernandes, Hewlett Packard Company (sushma_fernandes@hp.com) |
| // | // |
|
|
|
| | |
| #include <Pegasus/Security/UserManager/UserFileHandler.h> | #include <Pegasus/Security/UserManager/UserFileHandler.h> |
| #include <Pegasus/Security/UserManager/UserExceptions.h> | #include <Pegasus/Security/UserManager/UserExceptions.h> |
| |
#include <Pegasus/Common/MessageLoader.h> //l10n |
| | |
| PEGASUS_USING_STD; | PEGASUS_USING_STD; |
| | |
|
|
|
| long randNum; | long randNum; |
| Uint32 sec; | Uint32 sec; |
| Uint32 milliSec; | Uint32 milliSec; |
| const char METHOD_NAME[] = "PasswordFile::_GetSalt"; |
|
| | |
| PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "PasswordFile::_GetSalt"); |
| | |
| // | // |
| // Generate a random number and get the salt | // Generate a random number and get the salt |
|
|
|
| | |
| salt[2] = '\0'; | salt[2] = '\0'; |
| | |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| } | } |
| | |
| // | // |
|
|
|
| // | // |
| UserFileHandler::UserFileHandler() | UserFileHandler::UserFileHandler() |
| { | { |
| const char METHOD_NAME[] = "UserFileHandler::UserFileHandler"; |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserFileHandler::UserFileHandler"); |
| |
|
| PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
|
| | |
| // | // |
| // Get an instance of the ConfigManager. | // Get an instance of the ConfigManager. |
|
|
|
| // | // |
| _mutex = new Mutex; | _mutex = new Mutex; |
| | |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| } | } |
| | |
| | |
|
|
|
| // | // |
| UserFileHandler::~UserFileHandler() | UserFileHandler::~UserFileHandler() |
| { | { |
| const char METHOD_NAME[] = "UserFileHandler::~UserFileHandler"; |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserFileHandler::~UserFileHandler"); |
| |
|
| PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
|
| | |
| delete _passwordFile; | delete _passwordFile; |
| delete _mutex; | delete _mutex; |
| | |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| } | } |
| | |
| // | // |
|
|
|
| // | // |
| void UserFileHandler::_loadAllUsers () | void UserFileHandler::_loadAllUsers () |
| { | { |
| const char METHOD_NAME[] = "UserFileHandler::_loadAllUsers"; |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserFileHandler::_loadAllUsers"); |
| |
|
| PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
|
| | |
| try | try |
| { | { |
|
|
|
| catch (CannotOpenFile cof) | catch (CannotOpenFile cof) |
| { | { |
| _passwordTable.clear(); | _passwordTable.clear(); |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| throw cof; | throw cof; |
| } | } |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| } | } |
| | |
| void UserFileHandler::_Update( | void UserFileHandler::_Update( |
|
|
|
| const String& userName, | const String& userName, |
| const String& password) | const String& password) |
| { | { |
| const char METHOD_NAME[] = "UserFileHandler::_Update"; |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserFileHandler::_Update"); |
| |
|
| PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
|
| | |
| // | // |
| // Hold the mutex lock. | // Hold the mutex lock. |
|
|
|
| } | } |
| catch (TimeOut e) | catch (TimeOut e) |
| { | { |
| throw CIMException( CIM_ERR_FAILED, |
//l10n |
| "Timed out trying to perform requested operation." |
//throw PEGASUS_CIM_EXCEPTION( CIM_ERR_FAILED, |
| "Please re-try the operation again."); |
//"Timed out trying to perform requested operation." |
| |
//"Please re-try the operation again."); |
| |
throw PEGASUS_CIM_EXCEPTION_L( CIM_ERR_FAILED, MessageLoaderParms("Security.UserManager.UserFileHandler.TIMEOUT", |
| |
"Timed out trying to perform requested operation.Please re-try the operation again.")); |
| } | } |
| catch (WaitFailed e) | catch (WaitFailed e) |
| { | { |
| throw CIMException( CIM_ERR_FAILED, |
//l10n |
| "Timed out trying to perform requested operation." |
//throw PEGASUS_CIM_EXCEPTION( CIM_ERR_FAILED, |
| "Please re-try the operation again."); |
//"Timed out trying to perform requested operation." |
| |
//"Please re-try the operation again."); |
| |
throw PEGASUS_CIM_EXCEPTION_L( CIM_ERR_FAILED, MessageLoaderParms("Security.UserManager.UserFileHandler.TIMEOUT", |
| |
"Timed out trying to perform requested operation.Please re-try the operation again.")); |
| } | } |
| catch (Deadlock e) | catch (Deadlock e) |
| { | { |
| throw CIMException( CIM_ERR_FAILED, |
//l10n |
| "Deak lock encountered trying to perform requested operation." |
//throw PEGASUS_CIM_EXCEPTION( CIM_ERR_FAILED, |
| "Please re-try the operation again."); |
//"Deak lock encountered trying to perform requested operation." |
| |
//"Please re-try the operation again."); |
| |
throw PEGASUS_CIM_EXCEPTION_L( CIM_ERR_FAILED, MessageLoaderParms("Security.UserManager.UserFileHandler.DEADLOCK", |
| |
"Deak lock encountered trying to perform requested operation.Please re-try the operation again.")); |
| } | } |
| | |
| switch (operation) | switch (operation) |
|
|
|
| if (!_passwordTable.insert(userName,password)) | if (!_passwordTable.insert(userName,password)) |
| { | { |
| _mutex->unlock(); | _mutex->unlock(); |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| throw PasswordCacheError(); | throw PasswordCacheError(); |
| } | } |
| break; | break; |
|
|
|
| if (!_passwordTable.remove(userName)) | if (!_passwordTable.remove(userName)) |
| { | { |
| _mutex->unlock(); | _mutex->unlock(); |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| throw PasswordCacheError(); | throw PasswordCacheError(); |
| } | } |
| if (!_passwordTable.insert(userName,password)) | if (!_passwordTable.insert(userName,password)) |
| { | { |
| _mutex->unlock(); | _mutex->unlock(); |
| Logger::put(Logger::ERROR_LOG, "UserManager", |
//l10n |
| Logger::SEVERE, |
//Logger::put(Logger::ERROR_LOG, System::CIMSERVER, |
| |
//Logger::SEVERE, |
| |
//"Error updating user information for : $0.",userName); |
| |
Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER,Logger::SEVERE, |
| |
"Security.UserManager.UserFileHandler.ERROR_UPDATING_USER_INFO", |
| "Error updating user information for : $0.",userName); | "Error updating user information for : $0.",userName); |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| throw PasswordCacheError(); | throw PasswordCacheError(); |
| } | } |
| break; | break; |
|
|
|
| if (!_passwordTable.remove(userName)) | if (!_passwordTable.remove(userName)) |
| { | { |
| _mutex->unlock(); | _mutex->unlock(); |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| throw InvalidUser(userName); | throw InvalidUser(userName); |
| } | } |
| break; | break; |
|
|
|
| catch (CannotOpenFile& e) | catch (CannotOpenFile& e) |
| { | { |
| _mutex->unlock(); | _mutex->unlock(); |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| throw e; | throw e; |
| } | } |
| catch (CannotRenameFile& e) | catch (CannotRenameFile& e) |
|
|
|
| _loadAllUsers(); | _loadAllUsers(); |
| | |
| _mutex->unlock(); | _mutex->unlock(); |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| throw e; | throw e; |
| } | } |
| _mutex->unlock(); | _mutex->unlock(); |
| PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| } | } |
| | |
| | |
|
|
|
| { | { |
| char salt[3]; | char salt[3]; |
| String encryptedPassword = String::EMPTY; | String encryptedPassword = String::EMPTY; |
| const char METHOD_NAME[] = "UserFileHandler::addUserEntry"; |
|
| | |
| PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserFileHandler::addUserEntry"); |
| | |
| // Check if the user already exists | // Check if the user already exists |
| if (_passwordTable.contains(userName)) | if (_passwordTable.contains(userName)) |
| { | { |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| throw DuplicateUser(userName); | throw DuplicateUser(userName); |
| } | } |
| | |
| // encrypt password | // encrypt password |
| _GetSalt(salt); | _GetSalt(salt); |
| | |
| ArrayDestroyer<char> pw(password.allocateCString()); |
encryptedPassword = System::encryptPassword(password.getCString(),salt); |
| |
|
| encryptedPassword = System::encryptPassword(pw.getPointer(),salt); |
|
| | |
| // add the user to the cache and password file | // add the user to the cache and password file |
| _Update(ADD_USER,userName, encryptedPassword); | _Update(ADD_USER,userName, encryptedPassword); |
| | |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| } | } |
| | |
| // | // |
|
|
|
| { | { |
| char salt[3]; | char salt[3]; |
| String encryptedPassword = String::EMPTY; | String encryptedPassword = String::EMPTY; |
| const char METHOD_NAME[] = "UserFileHandler::modifyUserEntry"; |
|
| | |
| PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserFileHandler::modifyUserEntry"); |
| | |
| // | // |
| // Check if the given password matches the passwd in the file | // Check if the given password matches the passwd in the file |
|
|
|
| { | { |
| if ( !verifyCIMUserPassword (userName,password) ) | if ( !verifyCIMUserPassword (userName,password) ) |
| { | { |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| throw PasswordMismatch(userName); | throw PasswordMismatch(userName); |
| } | } |
| } | } |
| catch (Exception& e) | catch (Exception& e) |
| { | { |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| throw e; | throw e; |
| } | } |
| | |
| // encrypt new password | // encrypt new password |
| _GetSalt(salt); | _GetSalt(salt); |
| | |
| ArrayDestroyer<char> npw(newPassword.allocateCString()); |
encryptedPassword = System::encryptPassword(newPassword.getCString(),salt); |
| |
|
| encryptedPassword = System::encryptPassword(npw.getPointer(),salt); |
|
| | |
| _Update(MODIFY_USER, userName, encryptedPassword); | _Update(MODIFY_USER, userName, encryptedPassword); |
| | |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| } | } |
| | |
| // | // |
|
|
|
| // | // |
| void UserFileHandler::removeUserEntry(const String& userName) | void UserFileHandler::removeUserEntry(const String& userName) |
| { | { |
| const char METHOD_NAME[] = "UserFileHandler::removeUserEntry"; |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserFileHandler::removeUserEntry"); |
| |
|
| PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
|
| | |
| _Update(REMOVE_USER, userName); | _Update(REMOVE_USER, userName); |
| | |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| } | } |
| | |
| // | // |
|
|
|
| // | // |
| void UserFileHandler::getAllUserNames(Array<String>& userNames) | void UserFileHandler::getAllUserNames(Array<String>& userNames) |
| { | { |
| const char METHOD_NAME[] = "UserFileHandler::getAllUserNames"; |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserFileHandler::getAllUserNames"); |
| |
|
| PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
|
| | |
| userNames.clear(); | userNames.clear(); |
| | |
|
|
|
| { | { |
| userNames.append(i.key()); | userNames.append(i.key()); |
| } | } |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| } | } |
| | |
| // | // |
|
|
|
| // | // |
| Boolean UserFileHandler::verifyCIMUser (const String& userName) | Boolean UserFileHandler::verifyCIMUser (const String& userName) |
| { | { |
| const char METHOD_NAME[] = "UserFileHandler::verifyCIMUser"; |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserFileHandler::verifyCIMUser"); |
| | |
| PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| |
|
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
|
| return _passwordTable.contains(userName); | return _passwordTable.contains(userName); |
| } | } |
| | |
|
|
|
| const String& userName, | const String& userName, |
| const String& password) | const String& password) |
| { | { |
| const char METHOD_NAME[] = "UserFileHandler::verifyCIMUserPassword"; |
PEG_METHOD_ENTER(TRC_USER_MANAGER, |
| |
"UserFileHandler::verifyCIMUserPassword"); |
| PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
|
| | |
| // Check if the user's password mathches the specified password | // Check if the user's password mathches the specified password |
| String curPassword = String::EMPTY; | String curPassword = String::EMPTY; |
|
|
|
| // Check if the user exists in the password table | // Check if the user exists in the password table |
| if ( !_passwordTable.lookup(userName,curPassword) ) | if ( !_passwordTable.lookup(userName,curPassword) ) |
| { | { |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| throw InvalidUser(userName); | throw InvalidUser(userName); |
| } | } |
| | |
| saltStr = curPassword.subString(0,2); | saltStr = curPassword.subString(0,2); |
| ArrayDestroyer<char> oldsalt(saltStr.allocateCString()); |
|
| ArrayDestroyer<char> pw(password.allocateCString()); |
|
| | |
| encryptedPassword = | encryptedPassword = |
| System::encryptPassword(pw.getPointer(),oldsalt.getPointer()); |
System::encryptPassword(password.getCString(),saltStr.getCString()); |
| | |
| if ( curPassword != encryptedPassword ) | if ( curPassword != encryptedPassword ) |
| { | { |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| return false; | return false; |
| } | } |
| | |
| PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
| return true; | return true; |
| } | } |
| PEGASUS_NAMESPACE_END | PEGASUS_NAMESPACE_END |
Return to
UserFileHandler.cpp
CVS log
Up to [Pegasus] / pegasus / src / Pegasus / Security / UserManager