version 1.3, 2001/12/21 01:10:02
|
version 1.8.6.1, 2003/07/29 15:08:30
|
|
|
//%//////////////////////////////////////////////////////////////////////////// |
//%///////////////////////////////////////////////////////////////////////////// |
// | // |
// Copyright (c) 2000, 2001 BMC Software, Hewlett-Packard Company, IBM, |
// Copyright (c) 2000, 2001, 2002 BMC Software, Hewlett-Packard Company, IBM, |
// The Open Group, Tivoli Systems | // The Open Group, Tivoli Systems |
// | // |
// Permission is hereby granted, free of charge, to any person obtaining a copy | // Permission is hereby granted, free of charge, to any person obtaining a copy |
|
|
// ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION | // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION |
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. | // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
// | // |
//============================================================================= |
//============================================================================== |
// | // |
// Author: Sushma Fernandes, Hewlett Packard Company (sushma_fernandes@hp.com) | // Author: Sushma Fernandes, Hewlett Packard Company (sushma_fernandes@hp.com) |
// | // |
|
|
| |
#include <Pegasus/Security/UserManager/UserFileHandler.h> | #include <Pegasus/Security/UserManager/UserFileHandler.h> |
#include <Pegasus/Security/UserManager/UserExceptions.h> | #include <Pegasus/Security/UserManager/UserExceptions.h> |
|
#include <Pegasus/Common/MessageLoader.h> //l10n |
| |
PEGASUS_USING_STD; | PEGASUS_USING_STD; |
| |
|
|
long randNum; | long randNum; |
Uint32 sec; | Uint32 sec; |
Uint32 milliSec; | Uint32 milliSec; |
const char METHOD_NAME[] = "PasswordFile::_GetSalt"; |
|
| |
PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "PasswordFile::_GetSalt"); |
| |
// | // |
// Generate a random number and get the salt | // Generate a random number and get the salt |
|
|
| |
salt[2] = '\0'; | salt[2] = '\0'; |
| |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
} | } |
| |
// | // |
|
|
// | // |
UserFileHandler::UserFileHandler() | UserFileHandler::UserFileHandler() |
{ | { |
const char METHOD_NAME[] = "UserFileHandler::UserFileHandler"; |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserFileHandler::UserFileHandler"); |
|
|
PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
|
| |
// | // |
// Get an instance of the ConfigManager. | // Get an instance of the ConfigManager. |
|
|
// | // |
_mutex = new Mutex; | _mutex = new Mutex; |
| |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
} | } |
| |
| |
|
|
// | // |
UserFileHandler::~UserFileHandler() | UserFileHandler::~UserFileHandler() |
{ | { |
const char METHOD_NAME[] = "UserFileHandler::~UserFileHandler"; |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserFileHandler::~UserFileHandler"); |
|
|
PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
|
| |
delete _passwordFile; | delete _passwordFile; |
delete _mutex; | delete _mutex; |
| |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
} | } |
| |
// | // |
|
|
// | // |
void UserFileHandler::_loadAllUsers () | void UserFileHandler::_loadAllUsers () |
{ | { |
const char METHOD_NAME[] = "UserFileHandler::_loadAllUsers"; |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserFileHandler::_loadAllUsers"); |
|
|
PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
|
| |
try | try |
{ | { |
|
|
catch (CannotOpenFile cof) | catch (CannotOpenFile cof) |
{ | { |
_passwordTable.clear(); | _passwordTable.clear(); |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
throw cof; | throw cof; |
} | } |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
} | } |
| |
void UserFileHandler::_Update( | void UserFileHandler::_Update( |
|
|
const String& userName, | const String& userName, |
const String& password) | const String& password) |
{ | { |
const char METHOD_NAME[] = "UserFileHandler::_Update"; |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserFileHandler::_Update"); |
|
|
PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
|
| |
// | // |
// Hold the mutex lock. | // Hold the mutex lock. |
|
|
} | } |
catch (TimeOut e) | catch (TimeOut e) |
{ | { |
throw CIMException( CIM_ERR_FAILED, |
//l10n |
"Timed out trying to perform requested operation." |
//throw PEGASUS_CIM_EXCEPTION( CIM_ERR_FAILED, |
"Please re-try the operation again."); |
//"Timed out trying to perform requested operation." |
|
//"Please re-try the operation again."); |
|
throw PEGASUS_CIM_EXCEPTION_L( CIM_ERR_FAILED, MessageLoaderParms("Security.UserManager.UserFileHandler.TIMEOUT", |
|
"Timed out trying to perform requested operation.Please re-try the operation again.")); |
} | } |
catch (WaitFailed e) | catch (WaitFailed e) |
{ | { |
throw CIMException( CIM_ERR_FAILED, |
//l10n |
"Timed out trying to perform requested operation." |
//throw PEGASUS_CIM_EXCEPTION( CIM_ERR_FAILED, |
"Please re-try the operation again."); |
//"Timed out trying to perform requested operation." |
|
//"Please re-try the operation again."); |
|
throw PEGASUS_CIM_EXCEPTION_L( CIM_ERR_FAILED, MessageLoaderParms("Security.UserManager.UserFileHandler.TIMEOUT", |
|
"Timed out trying to perform requested operation.Please re-try the operation again.")); |
} | } |
catch (Deadlock e) | catch (Deadlock e) |
{ | { |
throw CIMException( CIM_ERR_FAILED, |
//l10n |
"Deak lock encountered trying to perform requested operation." |
//throw PEGASUS_CIM_EXCEPTION( CIM_ERR_FAILED, |
"Please re-try the operation again."); |
//"Deak lock encountered trying to perform requested operation." |
|
//"Please re-try the operation again."); |
|
throw PEGASUS_CIM_EXCEPTION_L( CIM_ERR_FAILED, MessageLoaderParms("Security.UserManager.UserFileHandler.DEADLOCK", |
|
"Deak lock encountered trying to perform requested operation.Please re-try the operation again.")); |
} | } |
| |
switch (operation) | switch (operation) |
|
|
if (!_passwordTable.insert(userName,password)) | if (!_passwordTable.insert(userName,password)) |
{ | { |
_mutex->unlock(); | _mutex->unlock(); |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
throw PasswordCacheError(); | throw PasswordCacheError(); |
} | } |
break; | break; |
|
|
if (!_passwordTable.remove(userName)) | if (!_passwordTable.remove(userName)) |
{ | { |
_mutex->unlock(); | _mutex->unlock(); |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
throw PasswordCacheError(); | throw PasswordCacheError(); |
} | } |
if (!_passwordTable.insert(userName,password)) | if (!_passwordTable.insert(userName,password)) |
{ | { |
_mutex->unlock(); | _mutex->unlock(); |
Logger::put(Logger::ERROR_LOG, "UserManager", |
//l10n |
Logger::SEVERE, |
//Logger::put(Logger::ERROR_LOG, System::CIMSERVER, |
|
//Logger::SEVERE, |
|
//"Error updating user information for : $0.",userName); |
|
Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER,Logger::SEVERE, |
|
"Security.UserManager.UserFileHandler.ERROR_UPDATING_USER_INFO", |
"Error updating user information for : $0.",userName); | "Error updating user information for : $0.",userName); |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
throw PasswordCacheError(); | throw PasswordCacheError(); |
} | } |
break; | break; |
|
|
if (!_passwordTable.remove(userName)) | if (!_passwordTable.remove(userName)) |
{ | { |
_mutex->unlock(); | _mutex->unlock(); |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
throw InvalidUser(userName); | throw InvalidUser(userName); |
} | } |
break; | break; |
|
|
catch (CannotOpenFile& e) | catch (CannotOpenFile& e) |
{ | { |
_mutex->unlock(); | _mutex->unlock(); |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
throw e; | throw e; |
} | } |
catch (CannotRenameFile& e) | catch (CannotRenameFile& e) |
|
|
_loadAllUsers(); | _loadAllUsers(); |
| |
_mutex->unlock(); | _mutex->unlock(); |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
throw e; | throw e; |
} | } |
_mutex->unlock(); | _mutex->unlock(); |
PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
} | } |
| |
| |
|
|
{ | { |
char salt[3]; | char salt[3]; |
String encryptedPassword = String::EMPTY; | String encryptedPassword = String::EMPTY; |
const char METHOD_NAME[] = "UserFileHandler::addUserEntry"; |
|
| |
PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserFileHandler::addUserEntry"); |
| |
// Check if the user already exists | // Check if the user already exists |
if (_passwordTable.contains(userName)) | if (_passwordTable.contains(userName)) |
{ | { |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
throw DuplicateUser(userName); | throw DuplicateUser(userName); |
} | } |
| |
// encrypt password | // encrypt password |
_GetSalt(salt); | _GetSalt(salt); |
| |
ArrayDestroyer<char> pw(password.allocateCString()); |
encryptedPassword = System::encryptPassword(password.getCString(),salt); |
|
|
encryptedPassword = System::encryptPassword(pw.getPointer(),salt); |
|
| |
// add the user to the cache and password file | // add the user to the cache and password file |
_Update(ADD_USER,userName, encryptedPassword); | _Update(ADD_USER,userName, encryptedPassword); |
| |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
} | } |
| |
// | // |
|
|
{ | { |
char salt[3]; | char salt[3]; |
String encryptedPassword = String::EMPTY; | String encryptedPassword = String::EMPTY; |
const char METHOD_NAME[] = "UserFileHandler::modifyUserEntry"; |
|
| |
PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserFileHandler::modifyUserEntry"); |
| |
// | // |
// Check if the given password matches the passwd in the file | // Check if the given password matches the passwd in the file |
|
|
{ | { |
if ( !verifyCIMUserPassword (userName,password) ) | if ( !verifyCIMUserPassword (userName,password) ) |
{ | { |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
throw PasswordMismatch(userName); | throw PasswordMismatch(userName); |
} | } |
} | } |
catch (Exception& e) | catch (Exception& e) |
{ | { |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
throw e; | throw e; |
} | } |
| |
// encrypt new password | // encrypt new password |
_GetSalt(salt); | _GetSalt(salt); |
| |
ArrayDestroyer<char> npw(newPassword.allocateCString()); |
encryptedPassword = System::encryptPassword(newPassword.getCString(),salt); |
|
|
encryptedPassword = System::encryptPassword(npw.getPointer(),salt); |
|
| |
_Update(MODIFY_USER, userName, encryptedPassword); | _Update(MODIFY_USER, userName, encryptedPassword); |
| |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
} | } |
| |
// | // |
|
|
// | // |
void UserFileHandler::removeUserEntry(const String& userName) | void UserFileHandler::removeUserEntry(const String& userName) |
{ | { |
const char METHOD_NAME[] = "UserFileHandler::removeUserEntry"; |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserFileHandler::removeUserEntry"); |
|
|
PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
|
| |
_Update(REMOVE_USER, userName); | _Update(REMOVE_USER, userName); |
| |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
} | } |
| |
// | // |
|
|
// | // |
void UserFileHandler::getAllUserNames(Array<String>& userNames) | void UserFileHandler::getAllUserNames(Array<String>& userNames) |
{ | { |
const char METHOD_NAME[] = "UserFileHandler::getAllUserNames"; |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserFileHandler::getAllUserNames"); |
|
|
PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
|
| |
userNames.clear(); | userNames.clear(); |
| |
|
|
{ | { |
userNames.append(i.key()); | userNames.append(i.key()); |
} | } |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
} | } |
| |
// | // |
|
|
// | // |
Boolean UserFileHandler::verifyCIMUser (const String& userName) | Boolean UserFileHandler::verifyCIMUser (const String& userName) |
{ | { |
const char METHOD_NAME[] = "UserFileHandler::verifyCIMUser"; |
PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserFileHandler::verifyCIMUser"); |
| |
PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
|
|
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
|
return _passwordTable.contains(userName); | return _passwordTable.contains(userName); |
} | } |
| |
|
|
const String& userName, | const String& userName, |
const String& password) | const String& password) |
{ | { |
const char METHOD_NAME[] = "UserFileHandler::verifyCIMUserPassword"; |
PEG_METHOD_ENTER(TRC_USER_MANAGER, |
|
"UserFileHandler::verifyCIMUserPassword"); |
PEG_FUNC_ENTER(TRC_USER_MANAGER,METHOD_NAME); |
|
| |
// Check if the user's password mathches the specified password | // Check if the user's password mathches the specified password |
String curPassword = String::EMPTY; | String curPassword = String::EMPTY; |
|
|
// Check if the user exists in the password table | // Check if the user exists in the password table |
if ( !_passwordTable.lookup(userName,curPassword) ) | if ( !_passwordTable.lookup(userName,curPassword) ) |
{ | { |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
throw InvalidUser(userName); | throw InvalidUser(userName); |
} | } |
| |
saltStr = curPassword.subString(0,2); | saltStr = curPassword.subString(0,2); |
ArrayDestroyer<char> oldsalt(saltStr.allocateCString()); |
|
ArrayDestroyer<char> pw(password.allocateCString()); |
|
| |
encryptedPassword = | encryptedPassword = |
System::encryptPassword(pw.getPointer(),oldsalt.getPointer()); |
System::encryptPassword(password.getCString(),saltStr.getCString()); |
| |
if ( curPassword != encryptedPassword ) | if ( curPassword != encryptedPassword ) |
{ | { |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
return false; | return false; |
} | } |
| |
PEG_FUNC_EXIT(TRC_USER_MANAGER,METHOD_NAME); |
PEG_METHOD_EXIT(); |
return true; | return true; |
} | } |
PEGASUS_NAMESPACE_END | PEGASUS_NAMESPACE_END |