1 kumpf 1.8 //%/////////////////////////////////////////////////////////////////////////////
|
2 mike 1.2 //
|
3 kumpf 1.8 // Copyright (c) 2000, 2001, 2002 BMC Software, Hewlett-Packard Company, IBM,
|
4 mike 1.2 // The Open Group, Tivoli Systems
5 //
6 // Permission is hereby granted, free of charge, to any person obtaining a copy
|
7 kumpf 1.8 // of this software and associated documentation files (the "Software"), to
8 // deal in the Software without restriction, including without limitation the
9 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
|
10 mike 1.2 // sell copies of the Software, and to permit persons to whom the Software is
11 // furnished to do so, subject to the following conditions:
12 //
|
13 kumpf 1.8 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
|
14 mike 1.2 // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
15 // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
|
16 kumpf 1.8 // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
17 // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
18 // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
|
19 mike 1.2 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
21 //
|
22 kumpf 1.8 //==============================================================================
|
23 mike 1.2 //
24 // Author: Sushma Fernandes, Hewlett Packard Company (sushma_fernandes@hp.com)
25 //
26 // Modified By: Nag Boranna, Hewlett Packard Company (nagaraja_boranna@hp.com)
|
27 kumpf 1.10 // Carol Ann Krug Graves, Hewlett-Packard Company
28 // (carolann_graves@hp.com)
|
29 mike 1.2 //
30 //%////////////////////////////////////////////////////////////////////////////
31
32
33 ///////////////////////////////////////////////////////////////////////////////
34 //
35 // User Manager
36 //
37 ///////////////////////////////////////////////////////////////////////////////
38
39 #include <Pegasus/Common/Destroyer.h>
40 #include <Pegasus/Common/System.h>
41 #include <Pegasus/Common/Tracer.h>
|
42 kumpf 1.6 #include <Pegasus/Common/PegasusVersion.h>
43
|
44 mike 1.2 #include <Pegasus/Security/UserManager/UserManager.h>
45 #include <Pegasus/Security/UserManager/UserExceptions.h>
46
47
48 PEGASUS_USING_STD;
49
50 PEGASUS_NAMESPACE_BEGIN
51
52 /**
53 Initialize UserManager instance
54 */
55 UserManager* UserManager::_instance = 0;
56
57 //
58 // Constructor
59 //
60 UserManager::UserManager(CIMRepository* repository)
61 {
|
62 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::UserManager");
|
63 mike 1.2
64 try
65 {
66 _userFileHandler = 0;
|
67 kumpf 1.7
68 #ifndef PEGASUS_NO_PASSWORDFILE
|
69 mike 1.2 _userFileHandler = new UserFileHandler();
|
70 kumpf 1.7 #endif
|
71 mike 1.2 _authHandler = 0;
|
72 kumpf 1.5 _authHandler = new AuthorizationHandler(repository);
|
73 mike 1.2 }
74 catch (Exception& e)
75 {
76 if (_userFileHandler)
77 {
78 delete _userFileHandler;
79 }
80 if (_authHandler)
81 {
82 delete _authHandler;
83 }
84
|
85 kumpf 1.5 PEG_METHOD_EXIT();
|
86 mike 1.2 throw e;
87 }
88
|
89 kumpf 1.5 PEG_METHOD_EXIT();
|
90 mike 1.2 }
91
92 //
93 // Destructor
94 //
95 UserManager::~UserManager()
96 {
|
97 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::~UserManager");
|
98 mike 1.2
|
99 kumpf 1.4 if (_userFileHandler)
100 {
101 delete _userFileHandler;
102 }
103 if (_authHandler)
104 {
105 delete _authHandler;
106 }
|
107 mike 1.2
|
108 kumpf 1.5 PEG_METHOD_EXIT();
|
109 mike 1.2 }
110
111 //
112 // Construct the singleton instance of the UserManager and return a
113 // pointer to that instance.
114 //
115 UserManager* UserManager::getInstance(CIMRepository* repository)
116 {
|
117 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::getInstance");
|
118 mike 1.2
|
119 kumpf 1.5 if (!_instance && !repository)
120 {
121 PEG_METHOD_EXIT();
122 throw CannotCreateUserManagerInstance();
123 }
|
124 mike 1.2
|
125 kumpf 1.4 if (!_instance)
|
126 mike 1.2 {
127 _instance = new UserManager(repository);
128 }
129
|
130 kumpf 1.5 PEG_METHOD_EXIT();
|
131 mike 1.2
132 return _instance;
133 }
134
135 //
136 // Add a user
137 //
138 void UserManager::addUser(const String& userName, const String& password)
139 {
|
140 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::addUser");
|
141 mike 1.2
|
142 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
143 mike 1.2 //
144 // Check if the user is a valid system user
145 //
|
146 kumpf 1.9 if ( !System::isSystemUser( userName.getCString() ) )
|
147 mike 1.2 {
|
148 kumpf 1.5 PEG_METHOD_EXIT();
|
149 mike 1.2 throw InvalidSystemUser(userName);
150 }
151
152 //
153 // Add the user to the password file
154 //
155 try
156 {
157 _userFileHandler->addUserEntry(userName,password);
158 }
159 catch (Exception& e)
160 {
|
161 kumpf 1.5 PEG_METHOD_EXIT();
|
162 mike 1.2 throw e;
163 }
|
164 kumpf 1.7 #endif
|
165 mike 1.2
|
166 kumpf 1.5 PEG_METHOD_EXIT();
|
167 mike 1.2 }
168
169 //
170 // Modify user's password
171 //
172 void UserManager::modifyUser(
173 const String& userName,
174 const String& password,
175 const String& newPassword )
176 {
|
177 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::modifyUser");
|
178 mike 1.2
|
179 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
180 mike 1.2 try
181 {
182 _userFileHandler->modifyUserEntry(userName, password, newPassword);
183 }
184 catch (Exception& e)
185 {
|
186 kumpf 1.5 PEG_METHOD_EXIT();
|
187 mike 1.2 throw e;
188 }
|
189 kumpf 1.7 #endif
190
|
191 kumpf 1.5 PEG_METHOD_EXIT();
|
192 mike 1.2 }
193
194 //
195 // Remove a user
196 //
197 void UserManager::removeUser(const String& userName)
198 {
|
199 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::removeUser");
|
200 kumpf 1.7
201 #ifndef PEGASUS_NO_PASSWORDFILE
|
202 mike 1.2 try
203 {
204 _userFileHandler->removeUserEntry(userName);
205 }
206 catch (Exception& e)
207 {
|
208 kumpf 1.5 PEG_METHOD_EXIT();
|
209 mike 1.2 throw e;
210 }
|
211 kumpf 1.7 #endif
|
212 mike 1.2
|
213 kumpf 1.5 PEG_METHOD_EXIT();
|
214 mike 1.2 }
215
216
217 //
218 // Get a list of all the user names.
219 //
220 void UserManager::getAllUserNames(Array<String>& userNames)
221 {
|
222 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::getAllUserNames");
|
223 mike 1.2
|
224 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
225 mike 1.2 try
226 {
227 _userFileHandler->getAllUserNames( userNames );
|
228 kumpf 1.5 PEG_METHOD_EXIT();
|
229 mike 1.2 }
230 catch (Exception& e)
231 {
232 throw e;
233 }
|
234 kumpf 1.7 #endif
|
235 mike 1.2
|
236 kumpf 1.5 PEG_METHOD_EXIT();
|
237 mike 1.2 }
238
239 //
240 // Verify whether the specified CIM user is valid
241 //
242 Boolean UserManager::verifyCIMUser (const String& userName)
243 {
|
244 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::verifyCIMUser");
|
245 mike 1.2
|
246 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
247 mike 1.2 try
248 {
249 if ( _userFileHandler->verifyCIMUser( userName ))
250 {
|
251 kumpf 1.5 PEG_METHOD_EXIT();
|
252 mike 1.2 return true;
253 }
254 else
255 {
|
256 kumpf 1.5 PEG_METHOD_EXIT();
|
257 mike 1.2 return false;
258 }
259 }
|
260 kumpf 1.4 catch (InvalidUser& iu)
261 {
|
262 kumpf 1.5 PEG_METHOD_EXIT();
|
263 kumpf 1.4 throw iu;
264 }
|
265 mike 1.2 catch (Exception& e)
266 {
|
267 kumpf 1.5 PEG_METHOD_EXIT();
|
268 mike 1.2 throw e;
269 }
|
270 kumpf 1.7 #else
271 PEG_METHOD_EXIT();
272 return false;
273 #endif
|
274 mike 1.2 }
275
276 //
277 // Verify whether the specified user's password is valid
278 //
279 Boolean UserManager::verifyCIMUserPassword (
280 const String& userName,
281 const String& password)
282 {
|
283 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::verifyCIMUserPassword");
|
284 mike 1.2
|
285 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
286 mike 1.2 try
287 {
288 if ( _userFileHandler->verifyCIMUserPassword( userName, password ))
289 {
|
290 kumpf 1.5 PEG_METHOD_EXIT();
|
291 mike 1.2 return true;
292 }
293 else
294 {
|
295 kumpf 1.5 PEG_METHOD_EXIT();
|
296 mike 1.2 return false;
297 }
|
298 kumpf 1.4 }
299 catch (InvalidUser& iu)
300 {
|
301 kumpf 1.5 PEG_METHOD_EXIT();
|
302 kumpf 1.4 throw iu;
|
303 mike 1.2 }
304 catch (Exception& e)
305 {
|
306 kumpf 1.5 PEG_METHOD_EXIT();
|
307 mike 1.2 throw e;
308 }
|
309 kumpf 1.7 #else
310 PEG_METHOD_EXIT();
311 return false;
312 #endif
|
313 mike 1.2 }
314
315 //
316 // Verify whether the specified namespace is valid
317 //
|
318 kumpf 1.10 Boolean UserManager::verifyNamespace( const CIMNamespaceName& myNamespace )
|
319 mike 1.2 {
|
320 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::verifyNamespace");
|
321 mike 1.2
322 try
323 {
324 if ( _authHandler->verifyNamespace( myNamespace ))
325 {
|
326 kumpf 1.5 PEG_METHOD_EXIT();
|
327 mike 1.2 return true;
328 }
329 else
330 {
|
331 kumpf 1.5 PEG_METHOD_EXIT();
|
332 mike 1.2 return false;
333 }
334 }
335 catch (Exception& e)
336 {
|
337 kumpf 1.5 PEG_METHOD_EXIT();
|
338 mike 1.2 throw e;
339 }
340 }
341
342 //
343 // Verify whether the specified operation has authorization
344 // to be performed by the specified user.
345 //
346 Boolean UserManager::verifyAuthorization(
347 const String& userName,
|
348 kumpf 1.10 const CIMNamespaceName& nameSpace,
349 const CIMName& cimMethodName)
|
350 mike 1.2 {
|
351 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::verifyAuthorization");
|
352 mike 1.2
353 try
354 {
355 if ( _authHandler->verifyAuthorization(
356 userName, nameSpace, cimMethodName ) )
357 {
|
358 kumpf 1.5 PEG_METHOD_EXIT();
|
359 mike 1.2 return true;
360 }
361 else
362 {
|
363 kumpf 1.5 PEG_METHOD_EXIT();
|
364 mike 1.2 return false;
365 }
366 }
367 catch (Exception& e)
368 {
|
369 kumpf 1.5 PEG_METHOD_EXIT();
|
370 mike 1.2 throw e;
371 }
372 }
373
374 //
375 // Set the authorizations
376 //
377 void UserManager::setAuthorization(
378 const String& userName,
|
379 kumpf 1.10 const CIMNamespaceName& myNamespace,
|
380 mike 1.2 const String& auth)
381 {
|
382 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::setAuthorization");
|
383 kumpf 1.3
|
384 mike 1.2 try
385 {
386 _authHandler->setAuthorization( userName, myNamespace, auth );
387 }
388 catch (Exception& e)
389 {
|
390 kumpf 1.5 PEG_METHOD_EXIT();
|
391 mike 1.2 throw e;
392 }
|
393 kumpf 1.3
|
394 kumpf 1.5 PEG_METHOD_EXIT();
|
395 mike 1.2 }
396
397 //
398 // Remove the authorizations for the specified user and namespace
399 //
400 void UserManager::removeAuthorization(
401 const String& userName,
|
402 kumpf 1.10 const CIMNamespaceName& myNamespace)
|
403 mike 1.2 {
|
404 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::removeAuthorization");
|
405 kumpf 1.3
|
406 mike 1.2 try
407 {
408 _authHandler->removeAuthorization( userName, myNamespace);
409 }
410 catch (Exception& e)
411 {
|
412 kumpf 1.5 PEG_METHOD_EXIT();
|
413 mike 1.2 throw e;
414 }
|
415 kumpf 1.3
|
416 kumpf 1.5 PEG_METHOD_EXIT();
|
417 mike 1.2 }
418
419
420 //
421 // Get the authorizations for the specified user and namespace
422 //
423 String UserManager::getAuthorization(
424 const String& userName,
|
425 kumpf 1.10 const CIMNamespaceName& myNamespace)
|
426 mike 1.2 {
|
427 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::getAuthorization");
|
428 kumpf 1.3
|
429 mike 1.2 String auth = String::EMPTY;
430
431 try
432 {
433 auth = _authHandler->getAuthorization( userName, myNamespace);
434 }
435 catch (Exception& e)
436 {
|
437 kumpf 1.5 PEG_METHOD_EXIT();
|
438 mike 1.2 throw e;
439 }
|
440 kumpf 1.3
|
441 kumpf 1.5 PEG_METHOD_EXIT();
|
442 mike 1.2
443 return auth;
444 }
445
446 PEGASUS_NAMESPACE_END
447
448
|