1 karl 1.11 //%2003////////////////////////////////////////////////////////////////////////
|
2 mike 1.2 //
|
3 karl 1.11 // Copyright (c) 2000, 2001, 2002 BMC Software, Hewlett-Packard Development
4 // Company, L. P., IBM Corp., The Open Group, Tivoli Systems.
5 // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L. P.;
6 // IBM Corp.; EMC Corporation, The Open Group.
|
7 mike 1.2 //
8 // Permission is hereby granted, free of charge, to any person obtaining a copy
|
9 kumpf 1.8 // of this software and associated documentation files (the "Software"), to
10 // deal in the Software without restriction, including without limitation the
11 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
|
12 mike 1.2 // sell copies of the Software, and to permit persons to whom the Software is
13 // furnished to do so, subject to the following conditions:
14 //
|
15 kumpf 1.8 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
|
16 mike 1.2 // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
17 // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
|
18 kumpf 1.8 // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
19 // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
20 // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
|
21 mike 1.2 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
23 //
|
24 kumpf 1.8 //==============================================================================
|
25 mike 1.2 //
26 // Author: Sushma Fernandes, Hewlett Packard Company (sushma_fernandes@hp.com)
27 //
28 // Modified By: Nag Boranna, Hewlett Packard Company (nagaraja_boranna@hp.com)
|
29 kumpf 1.10 // Carol Ann Krug Graves, Hewlett-Packard Company
30 // (carolann_graves@hp.com)
|
31 mike 1.2 //
32 //%////////////////////////////////////////////////////////////////////////////
33
34
35 ///////////////////////////////////////////////////////////////////////////////
36 //
37 // User Manager
38 //
39 ///////////////////////////////////////////////////////////////////////////////
40
41 #include <Pegasus/Common/Destroyer.h>
42 #include <Pegasus/Common/System.h>
43 #include <Pegasus/Common/Tracer.h>
|
44 kumpf 1.6 #include <Pegasus/Common/PegasusVersion.h>
45
|
46 mike 1.2 #include <Pegasus/Security/UserManager/UserManager.h>
47 #include <Pegasus/Security/UserManager/UserExceptions.h>
48
49
50 PEGASUS_USING_STD;
51
52 PEGASUS_NAMESPACE_BEGIN
53
54 /**
55 Initialize UserManager instance
56 */
57 UserManager* UserManager::_instance = 0;
58
59 //
60 // Constructor
61 //
62 UserManager::UserManager(CIMRepository* repository)
63 {
|
64 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::UserManager");
|
65 mike 1.2
66 try
67 {
68 _userFileHandler = 0;
|
69 kumpf 1.7
70 #ifndef PEGASUS_NO_PASSWORDFILE
|
71 mike 1.2 _userFileHandler = new UserFileHandler();
|
72 kumpf 1.7 #endif
|
73 mike 1.2 _authHandler = 0;
|
74 kumpf 1.5 _authHandler = new AuthorizationHandler(repository);
|
75 mike 1.2 }
76 catch (Exception& e)
77 {
78 if (_userFileHandler)
79 {
80 delete _userFileHandler;
81 }
82 if (_authHandler)
83 {
84 delete _authHandler;
85 }
86
|
87 kumpf 1.5 PEG_METHOD_EXIT();
|
88 mike 1.2 throw e;
89 }
90
|
91 kumpf 1.5 PEG_METHOD_EXIT();
|
92 mike 1.2 }
93
94 //
95 // Destructor
96 //
97 UserManager::~UserManager()
98 {
|
99 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::~UserManager");
|
100 mike 1.2
|
101 kumpf 1.4 if (_userFileHandler)
102 {
103 delete _userFileHandler;
104 }
105 if (_authHandler)
106 {
107 delete _authHandler;
108 }
|
109 mike 1.2
|
110 kumpf 1.5 PEG_METHOD_EXIT();
|
111 mike 1.2 }
112
113 //
114 // Construct the singleton instance of the UserManager and return a
115 // pointer to that instance.
116 //
117 UserManager* UserManager::getInstance(CIMRepository* repository)
118 {
|
119 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::getInstance");
|
120 mike 1.2
|
121 kumpf 1.5 if (!_instance && !repository)
122 {
123 PEG_METHOD_EXIT();
124 throw CannotCreateUserManagerInstance();
125 }
|
126 mike 1.2
|
127 kumpf 1.4 if (!_instance)
|
128 mike 1.2 {
129 _instance = new UserManager(repository);
130 }
131
|
132 kumpf 1.5 PEG_METHOD_EXIT();
|
133 mike 1.2
134 return _instance;
135 }
136
137 //
138 // Add a user
139 //
140 void UserManager::addUser(const String& userName, const String& password)
141 {
|
142 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::addUser");
|
143 mike 1.2
|
144 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
145 mike 1.2 //
146 // Check if the user is a valid system user
147 //
|
148 kumpf 1.9 if ( !System::isSystemUser( userName.getCString() ) )
|
149 mike 1.2 {
|
150 kumpf 1.5 PEG_METHOD_EXIT();
|
151 mike 1.2 throw InvalidSystemUser(userName);
152 }
153
154 //
155 // Add the user to the password file
156 //
157 try
158 {
159 _userFileHandler->addUserEntry(userName,password);
160 }
161 catch (Exception& e)
162 {
|
163 kumpf 1.5 PEG_METHOD_EXIT();
|
164 mike 1.2 throw e;
165 }
|
166 kumpf 1.7 #endif
|
167 mike 1.2
|
168 kumpf 1.5 PEG_METHOD_EXIT();
|
169 mike 1.2 }
170
171 //
172 // Modify user's password
173 //
174 void UserManager::modifyUser(
175 const String& userName,
176 const String& password,
177 const String& newPassword )
178 {
|
179 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::modifyUser");
|
180 mike 1.2
|
181 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
182 mike 1.2 try
183 {
184 _userFileHandler->modifyUserEntry(userName, password, newPassword);
185 }
186 catch (Exception& e)
187 {
|
188 kumpf 1.5 PEG_METHOD_EXIT();
|
189 mike 1.2 throw e;
190 }
|
191 kumpf 1.7 #endif
192
|
193 kumpf 1.5 PEG_METHOD_EXIT();
|
194 mike 1.2 }
195
196 //
197 // Remove a user
198 //
199 void UserManager::removeUser(const String& userName)
200 {
|
201 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::removeUser");
|
202 kumpf 1.7
203 #ifndef PEGASUS_NO_PASSWORDFILE
|
204 mike 1.2 try
205 {
206 _userFileHandler->removeUserEntry(userName);
207 }
208 catch (Exception& e)
209 {
|
210 kumpf 1.5 PEG_METHOD_EXIT();
|
211 mike 1.2 throw e;
212 }
|
213 kumpf 1.7 #endif
|
214 mike 1.2
|
215 kumpf 1.5 PEG_METHOD_EXIT();
|
216 mike 1.2 }
217
218
219 //
220 // Get a list of all the user names.
221 //
222 void UserManager::getAllUserNames(Array<String>& userNames)
223 {
|
224 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::getAllUserNames");
|
225 mike 1.2
|
226 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
227 mike 1.2 try
228 {
229 _userFileHandler->getAllUserNames( userNames );
|
230 kumpf 1.5 PEG_METHOD_EXIT();
|
231 mike 1.2 }
232 catch (Exception& e)
233 {
234 throw e;
235 }
|
236 kumpf 1.7 #endif
|
237 mike 1.2
|
238 kumpf 1.5 PEG_METHOD_EXIT();
|
239 mike 1.2 }
240
241 //
242 // Verify whether the specified CIM user is valid
243 //
244 Boolean UserManager::verifyCIMUser (const String& userName)
245 {
|
246 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::verifyCIMUser");
|
247 mike 1.2
|
248 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
249 mike 1.2 try
250 {
251 if ( _userFileHandler->verifyCIMUser( userName ))
252 {
|
253 kumpf 1.5 PEG_METHOD_EXIT();
|
254 mike 1.2 return true;
255 }
256 else
257 {
|
258 kumpf 1.5 PEG_METHOD_EXIT();
|
259 mike 1.2 return false;
260 }
261 }
|
262 kumpf 1.4 catch (InvalidUser& iu)
263 {
|
264 kumpf 1.5 PEG_METHOD_EXIT();
|
265 kumpf 1.4 throw iu;
266 }
|
267 mike 1.2 catch (Exception& e)
268 {
|
269 kumpf 1.5 PEG_METHOD_EXIT();
|
270 mike 1.2 throw e;
271 }
|
272 kumpf 1.7 #else
273 PEG_METHOD_EXIT();
274 return false;
275 #endif
|
276 mike 1.2 }
277
278 //
279 // Verify whether the specified user's password is valid
280 //
281 Boolean UserManager::verifyCIMUserPassword (
282 const String& userName,
283 const String& password)
284 {
|
285 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::verifyCIMUserPassword");
|
286 mike 1.2
|
287 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
288 mike 1.2 try
289 {
290 if ( _userFileHandler->verifyCIMUserPassword( userName, password ))
291 {
|
292 kumpf 1.5 PEG_METHOD_EXIT();
|
293 mike 1.2 return true;
294 }
295 else
296 {
|
297 kumpf 1.5 PEG_METHOD_EXIT();
|
298 mike 1.2 return false;
299 }
|
300 kumpf 1.4 }
301 catch (InvalidUser& iu)
302 {
|
303 kumpf 1.5 PEG_METHOD_EXIT();
|
304 kumpf 1.4 throw iu;
|
305 mike 1.2 }
306 catch (Exception& e)
307 {
|
308 kumpf 1.5 PEG_METHOD_EXIT();
|
309 mike 1.2 throw e;
310 }
|
311 kumpf 1.7 #else
312 PEG_METHOD_EXIT();
313 return false;
314 #endif
|
315 mike 1.2 }
316
317 //
318 // Verify whether the specified namespace is valid
319 //
|
320 kumpf 1.10 Boolean UserManager::verifyNamespace( const CIMNamespaceName& myNamespace )
|
321 mike 1.2 {
|
322 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::verifyNamespace");
|
323 mike 1.2
324 try
325 {
326 if ( _authHandler->verifyNamespace( myNamespace ))
327 {
|
328 kumpf 1.5 PEG_METHOD_EXIT();
|
329 mike 1.2 return true;
330 }
331 else
332 {
|
333 kumpf 1.5 PEG_METHOD_EXIT();
|
334 mike 1.2 return false;
335 }
336 }
337 catch (Exception& e)
338 {
|
339 kumpf 1.5 PEG_METHOD_EXIT();
|
340 mike 1.2 throw e;
341 }
342 }
343
344 //
345 // Verify whether the specified operation has authorization
346 // to be performed by the specified user.
347 //
348 Boolean UserManager::verifyAuthorization(
349 const String& userName,
|
350 kumpf 1.10 const CIMNamespaceName& nameSpace,
351 const CIMName& cimMethodName)
|
352 mike 1.2 {
|
353 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::verifyAuthorization");
|
354 mike 1.2
355 try
356 {
357 if ( _authHandler->verifyAuthorization(
358 userName, nameSpace, cimMethodName ) )
359 {
|
360 kumpf 1.5 PEG_METHOD_EXIT();
|
361 mike 1.2 return true;
362 }
363 else
364 {
|
365 kumpf 1.5 PEG_METHOD_EXIT();
|
366 mike 1.2 return false;
367 }
368 }
369 catch (Exception& e)
370 {
|
371 kumpf 1.5 PEG_METHOD_EXIT();
|
372 mike 1.2 throw e;
373 }
374 }
375
376 //
377 // Set the authorizations
378 //
379 void UserManager::setAuthorization(
380 const String& userName,
|
381 kumpf 1.10 const CIMNamespaceName& myNamespace,
|
382 mike 1.2 const String& auth)
383 {
|
384 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::setAuthorization");
|
385 kumpf 1.3
|
386 mike 1.2 try
387 {
388 _authHandler->setAuthorization( userName, myNamespace, auth );
389 }
390 catch (Exception& e)
391 {
|
392 kumpf 1.5 PEG_METHOD_EXIT();
|
393 mike 1.2 throw e;
394 }
|
395 kumpf 1.3
|
396 kumpf 1.5 PEG_METHOD_EXIT();
|
397 mike 1.2 }
398
399 //
400 // Remove the authorizations for the specified user and namespace
401 //
402 void UserManager::removeAuthorization(
403 const String& userName,
|
404 kumpf 1.10 const CIMNamespaceName& myNamespace)
|
405 mike 1.2 {
|
406 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::removeAuthorization");
|
407 kumpf 1.3
|
408 mike 1.2 try
409 {
410 _authHandler->removeAuthorization( userName, myNamespace);
411 }
412 catch (Exception& e)
413 {
|
414 kumpf 1.5 PEG_METHOD_EXIT();
|
415 mike 1.2 throw e;
416 }
|
417 kumpf 1.3
|
418 kumpf 1.5 PEG_METHOD_EXIT();
|
419 mike 1.2 }
420
421
422 //
423 // Get the authorizations for the specified user and namespace
424 //
425 String UserManager::getAuthorization(
426 const String& userName,
|
427 kumpf 1.10 const CIMNamespaceName& myNamespace)
|
428 mike 1.2 {
|
429 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::getAuthorization");
|
430 kumpf 1.3
|
431 mike 1.2 String auth = String::EMPTY;
432
433 try
434 {
435 auth = _authHandler->getAuthorization( userName, myNamespace);
436 }
437 catch (Exception& e)
438 {
|
439 kumpf 1.5 PEG_METHOD_EXIT();
|
440 mike 1.2 throw e;
441 }
|
442 kumpf 1.3
|
443 kumpf 1.5 PEG_METHOD_EXIT();
|
444 mike 1.2
445 return auth;
446 }
447
448 PEGASUS_NAMESPACE_END
449
450
|