1 karl 1.13 //%2004////////////////////////////////////////////////////////////////////////
|
2 mike 1.2 //
|
3 karl 1.13 // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
4 // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
5 // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
|
6 karl 1.11 // IBM Corp.; EMC Corporation, The Open Group.
|
7 karl 1.13 // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
8 // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
|
9 mike 1.2 //
10 // Permission is hereby granted, free of charge, to any person obtaining a copy
|
11 kumpf 1.8 // of this software and associated documentation files (the "Software"), to
12 // deal in the Software without restriction, including without limitation the
13 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
|
14 mike 1.2 // sell copies of the Software, and to permit persons to whom the Software is
15 // furnished to do so, subject to the following conditions:
16 //
|
17 kumpf 1.8 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
|
18 mike 1.2 // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
19 // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
|
20 kumpf 1.8 // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
21 // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
22 // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
|
23 mike 1.2 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
24 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
25 //
|
26 kumpf 1.8 //==============================================================================
|
27 mike 1.2 //
28 // Author: Sushma Fernandes, Hewlett Packard Company (sushma_fernandes@hp.com)
29 //
30 // Modified By: Nag Boranna, Hewlett Packard Company (nagaraja_boranna@hp.com)
|
31 kumpf 1.10 // Carol Ann Krug Graves, Hewlett-Packard Company
32 // (carolann_graves@hp.com)
|
33 a.arora 1.12 // Amit K Arora, IBM (amita@in.ibm.com) for PEP#101
|
34 mike 1.2 //
35 //%////////////////////////////////////////////////////////////////////////////
36
37
38 ///////////////////////////////////////////////////////////////////////////////
39 //
40 // User Manager
41 //
42 ///////////////////////////////////////////////////////////////////////////////
43
44 #include <Pegasus/Common/System.h>
45 #include <Pegasus/Common/Tracer.h>
|
46 kumpf 1.6 #include <Pegasus/Common/PegasusVersion.h>
47
|
48 mike 1.2 #include <Pegasus/Security/UserManager/UserManager.h>
49 #include <Pegasus/Security/UserManager/UserExceptions.h>
50
51
52 PEGASUS_USING_STD;
53
54 PEGASUS_NAMESPACE_BEGIN
55
56 /**
57 Initialize UserManager instance
58 */
59 UserManager* UserManager::_instance = 0;
60
61 //
62 // Constructor
63 //
64 UserManager::UserManager(CIMRepository* repository)
65 {
|
66 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::UserManager");
|
67 a.arora 1.12
|
68 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
69 a.arora 1.12 _userFileHandler.reset(new UserFileHandler());
|
70 kumpf 1.7 #endif
|
71 a.arora 1.12 _authHandler.reset(new AuthorizationHandler(repository));
72
|
73 kumpf 1.5 PEG_METHOD_EXIT();
|
74 mike 1.2 }
75
76 //
77 // Destructor
78 //
79 UserManager::~UserManager()
80 {
|
81 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::~UserManager");
|
82 mike 1.2
|
83 kumpf 1.5 PEG_METHOD_EXIT();
|
84 mike 1.2 }
85
86 //
87 // Construct the singleton instance of the UserManager and return a
88 // pointer to that instance.
89 //
90 UserManager* UserManager::getInstance(CIMRepository* repository)
91 {
|
92 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::getInstance");
|
93 mike 1.2
|
94 kumpf 1.5 if (!_instance && !repository)
95 {
96 PEG_METHOD_EXIT();
97 throw CannotCreateUserManagerInstance();
98 }
|
99 mike 1.2
|
100 kumpf 1.4 if (!_instance)
|
101 mike 1.2 {
102 _instance = new UserManager(repository);
103 }
104
|
105 kumpf 1.5 PEG_METHOD_EXIT();
|
106 mike 1.2
107 return _instance;
108 }
109
110 //
111 // Add a user
112 //
113 void UserManager::addUser(const String& userName, const String& password)
114 {
|
115 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::addUser");
|
116 mike 1.2
|
117 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
118 mike 1.2 //
119 // Check if the user is a valid system user
120 //
|
121 kumpf 1.9 if ( !System::isSystemUser( userName.getCString() ) )
|
122 mike 1.2 {
|
123 kumpf 1.5 PEG_METHOD_EXIT();
|
124 mike 1.2 throw InvalidSystemUser(userName);
125 }
126
127 //
128 // Add the user to the password file
129 //
130 try
131 {
132 _userFileHandler->addUserEntry(userName,password);
133 }
134 catch (Exception& e)
135 {
|
136 kumpf 1.5 PEG_METHOD_EXIT();
|
137 mike 1.2 throw e;
138 }
|
139 kumpf 1.7 #endif
|
140 mike 1.2
|
141 kumpf 1.5 PEG_METHOD_EXIT();
|
142 mike 1.2 }
143
144 //
145 // Modify user's password
146 //
147 void UserManager::modifyUser(
148 const String& userName,
149 const String& password,
150 const String& newPassword )
151 {
|
152 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::modifyUser");
|
153 mike 1.2
|
154 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
155 mike 1.2 try
156 {
157 _userFileHandler->modifyUserEntry(userName, password, newPassword);
158 }
159 catch (Exception& e)
160 {
|
161 kumpf 1.5 PEG_METHOD_EXIT();
|
162 mike 1.2 throw e;
163 }
|
164 kumpf 1.7 #endif
165
|
166 kumpf 1.5 PEG_METHOD_EXIT();
|
167 mike 1.2 }
168
169 //
170 // Remove a user
171 //
172 void UserManager::removeUser(const String& userName)
173 {
|
174 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::removeUser");
|
175 kumpf 1.7
176 #ifndef PEGASUS_NO_PASSWORDFILE
|
177 mike 1.2 try
178 {
179 _userFileHandler->removeUserEntry(userName);
180 }
181 catch (Exception& e)
182 {
|
183 kumpf 1.5 PEG_METHOD_EXIT();
|
184 mike 1.2 throw e;
185 }
|
186 kumpf 1.7 #endif
|
187 mike 1.2
|
188 kumpf 1.5 PEG_METHOD_EXIT();
|
189 mike 1.2 }
190
191
192 //
193 // Get a list of all the user names.
194 //
195 void UserManager::getAllUserNames(Array<String>& userNames)
196 {
|
197 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::getAllUserNames");
|
198 mike 1.2
|
199 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
200 mike 1.2 try
201 {
202 _userFileHandler->getAllUserNames( userNames );
|
203 kumpf 1.5 PEG_METHOD_EXIT();
|
204 mike 1.2 }
205 catch (Exception& e)
206 {
207 throw e;
208 }
|
209 kumpf 1.7 #endif
|
210 mike 1.2
|
211 kumpf 1.5 PEG_METHOD_EXIT();
|
212 mike 1.2 }
213
214 //
215 // Verify whether the specified CIM user is valid
216 //
217 Boolean UserManager::verifyCIMUser (const String& userName)
218 {
|
219 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::verifyCIMUser");
|
220 mike 1.2
|
221 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
222 mike 1.2 try
223 {
224 if ( _userFileHandler->verifyCIMUser( userName ))
225 {
|
226 kumpf 1.5 PEG_METHOD_EXIT();
|
227 mike 1.2 return true;
228 }
229 else
230 {
|
231 kumpf 1.5 PEG_METHOD_EXIT();
|
232 mike 1.2 return false;
233 }
234 }
|
235 kumpf 1.4 catch (InvalidUser& iu)
236 {
|
237 kumpf 1.5 PEG_METHOD_EXIT();
|
238 kumpf 1.4 throw iu;
239 }
|
240 mike 1.2 catch (Exception& e)
241 {
|
242 kumpf 1.5 PEG_METHOD_EXIT();
|
243 mike 1.2 throw e;
244 }
|
245 kumpf 1.7 #else
246 PEG_METHOD_EXIT();
247 return false;
248 #endif
|
249 mike 1.2 }
250
251 //
252 // Verify whether the specified user's password is valid
253 //
254 Boolean UserManager::verifyCIMUserPassword (
255 const String& userName,
256 const String& password)
257 {
|
258 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::verifyCIMUserPassword");
|
259 mike 1.2
|
260 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
261 mike 1.2 try
262 {
263 if ( _userFileHandler->verifyCIMUserPassword( userName, password ))
264 {
|
265 kumpf 1.5 PEG_METHOD_EXIT();
|
266 mike 1.2 return true;
267 }
268 else
269 {
|
270 kumpf 1.5 PEG_METHOD_EXIT();
|
271 mike 1.2 return false;
272 }
|
273 kumpf 1.4 }
274 catch (InvalidUser& iu)
275 {
|
276 kumpf 1.5 PEG_METHOD_EXIT();
|
277 kumpf 1.4 throw iu;
|
278 mike 1.2 }
279 catch (Exception& e)
280 {
|
281 kumpf 1.5 PEG_METHOD_EXIT();
|
282 mike 1.2 throw e;
283 }
|
284 kumpf 1.7 #else
285 PEG_METHOD_EXIT();
286 return false;
287 #endif
|
288 mike 1.2 }
289
290 //
291 // Verify whether the specified namespace is valid
292 //
|
293 kumpf 1.10 Boolean UserManager::verifyNamespace( const CIMNamespaceName& myNamespace )
|
294 mike 1.2 {
|
295 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::verifyNamespace");
|
296 mike 1.2
297 try
298 {
299 if ( _authHandler->verifyNamespace( myNamespace ))
300 {
|
301 kumpf 1.5 PEG_METHOD_EXIT();
|
302 mike 1.2 return true;
303 }
304 else
305 {
|
306 kumpf 1.5 PEG_METHOD_EXIT();
|
307 mike 1.2 return false;
308 }
309 }
310 catch (Exception& e)
311 {
|
312 kumpf 1.5 PEG_METHOD_EXIT();
|
313 mike 1.2 throw e;
314 }
315 }
316
317 //
318 // Verify whether the specified operation has authorization
319 // to be performed by the specified user.
320 //
321 Boolean UserManager::verifyAuthorization(
322 const String& userName,
|
323 kumpf 1.10 const CIMNamespaceName& nameSpace,
324 const CIMName& cimMethodName)
|
325 mike 1.2 {
|
326 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::verifyAuthorization");
|
327 mike 1.2
328 try
329 {
330 if ( _authHandler->verifyAuthorization(
331 userName, nameSpace, cimMethodName ) )
332 {
|
333 kumpf 1.5 PEG_METHOD_EXIT();
|
334 mike 1.2 return true;
335 }
336 else
337 {
|
338 kumpf 1.5 PEG_METHOD_EXIT();
|
339 mike 1.2 return false;
340 }
341 }
342 catch (Exception& e)
343 {
|
344 kumpf 1.5 PEG_METHOD_EXIT();
|
345 mike 1.2 throw e;
346 }
347 }
348
349 //
350 // Set the authorizations
351 //
352 void UserManager::setAuthorization(
353 const String& userName,
|
354 kumpf 1.10 const CIMNamespaceName& myNamespace,
|
355 mike 1.2 const String& auth)
356 {
|
357 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::setAuthorization");
|
358 kumpf 1.3
|
359 mike 1.2 try
360 {
361 _authHandler->setAuthorization( userName, myNamespace, auth );
362 }
363 catch (Exception& e)
364 {
|
365 kumpf 1.5 PEG_METHOD_EXIT();
|
366 mike 1.2 throw e;
367 }
|
368 kumpf 1.3
|
369 kumpf 1.5 PEG_METHOD_EXIT();
|
370 mike 1.2 }
371
372 //
373 // Remove the authorizations for the specified user and namespace
374 //
375 void UserManager::removeAuthorization(
376 const String& userName,
|
377 kumpf 1.10 const CIMNamespaceName& myNamespace)
|
378 mike 1.2 {
|
379 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::removeAuthorization");
|
380 kumpf 1.3
|
381 mike 1.2 try
382 {
383 _authHandler->removeAuthorization( userName, myNamespace);
384 }
385 catch (Exception& e)
386 {
|
387 kumpf 1.5 PEG_METHOD_EXIT();
|
388 mike 1.2 throw e;
389 }
|
390 kumpf 1.3
|
391 kumpf 1.5 PEG_METHOD_EXIT();
|
392 mike 1.2 }
393
394
395 //
396 // Get the authorizations for the specified user and namespace
397 //
398 String UserManager::getAuthorization(
399 const String& userName,
|
400 kumpf 1.10 const CIMNamespaceName& myNamespace)
|
401 mike 1.2 {
|
402 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::getAuthorization");
|
403 kumpf 1.3
|
404 mike 1.2 String auth = String::EMPTY;
405
406 try
407 {
408 auth = _authHandler->getAuthorization( userName, myNamespace);
409 }
410 catch (Exception& e)
411 {
|
412 kumpf 1.5 PEG_METHOD_EXIT();
|
413 mike 1.2 throw e;
414 }
|
415 kumpf 1.3
|
416 kumpf 1.5 PEG_METHOD_EXIT();
|
417 mike 1.2
418 return auth;
419 }
420
421 PEGASUS_NAMESPACE_END
422
423
|