1 karl 1.14 //%2005////////////////////////////////////////////////////////////////////////
|
2 mike 1.2 //
|
3 karl 1.13 // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
4 // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
5 // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
|
6 karl 1.11 // IBM Corp.; EMC Corporation, The Open Group.
|
7 karl 1.13 // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
8 // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
|
9 karl 1.14 // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.;
10 // EMC Corporation; VERITAS Software Corporation; The Open Group.
|
11 mike 1.2 //
12 // Permission is hereby granted, free of charge, to any person obtaining a copy
|
13 kumpf 1.8 // of this software and associated documentation files (the "Software"), to
14 // deal in the Software without restriction, including without limitation the
15 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
|
16 mike 1.2 // sell copies of the Software, and to permit persons to whom the Software is
17 // furnished to do so, subject to the following conditions:
18 //
|
19 kumpf 1.8 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
|
20 mike 1.2 // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
21 // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
|
22 kumpf 1.8 // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
23 // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
24 // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
|
25 mike 1.2 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
27 //
|
28 kumpf 1.8 //==============================================================================
|
29 mike 1.2 //
30 // Author: Sushma Fernandes, Hewlett Packard Company (sushma_fernandes@hp.com)
31 //
32 // Modified By: Nag Boranna, Hewlett Packard Company (nagaraja_boranna@hp.com)
|
33 kumpf 1.10 // Carol Ann Krug Graves, Hewlett-Packard Company
34 // (carolann_graves@hp.com)
|
35 a.arora 1.12 // Amit K Arora, IBM (amita@in.ibm.com) for PEP#101
|
36 mike 1.2 //
37 //%////////////////////////////////////////////////////////////////////////////
38
39
40 ///////////////////////////////////////////////////////////////////////////////
41 //
42 // User Manager
43 //
44 ///////////////////////////////////////////////////////////////////////////////
45
46 #include <Pegasus/Common/System.h>
47 #include <Pegasus/Common/Tracer.h>
|
48 kumpf 1.6 #include <Pegasus/Common/PegasusVersion.h>
49
|
50 mike 1.2 #include <Pegasus/Security/UserManager/UserManager.h>
51 #include <Pegasus/Security/UserManager/UserExceptions.h>
52
53
54 PEGASUS_USING_STD;
55
56 PEGASUS_NAMESPACE_BEGIN
57
58 /**
59 Initialize UserManager instance
60 */
61 UserManager* UserManager::_instance = 0;
62
63 //
64 // Constructor
65 //
66 UserManager::UserManager(CIMRepository* repository)
67 {
|
68 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::UserManager");
|
69 a.arora 1.12
|
70 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
71 a.arora 1.12 _userFileHandler.reset(new UserFileHandler());
|
72 kumpf 1.7 #endif
|
73 a.arora 1.12 _authHandler.reset(new AuthorizationHandler(repository));
74
|
75 kumpf 1.5 PEG_METHOD_EXIT();
|
76 mike 1.2 }
77
78 //
79 // Destructor
80 //
81 UserManager::~UserManager()
82 {
|
83 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::~UserManager");
|
84 mike 1.2
|
85 kumpf 1.5 PEG_METHOD_EXIT();
|
86 mike 1.2 }
87
88 //
89 // Construct the singleton instance of the UserManager and return a
90 // pointer to that instance.
91 //
92 UserManager* UserManager::getInstance(CIMRepository* repository)
93 {
|
94 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::getInstance");
|
95 mike 1.2
|
96 kumpf 1.5 if (!_instance && !repository)
97 {
98 PEG_METHOD_EXIT();
99 throw CannotCreateUserManagerInstance();
100 }
|
101 mike 1.2
|
102 kumpf 1.4 if (!_instance)
|
103 mike 1.2 {
104 _instance = new UserManager(repository);
105 }
106
|
107 kumpf 1.5 PEG_METHOD_EXIT();
|
108 mike 1.2
109 return _instance;
110 }
111
112 //
113 // Add a user
114 //
115 void UserManager::addUser(const String& userName, const String& password)
116 {
|
117 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::addUser");
|
118 mike 1.2
|
119 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
120 mike 1.2 //
121 // Check if the user is a valid system user
122 //
|
123 kumpf 1.9 if ( !System::isSystemUser( userName.getCString() ) )
|
124 mike 1.2 {
|
125 kumpf 1.5 PEG_METHOD_EXIT();
|
126 mike 1.2 throw InvalidSystemUser(userName);
127 }
128
129 //
130 // Add the user to the password file
131 //
132 try
133 {
134 _userFileHandler->addUserEntry(userName,password);
135 }
|
136 david.dillard 1.15 catch (const Exception&)
|
137 mike 1.2 {
|
138 kumpf 1.5 PEG_METHOD_EXIT();
|
139 david.dillard 1.15 throw;
|
140 mike 1.2 }
|
141 kumpf 1.7 #endif
|
142 mike 1.2
|
143 kumpf 1.5 PEG_METHOD_EXIT();
|
144 mike 1.2 }
145
146 //
147 // Modify user's password
148 //
149 void UserManager::modifyUser(
150 const String& userName,
151 const String& password,
152 const String& newPassword )
153 {
|
154 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::modifyUser");
|
155 mike 1.2
|
156 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
157 mike 1.2 try
158 {
159 _userFileHandler->modifyUserEntry(userName, password, newPassword);
160 }
|
161 david.dillard 1.15 catch (const Exception&)
|
162 mike 1.2 {
|
163 kumpf 1.5 PEG_METHOD_EXIT();
|
164 david.dillard 1.15 throw;
|
165 mike 1.2 }
|
166 kumpf 1.7 #endif
167
|
168 kumpf 1.5 PEG_METHOD_EXIT();
|
169 mike 1.2 }
170
171 //
172 // Remove a user
173 //
174 void UserManager::removeUser(const String& userName)
175 {
|
176 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::removeUser");
|
177 kumpf 1.7
178 #ifndef PEGASUS_NO_PASSWORDFILE
|
179 mike 1.2 try
180 {
181 _userFileHandler->removeUserEntry(userName);
182 }
|
183 david.dillard 1.15 catch (const Exception&)
|
184 mike 1.2 {
|
185 kumpf 1.5 PEG_METHOD_EXIT();
|
186 david.dillard 1.15 throw;
|
187 mike 1.2 }
|
188 kumpf 1.7 #endif
|
189 mike 1.2
|
190 kumpf 1.5 PEG_METHOD_EXIT();
|
191 mike 1.2 }
192
193
194 //
195 // Get a list of all the user names.
196 //
197 void UserManager::getAllUserNames(Array<String>& userNames)
198 {
|
199 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::getAllUserNames");
|
200 mike 1.2
|
201 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
202 mike 1.2 try
203 {
204 _userFileHandler->getAllUserNames( userNames );
|
205 kumpf 1.5 PEG_METHOD_EXIT();
|
206 mike 1.2 }
|
207 david.dillard 1.15 catch (const Exception&)
|
208 mike 1.2 {
|
209 david.dillard 1.15 throw;
|
210 mike 1.2 }
|
211 kumpf 1.7 #endif
|
212 mike 1.2
|
213 kumpf 1.5 PEG_METHOD_EXIT();
|
214 mike 1.2 }
215
216 //
217 // Verify whether the specified CIM user is valid
218 //
219 Boolean UserManager::verifyCIMUser (const String& userName)
220 {
|
221 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::verifyCIMUser");
|
222 mike 1.2
|
223 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
224 mike 1.2 try
225 {
226 if ( _userFileHandler->verifyCIMUser( userName ))
227 {
|
228 kumpf 1.5 PEG_METHOD_EXIT();
|
229 mike 1.2 return true;
230 }
231 else
232 {
|
233 kumpf 1.5 PEG_METHOD_EXIT();
|
234 mike 1.2 return false;
235 }
236 }
|
237 david.dillard 1.15 catch (const InvalidUser&)
|
238 kumpf 1.4 {
|
239 kumpf 1.5 PEG_METHOD_EXIT();
|
240 david.dillard 1.15 throw;
|
241 kumpf 1.4 }
|
242 david.dillard 1.15 catch (const Exception&)
|
243 mike 1.2 {
|
244 kumpf 1.5 PEG_METHOD_EXIT();
|
245 david.dillard 1.15 throw;
|
246 mike 1.2 }
|
247 kumpf 1.7 #else
248 PEG_METHOD_EXIT();
249 return false;
250 #endif
|
251 mike 1.2 }
252
253 //
254 // Verify whether the specified user's password is valid
255 //
256 Boolean UserManager::verifyCIMUserPassword (
257 const String& userName,
258 const String& password)
259 {
|
260 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::verifyCIMUserPassword");
|
261 mike 1.2
|
262 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
263 mike 1.2 try
264 {
265 if ( _userFileHandler->verifyCIMUserPassword( userName, password ))
266 {
|
267 kumpf 1.5 PEG_METHOD_EXIT();
|
268 mike 1.2 return true;
269 }
270 else
271 {
|
272 kumpf 1.5 PEG_METHOD_EXIT();
|
273 mike 1.2 return false;
274 }
|
275 kumpf 1.4 }
|
276 david.dillard 1.15 catch (const InvalidUser&)
|
277 kumpf 1.4 {
|
278 kumpf 1.5 PEG_METHOD_EXIT();
|
279 david.dillard 1.15 throw;
|
280 mike 1.2 }
|
281 david.dillard 1.15 catch (const Exception&)
|
282 mike 1.2 {
|
283 kumpf 1.5 PEG_METHOD_EXIT();
|
284 david.dillard 1.15 throw;
|
285 mike 1.2 }
|
286 kumpf 1.7 #else
287 PEG_METHOD_EXIT();
288 return false;
289 #endif
|
290 mike 1.2 }
291
292 //
293 // Verify whether the specified namespace is valid
294 //
|
295 kumpf 1.10 Boolean UserManager::verifyNamespace( const CIMNamespaceName& myNamespace )
|
296 mike 1.2 {
|
297 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::verifyNamespace");
|
298 mike 1.2
299 try
300 {
301 if ( _authHandler->verifyNamespace( myNamespace ))
302 {
|
303 kumpf 1.5 PEG_METHOD_EXIT();
|
304 mike 1.2 return true;
305 }
306 else
307 {
|
308 kumpf 1.5 PEG_METHOD_EXIT();
|
309 mike 1.2 return false;
310 }
311 }
|
312 david.dillard 1.15 catch (const Exception&)
|
313 mike 1.2 {
|
314 kumpf 1.5 PEG_METHOD_EXIT();
|
315 david.dillard 1.15 throw;
|
316 mike 1.2 }
317 }
318
319 //
320 // Verify whether the specified operation has authorization
321 // to be performed by the specified user.
322 //
323 Boolean UserManager::verifyAuthorization(
324 const String& userName,
|
325 kumpf 1.10 const CIMNamespaceName& nameSpace,
326 const CIMName& cimMethodName)
|
327 mike 1.2 {
|
328 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::verifyAuthorization");
|
329 mike 1.2
330 try
331 {
332 if ( _authHandler->verifyAuthorization(
333 userName, nameSpace, cimMethodName ) )
334 {
|
335 kumpf 1.5 PEG_METHOD_EXIT();
|
336 mike 1.2 return true;
337 }
338 else
339 {
|
340 kumpf 1.5 PEG_METHOD_EXIT();
|
341 mike 1.2 return false;
342 }
343 }
|
344 david.dillard 1.15 catch (const Exception&)
|
345 mike 1.2 {
|
346 kumpf 1.5 PEG_METHOD_EXIT();
|
347 david.dillard 1.15 throw;
|
348 mike 1.2 }
349 }
350
351 //
352 // Set the authorizations
353 //
354 void UserManager::setAuthorization(
355 const String& userName,
|
356 kumpf 1.10 const CIMNamespaceName& myNamespace,
|
357 mike 1.2 const String& auth)
358 {
|
359 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::setAuthorization");
|
360 kumpf 1.3
|
361 mike 1.2 try
362 {
363 _authHandler->setAuthorization( userName, myNamespace, auth );
364 }
|
365 david.dillard 1.15 catch (const Exception&)
|
366 mike 1.2 {
|
367 kumpf 1.5 PEG_METHOD_EXIT();
|
368 david.dillard 1.15 throw;
|
369 mike 1.2 }
|
370 kumpf 1.3
|
371 kumpf 1.5 PEG_METHOD_EXIT();
|
372 mike 1.2 }
373
374 //
375 // Remove the authorizations for the specified user and namespace
376 //
377 void UserManager::removeAuthorization(
378 const String& userName,
|
379 kumpf 1.10 const CIMNamespaceName& myNamespace)
|
380 mike 1.2 {
|
381 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::removeAuthorization");
|
382 kumpf 1.3
|
383 mike 1.2 try
384 {
385 _authHandler->removeAuthorization( userName, myNamespace);
386 }
|
387 david.dillard 1.15 catch (const Exception&)
|
388 mike 1.2 {
|
389 kumpf 1.5 PEG_METHOD_EXIT();
|
390 david.dillard 1.15 throw;
|
391 mike 1.2 }
|
392 kumpf 1.3
|
393 kumpf 1.5 PEG_METHOD_EXIT();
|
394 mike 1.2 }
395
396
397 //
398 // Get the authorizations for the specified user and namespace
399 //
400 String UserManager::getAuthorization(
401 const String& userName,
|
402 kumpf 1.10 const CIMNamespaceName& myNamespace)
|
403 mike 1.2 {
|
404 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::getAuthorization");
|
405 kumpf 1.3
|
406 mike 1.2 String auth = String::EMPTY;
407
408 try
409 {
410 auth = _authHandler->getAuthorization( userName, myNamespace);
411 }
|
412 david.dillard 1.15 catch (const Exception&)
|
413 mike 1.2 {
|
414 kumpf 1.5 PEG_METHOD_EXIT();
|
415 david.dillard 1.15 throw;
|
416 mike 1.2 }
|
417 kumpf 1.3
|
418 kumpf 1.5 PEG_METHOD_EXIT();
|
419 mike 1.2
420 return auth;
421 }
422
423 PEGASUS_NAMESPACE_END
424
425
|