1 karl 1.14 //%2005////////////////////////////////////////////////////////////////////////
|
2 mike 1.2 //
|
3 karl 1.13 // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
4 // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
5 // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
|
6 karl 1.11 // IBM Corp.; EMC Corporation, The Open Group.
|
7 karl 1.13 // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
8 // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
|
9 karl 1.14 // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.;
10 // EMC Corporation; VERITAS Software Corporation; The Open Group.
|
11 mike 1.2 //
12 // Permission is hereby granted, free of charge, to any person obtaining a copy
|
13 kumpf 1.8 // of this software and associated documentation files (the "Software"), to
14 // deal in the Software without restriction, including without limitation the
15 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
|
16 mike 1.2 // sell copies of the Software, and to permit persons to whom the Software is
17 // furnished to do so, subject to the following conditions:
18 //
|
19 kumpf 1.8 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
|
20 mike 1.2 // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
21 // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
|
22 kumpf 1.8 // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
23 // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
24 // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
|
25 mike 1.2 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
27 //
|
28 kumpf 1.8 //==============================================================================
|
29 mike 1.2 //
30 // Author: Sushma Fernandes, Hewlett Packard Company (sushma_fernandes@hp.com)
31 //
32 // Modified By: Nag Boranna, Hewlett Packard Company (nagaraja_boranna@hp.com)
|
33 kumpf 1.10 // Carol Ann Krug Graves, Hewlett-Packard Company
34 // (carolann_graves@hp.com)
|
35 a.arora 1.12 // Amit K Arora, IBM (amita@in.ibm.com) for PEP#101
|
36 mike 1.2 //
37 //%////////////////////////////////////////////////////////////////////////////
38
39
40 ///////////////////////////////////////////////////////////////////////////////
41 //
42 // User Manager
43 //
44 ///////////////////////////////////////////////////////////////////////////////
45
46 #include <Pegasus/Common/System.h>
47 #include <Pegasus/Common/Tracer.h>
|
48 kumpf 1.6 #include <Pegasus/Common/PegasusVersion.h>
49
|
50 mike 1.2 #include <Pegasus/Security/UserManager/UserManager.h>
51 #include <Pegasus/Security/UserManager/UserExceptions.h>
52
53
54 PEGASUS_USING_STD;
55
56 PEGASUS_NAMESPACE_BEGIN
57
58 /**
59 Initialize UserManager instance
60 */
61 UserManager* UserManager::_instance = 0;
62
63 //
64 // Constructor
65 //
66 UserManager::UserManager(CIMRepository* repository)
67 {
|
68 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::UserManager");
|
69 a.arora 1.12
|
70 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
71 a.arora 1.12 _userFileHandler.reset(new UserFileHandler());
|
72 kumpf 1.7 #endif
|
73 a.arora 1.12 _authHandler.reset(new AuthorizationHandler(repository));
74
|
75 kumpf 1.5 PEG_METHOD_EXIT();
|
76 mike 1.2 }
77
78 //
79 // Destructor
80 //
81 UserManager::~UserManager()
82 {
|
83 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::~UserManager");
|
84 mike 1.2
|
85 kumpf 1.5 PEG_METHOD_EXIT();
|
86 mike 1.2 }
87
88 //
|
89 konrad.r 1.16 // Terminates the usermanager;
90 //
91 void
|
92 konrad.r 1.17 UserManager::destroy(void)
|
93 konrad.r 1.16 {
94 if (_instance)
95 {
96 delete _instance;
97 _instance = 0;
98 }
99 }
100 //
|
101 mike 1.2 // Construct the singleton instance of the UserManager and return a
102 // pointer to that instance.
103 //
104 UserManager* UserManager::getInstance(CIMRepository* repository)
105 {
|
106 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::getInstance");
|
107 mike 1.2
|
108 kumpf 1.5 if (!_instance && !repository)
109 {
110 PEG_METHOD_EXIT();
111 throw CannotCreateUserManagerInstance();
112 }
|
113 mike 1.2
|
114 kumpf 1.4 if (!_instance)
|
115 mike 1.2 {
116 _instance = new UserManager(repository);
117 }
118
|
119 kumpf 1.5 PEG_METHOD_EXIT();
|
120 mike 1.2
121 return _instance;
122 }
123
124 //
125 // Add a user
126 //
127 void UserManager::addUser(const String& userName, const String& password)
128 {
|
129 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::addUser");
|
130 mike 1.2
|
131 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
132 mike 1.2 //
133 // Check if the user is a valid system user
134 //
|
135 kumpf 1.9 if ( !System::isSystemUser( userName.getCString() ) )
|
136 mike 1.2 {
|
137 kumpf 1.5 PEG_METHOD_EXIT();
|
138 mike 1.2 throw InvalidSystemUser(userName);
139 }
140
141 //
142 // Add the user to the password file
143 //
144 try
145 {
146 _userFileHandler->addUserEntry(userName,password);
147 }
|
148 david.dillard 1.15 catch (const Exception&)
|
149 mike 1.2 {
|
150 kumpf 1.5 PEG_METHOD_EXIT();
|
151 david.dillard 1.15 throw;
|
152 mike 1.2 }
|
153 kumpf 1.7 #endif
|
154 mike 1.2
|
155 kumpf 1.5 PEG_METHOD_EXIT();
|
156 mike 1.2 }
157
158 //
159 // Modify user's password
160 //
161 void UserManager::modifyUser(
162 const String& userName,
163 const String& password,
164 const String& newPassword )
165 {
|
166 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::modifyUser");
|
167 mike 1.2
|
168 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
169 mike 1.2 try
170 {
171 _userFileHandler->modifyUserEntry(userName, password, newPassword);
172 }
|
173 david.dillard 1.15 catch (const Exception&)
|
174 mike 1.2 {
|
175 kumpf 1.5 PEG_METHOD_EXIT();
|
176 david.dillard 1.15 throw;
|
177 mike 1.2 }
|
178 kumpf 1.7 #endif
179
|
180 kumpf 1.5 PEG_METHOD_EXIT();
|
181 mike 1.2 }
182
183 //
184 // Remove a user
185 //
186 void UserManager::removeUser(const String& userName)
187 {
|
188 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::removeUser");
|
189 kumpf 1.7
190 #ifndef PEGASUS_NO_PASSWORDFILE
|
191 mike 1.2 try
192 {
193 _userFileHandler->removeUserEntry(userName);
194 }
|
195 david.dillard 1.15 catch (const Exception&)
|
196 mike 1.2 {
|
197 kumpf 1.5 PEG_METHOD_EXIT();
|
198 david.dillard 1.15 throw;
|
199 mike 1.2 }
|
200 kumpf 1.7 #endif
|
201 mike 1.2
|
202 kumpf 1.5 PEG_METHOD_EXIT();
|
203 mike 1.2 }
204
205
206 //
207 // Get a list of all the user names.
208 //
209 void UserManager::getAllUserNames(Array<String>& userNames)
210 {
|
211 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::getAllUserNames");
|
212 mike 1.2
|
213 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
214 mike 1.2 try
215 {
216 _userFileHandler->getAllUserNames( userNames );
|
217 kumpf 1.5 PEG_METHOD_EXIT();
|
218 mike 1.2 }
|
219 david.dillard 1.15 catch (const Exception&)
|
220 mike 1.2 {
|
221 david.dillard 1.15 throw;
|
222 mike 1.2 }
|
223 kumpf 1.7 #endif
|
224 mike 1.2
|
225 kumpf 1.5 PEG_METHOD_EXIT();
|
226 mike 1.2 }
227
228 //
229 // Verify whether the specified CIM user is valid
230 //
231 Boolean UserManager::verifyCIMUser (const String& userName)
232 {
|
233 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::verifyCIMUser");
|
234 mike 1.2
|
235 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
236 mike 1.2 try
237 {
238 if ( _userFileHandler->verifyCIMUser( userName ))
239 {
|
240 kumpf 1.5 PEG_METHOD_EXIT();
|
241 mike 1.2 return true;
242 }
243 else
244 {
|
245 kumpf 1.5 PEG_METHOD_EXIT();
|
246 mike 1.2 return false;
247 }
248 }
|
249 david.dillard 1.15 catch (const InvalidUser&)
|
250 kumpf 1.4 {
|
251 kumpf 1.5 PEG_METHOD_EXIT();
|
252 david.dillard 1.15 throw;
|
253 kumpf 1.4 }
|
254 david.dillard 1.15 catch (const Exception&)
|
255 mike 1.2 {
|
256 kumpf 1.5 PEG_METHOD_EXIT();
|
257 david.dillard 1.15 throw;
|
258 mike 1.2 }
|
259 kumpf 1.7 #else
260 PEG_METHOD_EXIT();
261 return false;
262 #endif
|
263 mike 1.2 }
264
265 //
266 // Verify whether the specified user's password is valid
267 //
268 Boolean UserManager::verifyCIMUserPassword (
269 const String& userName,
270 const String& password)
271 {
|
272 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::verifyCIMUserPassword");
|
273 mike 1.2
|
274 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
275 mike 1.2 try
276 {
277 if ( _userFileHandler->verifyCIMUserPassword( userName, password ))
278 {
|
279 kumpf 1.5 PEG_METHOD_EXIT();
|
280 mike 1.2 return true;
281 }
282 else
283 {
|
284 kumpf 1.5 PEG_METHOD_EXIT();
|
285 mike 1.2 return false;
286 }
|
287 kumpf 1.4 }
|
288 david.dillard 1.15 catch (const InvalidUser&)
|
289 kumpf 1.4 {
|
290 kumpf 1.5 PEG_METHOD_EXIT();
|
291 david.dillard 1.15 throw;
|
292 mike 1.2 }
|
293 david.dillard 1.15 catch (const Exception&)
|
294 mike 1.2 {
|
295 kumpf 1.5 PEG_METHOD_EXIT();
|
296 david.dillard 1.15 throw;
|
297 mike 1.2 }
|
298 kumpf 1.7 #else
299 PEG_METHOD_EXIT();
300 return false;
301 #endif
|
302 mike 1.2 }
303
304 //
305 // Verify whether the specified namespace is valid
306 //
|
307 kumpf 1.10 Boolean UserManager::verifyNamespace( const CIMNamespaceName& myNamespace )
|
308 mike 1.2 {
|
309 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::verifyNamespace");
|
310 mike 1.2
311 try
312 {
313 if ( _authHandler->verifyNamespace( myNamespace ))
314 {
|
315 kumpf 1.5 PEG_METHOD_EXIT();
|
316 mike 1.2 return true;
317 }
318 else
319 {
|
320 kumpf 1.5 PEG_METHOD_EXIT();
|
321 mike 1.2 return false;
322 }
323 }
|
324 david.dillard 1.15 catch (const Exception&)
|
325 mike 1.2 {
|
326 kumpf 1.5 PEG_METHOD_EXIT();
|
327 david.dillard 1.15 throw;
|
328 mike 1.2 }
329 }
330
331 //
332 // Verify whether the specified operation has authorization
333 // to be performed by the specified user.
334 //
335 Boolean UserManager::verifyAuthorization(
336 const String& userName,
|
337 kumpf 1.10 const CIMNamespaceName& nameSpace,
338 const CIMName& cimMethodName)
|
339 mike 1.2 {
|
340 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::verifyAuthorization");
|
341 mike 1.2
342 try
343 {
344 if ( _authHandler->verifyAuthorization(
345 userName, nameSpace, cimMethodName ) )
346 {
|
347 kumpf 1.5 PEG_METHOD_EXIT();
|
348 mike 1.2 return true;
349 }
350 else
351 {
|
352 kumpf 1.5 PEG_METHOD_EXIT();
|
353 mike 1.2 return false;
354 }
355 }
|
356 david.dillard 1.15 catch (const Exception&)
|
357 mike 1.2 {
|
358 kumpf 1.5 PEG_METHOD_EXIT();
|
359 david.dillard 1.15 throw;
|
360 mike 1.2 }
361 }
362
363 //
364 // Set the authorizations
365 //
366 void UserManager::setAuthorization(
367 const String& userName,
|
368 kumpf 1.10 const CIMNamespaceName& myNamespace,
|
369 mike 1.2 const String& auth)
370 {
|
371 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::setAuthorization");
|
372 kumpf 1.3
|
373 mike 1.2 try
374 {
375 _authHandler->setAuthorization( userName, myNamespace, auth );
376 }
|
377 david.dillard 1.15 catch (const Exception&)
|
378 mike 1.2 {
|
379 kumpf 1.5 PEG_METHOD_EXIT();
|
380 david.dillard 1.15 throw;
|
381 mike 1.2 }
|
382 kumpf 1.3
|
383 kumpf 1.5 PEG_METHOD_EXIT();
|
384 mike 1.2 }
385
386 //
387 // Remove the authorizations for the specified user and namespace
388 //
389 void UserManager::removeAuthorization(
390 const String& userName,
|
391 kumpf 1.10 const CIMNamespaceName& myNamespace)
|
392 mike 1.2 {
|
393 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::removeAuthorization");
|
394 kumpf 1.3
|
395 mike 1.2 try
396 {
397 _authHandler->removeAuthorization( userName, myNamespace);
398 }
|
399 david.dillard 1.15 catch (const Exception&)
|
400 mike 1.2 {
|
401 kumpf 1.5 PEG_METHOD_EXIT();
|
402 david.dillard 1.15 throw;
|
403 mike 1.2 }
|
404 kumpf 1.3
|
405 kumpf 1.5 PEG_METHOD_EXIT();
|
406 mike 1.2 }
407
408
409 //
410 // Get the authorizations for the specified user and namespace
411 //
412 String UserManager::getAuthorization(
413 const String& userName,
|
414 kumpf 1.10 const CIMNamespaceName& myNamespace)
|
415 mike 1.2 {
|
416 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::getAuthorization");
|
417 kumpf 1.3
|
418 mike 1.2 String auth = String::EMPTY;
419
420 try
421 {
422 auth = _authHandler->getAuthorization( userName, myNamespace);
423 }
|
424 david.dillard 1.15 catch (const Exception&)
|
425 mike 1.2 {
|
426 kumpf 1.5 PEG_METHOD_EXIT();
|
427 david.dillard 1.15 throw;
|
428 mike 1.2 }
|
429 kumpf 1.3
|
430 kumpf 1.5 PEG_METHOD_EXIT();
|
431 mike 1.2
432 return auth;
433 }
434
435 PEGASUS_NAMESPACE_END
436
437
|