1 karl 1.19 //%2006////////////////////////////////////////////////////////////////////////
|
2 mike 1.2 //
|
3 karl 1.13 // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
4 // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
5 // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
|
6 karl 1.11 // IBM Corp.; EMC Corporation, The Open Group.
|
7 karl 1.13 // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
8 // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
|
9 karl 1.14 // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.;
10 // EMC Corporation; VERITAS Software Corporation; The Open Group.
|
11 karl 1.19 // Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.;
12 // EMC Corporation; Symantec Corporation; The Open Group.
|
13 mike 1.2 //
14 // Permission is hereby granted, free of charge, to any person obtaining a copy
|
15 kumpf 1.8 // of this software and associated documentation files (the "Software"), to
16 // deal in the Software without restriction, including without limitation the
17 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
|
18 mike 1.2 // sell copies of the Software, and to permit persons to whom the Software is
19 // furnished to do so, subject to the following conditions:
20 //
|
21 kumpf 1.8 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
|
22 mike 1.2 // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
23 // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
|
24 kumpf 1.8 // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
25 // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
26 // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
|
27 mike 1.2 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
29 //
|
30 kumpf 1.8 //==============================================================================
|
31 mike 1.2 //
32 // Author: Sushma Fernandes, Hewlett Packard Company (sushma_fernandes@hp.com)
33 //
34 // Modified By: Nag Boranna, Hewlett Packard Company (nagaraja_boranna@hp.com)
|
35 kumpf 1.10 // Carol Ann Krug Graves, Hewlett-Packard Company
36 // (carolann_graves@hp.com)
|
37 a.arora 1.12 // Amit K Arora, IBM (amita@in.ibm.com) for PEP#101
|
38 aruran.ms 1.18 // Aruran, IBM (ashanmug@in.ibm.com) for Bug#4421
|
39 mike 1.2 //
40 //%////////////////////////////////////////////////////////////////////////////
41
42
43 ///////////////////////////////////////////////////////////////////////////////
44 //
45 // User Manager
46 //
47 ///////////////////////////////////////////////////////////////////////////////
48
49 #include <Pegasus/Common/System.h>
50 #include <Pegasus/Common/Tracer.h>
|
51 kumpf 1.6 #include <Pegasus/Common/PegasusVersion.h>
52
|
53 mike 1.2 #include <Pegasus/Security/UserManager/UserManager.h>
54 #include <Pegasus/Security/UserManager/UserExceptions.h>
55
56
57 PEGASUS_USING_STD;
58
59 PEGASUS_NAMESPACE_BEGIN
60
61 /**
62 Initialize UserManager instance
63 */
64 UserManager* UserManager::_instance = 0;
|
65 aruran.ms 1.18 Mutex UserManager::_userManagerMutex;
|
66 mike 1.2
67 //
68 // Constructor
69 //
70 UserManager::UserManager(CIMRepository* repository)
71 {
|
72 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::UserManager");
|
73 a.arora 1.12
|
74 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
75 a.arora 1.12 _userFileHandler.reset(new UserFileHandler());
|
76 kumpf 1.7 #endif
|
77 a.arora 1.12 _authHandler.reset(new AuthorizationHandler(repository));
78
|
79 kumpf 1.5 PEG_METHOD_EXIT();
|
80 mike 1.2 }
81
82 //
83 // Destructor
84 //
85 UserManager::~UserManager()
86 {
|
87 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::~UserManager");
|
88 mike 1.2
|
89 kumpf 1.5 PEG_METHOD_EXIT();
|
90 mike 1.2 }
91
92 //
|
93 konrad.r 1.16 // Terminates the usermanager;
94 //
95 void
|
96 konrad.r 1.17 UserManager::destroy(void)
|
97 konrad.r 1.16 {
|
98 kumpf 1.20 delete _instance;
99 _instance = 0;
|
100 konrad.r 1.16 }
101 //
|
102 mike 1.2 // Construct the singleton instance of the UserManager and return a
103 // pointer to that instance.
104 //
105 UserManager* UserManager::getInstance(CIMRepository* repository)
106 {
|
107 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::getInstance");
|
108 mike 1.2
|
109 kumpf 1.5 if (!_instance && !repository)
110 {
111 PEG_METHOD_EXIT();
112 throw CannotCreateUserManagerInstance();
113 }
|
114 mike 1.2
|
115 kumpf 1.4 if (!_instance)
|
116 mike 1.2 {
|
117 aruran.ms 1.18 AutoMutex lock(_userManagerMutex);
118 if (!_instance)
119 {
120 _instance = new UserManager(repository);
121 }
|
122 mike 1.2 }
123
|
124 kumpf 1.5 PEG_METHOD_EXIT();
|
125 mike 1.2
126 return _instance;
127 }
128
129 //
130 // Add a user
131 //
132 void UserManager::addUser(const String& userName, const String& password)
133 {
|
134 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::addUser");
|
135 mike 1.2
|
136 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
137 mike 1.2 //
138 // Check if the user is a valid system user
139 //
|
140 kumpf 1.9 if ( !System::isSystemUser( userName.getCString() ) )
|
141 mike 1.2 {
|
142 kumpf 1.5 PEG_METHOD_EXIT();
|
143 mike 1.2 throw InvalidSystemUser(userName);
144 }
145
146 //
147 // Add the user to the password file
148 //
149 try
150 {
151 _userFileHandler->addUserEntry(userName,password);
152 }
|
153 david.dillard 1.15 catch (const Exception&)
|
154 mike 1.2 {
|
155 kumpf 1.5 PEG_METHOD_EXIT();
|
156 david.dillard 1.15 throw;
|
157 mike 1.2 }
|
158 kumpf 1.7 #endif
|
159 mike 1.2
|
160 kumpf 1.5 PEG_METHOD_EXIT();
|
161 mike 1.2 }
162
163 //
164 // Modify user's password
165 //
166 void UserManager::modifyUser(
167 const String& userName,
168 const String& password,
169 const String& newPassword )
170 {
|
171 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::modifyUser");
|
172 mike 1.2
|
173 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
174 mike 1.2 try
175 {
176 _userFileHandler->modifyUserEntry(userName, password, newPassword);
177 }
|
178 david.dillard 1.15 catch (const Exception&)
|
179 mike 1.2 {
|
180 kumpf 1.5 PEG_METHOD_EXIT();
|
181 david.dillard 1.15 throw;
|
182 mike 1.2 }
|
183 kumpf 1.7 #endif
184
|
185 kumpf 1.5 PEG_METHOD_EXIT();
|
186 mike 1.2 }
187
188 //
189 // Remove a user
190 //
191 void UserManager::removeUser(const String& userName)
192 {
|
193 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::removeUser");
|
194 kumpf 1.7
195 #ifndef PEGASUS_NO_PASSWORDFILE
|
196 mike 1.2 try
197 {
198 _userFileHandler->removeUserEntry(userName);
199 }
|
200 david.dillard 1.15 catch (const Exception&)
|
201 mike 1.2 {
|
202 kumpf 1.5 PEG_METHOD_EXIT();
|
203 david.dillard 1.15 throw;
|
204 mike 1.2 }
|
205 kumpf 1.7 #endif
|
206 mike 1.2
|
207 kumpf 1.5 PEG_METHOD_EXIT();
|
208 mike 1.2 }
209
210
211 //
212 // Get a list of all the user names.
213 //
214 void UserManager::getAllUserNames(Array<String>& userNames)
215 {
|
216 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::getAllUserNames");
|
217 mike 1.2
|
218 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
219 mike 1.2 try
220 {
221 _userFileHandler->getAllUserNames( userNames );
|
222 kumpf 1.5 PEG_METHOD_EXIT();
|
223 mike 1.2 }
|
224 david.dillard 1.15 catch (const Exception&)
|
225 mike 1.2 {
|
226 david.dillard 1.15 throw;
|
227 mike 1.2 }
|
228 kumpf 1.7 #endif
|
229 mike 1.2
|
230 kumpf 1.5 PEG_METHOD_EXIT();
|
231 mike 1.2 }
232
233 //
234 // Verify whether the specified CIM user is valid
235 //
236 Boolean UserManager::verifyCIMUser (const String& userName)
237 {
|
238 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::verifyCIMUser");
|
239 mike 1.2
|
240 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
241 mike 1.2 try
242 {
243 if ( _userFileHandler->verifyCIMUser( userName ))
244 {
|
245 kumpf 1.5 PEG_METHOD_EXIT();
|
246 mike 1.2 return true;
247 }
248 else
249 {
|
250 kumpf 1.5 PEG_METHOD_EXIT();
|
251 mike 1.2 return false;
252 }
253 }
|
254 david.dillard 1.15 catch (const InvalidUser&)
|
255 kumpf 1.4 {
|
256 kumpf 1.5 PEG_METHOD_EXIT();
|
257 david.dillard 1.15 throw;
|
258 kumpf 1.4 }
|
259 david.dillard 1.15 catch (const Exception&)
|
260 mike 1.2 {
|
261 kumpf 1.5 PEG_METHOD_EXIT();
|
262 david.dillard 1.15 throw;
|
263 mike 1.2 }
|
264 kumpf 1.7 #else
265 PEG_METHOD_EXIT();
266 return false;
267 #endif
|
268 mike 1.2 }
269
270 //
271 // Verify whether the specified user's password is valid
272 //
273 Boolean UserManager::verifyCIMUserPassword (
274 const String& userName,
275 const String& password)
276 {
|
277 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::verifyCIMUserPassword");
|
278 mike 1.2
|
279 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
280 mike 1.2 try
281 {
282 if ( _userFileHandler->verifyCIMUserPassword( userName, password ))
283 {
|
284 kumpf 1.5 PEG_METHOD_EXIT();
|
285 mike 1.2 return true;
286 }
287 else
288 {
|
289 kumpf 1.5 PEG_METHOD_EXIT();
|
290 mike 1.2 return false;
291 }
|
292 kumpf 1.4 }
|
293 david.dillard 1.15 catch (const InvalidUser&)
|
294 kumpf 1.4 {
|
295 kumpf 1.5 PEG_METHOD_EXIT();
|
296 david.dillard 1.15 throw;
|
297 mike 1.2 }
|
298 david.dillard 1.15 catch (const Exception&)
|
299 mike 1.2 {
|
300 kumpf 1.5 PEG_METHOD_EXIT();
|
301 david.dillard 1.15 throw;
|
302 mike 1.2 }
|
303 kumpf 1.7 #else
304 PEG_METHOD_EXIT();
305 return false;
306 #endif
|
307 mike 1.2 }
308
309 //
310 // Verify whether the specified namespace is valid
311 //
|
312 kumpf 1.10 Boolean UserManager::verifyNamespace( const CIMNamespaceName& myNamespace )
|
313 mike 1.2 {
|
314 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::verifyNamespace");
|
315 mike 1.2
316 try
317 {
318 if ( _authHandler->verifyNamespace( myNamespace ))
319 {
|
320 kumpf 1.5 PEG_METHOD_EXIT();
|
321 mike 1.2 return true;
322 }
323 else
324 {
|
325 kumpf 1.5 PEG_METHOD_EXIT();
|
326 mike 1.2 return false;
327 }
328 }
|
329 david.dillard 1.15 catch (const Exception&)
|
330 mike 1.2 {
|
331 kumpf 1.5 PEG_METHOD_EXIT();
|
332 david.dillard 1.15 throw;
|
333 mike 1.2 }
334 }
335
336 //
337 // Verify whether the specified operation has authorization
338 // to be performed by the specified user.
339 //
340 Boolean UserManager::verifyAuthorization(
341 const String& userName,
|
342 kumpf 1.10 const CIMNamespaceName& nameSpace,
343 const CIMName& cimMethodName)
|
344 mike 1.2 {
|
345 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::verifyAuthorization");
|
346 mike 1.2
347 try
348 {
349 if ( _authHandler->verifyAuthorization(
350 userName, nameSpace, cimMethodName ) )
351 {
|
352 kumpf 1.5 PEG_METHOD_EXIT();
|
353 mike 1.2 return true;
354 }
355 else
356 {
|
357 kumpf 1.5 PEG_METHOD_EXIT();
|
358 mike 1.2 return false;
359 }
360 }
|
361 david.dillard 1.15 catch (const Exception&)
|
362 mike 1.2 {
|
363 kumpf 1.5 PEG_METHOD_EXIT();
|
364 david.dillard 1.15 throw;
|
365 mike 1.2 }
366 }
367
368 //
369 // Set the authorizations
370 //
371 void UserManager::setAuthorization(
372 const String& userName,
|
373 kumpf 1.10 const CIMNamespaceName& myNamespace,
|
374 mike 1.2 const String& auth)
375 {
|
376 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::setAuthorization");
|
377 kumpf 1.3
|
378 mike 1.2 try
379 {
380 _authHandler->setAuthorization( userName, myNamespace, auth );
381 }
|
382 david.dillard 1.15 catch (const Exception&)
|
383 mike 1.2 {
|
384 kumpf 1.5 PEG_METHOD_EXIT();
|
385 david.dillard 1.15 throw;
|
386 mike 1.2 }
|
387 kumpf 1.3
|
388 kumpf 1.5 PEG_METHOD_EXIT();
|
389 mike 1.2 }
390
391 //
392 // Remove the authorizations for the specified user and namespace
393 //
394 void UserManager::removeAuthorization(
395 const String& userName,
|
396 kumpf 1.10 const CIMNamespaceName& myNamespace)
|
397 mike 1.2 {
|
398 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::removeAuthorization");
|
399 kumpf 1.3
|
400 mike 1.2 try
401 {
402 _authHandler->removeAuthorization( userName, myNamespace);
403 }
|
404 david.dillard 1.15 catch (const Exception&)
|
405 mike 1.2 {
|
406 kumpf 1.5 PEG_METHOD_EXIT();
|
407 david.dillard 1.15 throw;
|
408 mike 1.2 }
|
409 kumpf 1.3
|
410 kumpf 1.5 PEG_METHOD_EXIT();
|
411 mike 1.2 }
412
413
414 //
415 // Get the authorizations for the specified user and namespace
416 //
417 String UserManager::getAuthorization(
418 const String& userName,
|
419 kumpf 1.10 const CIMNamespaceName& myNamespace)
|
420 mike 1.2 {
|
421 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::getAuthorization");
|
422 kumpf 1.3
|
423 mike 1.2 String auth = String::EMPTY;
424
425 try
426 {
427 auth = _authHandler->getAuthorization( userName, myNamespace);
428 }
|
429 david.dillard 1.15 catch (const Exception&)
|
430 mike 1.2 {
|
431 kumpf 1.5 PEG_METHOD_EXIT();
|
432 david.dillard 1.15 throw;
|
433 mike 1.2 }
|
434 kumpf 1.3
|
435 kumpf 1.5 PEG_METHOD_EXIT();
|
436 mike 1.2
437 return auth;
438 }
439
440 PEGASUS_NAMESPACE_END
441
442
|