1 karl 1.19 //%2006////////////////////////////////////////////////////////////////////////
|
2 mike 1.2 //
|
3 karl 1.13 // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
4 // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
5 // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
|
6 karl 1.11 // IBM Corp.; EMC Corporation, The Open Group.
|
7 karl 1.13 // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
8 // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
|
9 karl 1.14 // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.;
10 // EMC Corporation; VERITAS Software Corporation; The Open Group.
|
11 karl 1.19 // Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.;
12 // EMC Corporation; Symantec Corporation; The Open Group.
|
13 mike 1.2 //
14 // Permission is hereby granted, free of charge, to any person obtaining a copy
|
15 kumpf 1.8 // of this software and associated documentation files (the "Software"), to
16 // deal in the Software without restriction, including without limitation the
17 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
|
18 mike 1.2 // sell copies of the Software, and to permit persons to whom the Software is
19 // furnished to do so, subject to the following conditions:
20 //
|
21 kumpf 1.8 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
|
22 mike 1.2 // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
23 // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
|
24 kumpf 1.8 // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
25 // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
26 // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
|
27 mike 1.2 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
29 //
|
30 kumpf 1.8 //==============================================================================
|
31 mike 1.2 //
32 //%////////////////////////////////////////////////////////////////////////////
33
34
35 ///////////////////////////////////////////////////////////////////////////////
|
36 kumpf 1.22 //
|
37 mike 1.2 // User Manager
38 //
39 ///////////////////////////////////////////////////////////////////////////////
40
41 #include <Pegasus/Common/System.h>
42 #include <Pegasus/Common/Tracer.h>
|
43 kumpf 1.6 #include <Pegasus/Common/PegasusVersion.h>
44
|
45 mike 1.2 #include <Pegasus/Security/UserManager/UserManager.h>
46 #include <Pegasus/Security/UserManager/UserExceptions.h>
47
48
49 PEGASUS_USING_STD;
50
51 PEGASUS_NAMESPACE_BEGIN
52
53 /**
|
54 kumpf 1.22 Initialize UserManager instance
|
55 mike 1.2 */
56 UserManager* UserManager::_instance = 0;
|
57 aruran.ms 1.18 Mutex UserManager::_userManagerMutex;
|
58 mike 1.2
59 //
60 // Constructor
61 //
62 UserManager::UserManager(CIMRepository* repository)
63 {
|
64 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::UserManager");
|
65 kumpf 1.22
|
66 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
67 a.arora 1.12 _userFileHandler.reset(new UserFileHandler());
|
68 kumpf 1.7 #endif
|
69 a.arora 1.12 _authHandler.reset(new AuthorizationHandler(repository));
|
70 kumpf 1.22
|
71 kumpf 1.5 PEG_METHOD_EXIT();
|
72 mike 1.2 }
73
74 //
75 // Destructor
76 //
77 UserManager::~UserManager()
78 {
|
79 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::~UserManager");
|
80 mike 1.2
|
81 kumpf 1.5 PEG_METHOD_EXIT();
|
82 mike 1.2 }
83
84 //
|
85 konrad.r 1.16 // Terminates the usermanager;
86 //
|
87 kumpf 1.22 void UserManager::destroy()
|
88 konrad.r 1.16 {
|
89 kumpf 1.20 delete _instance;
90 _instance = 0;
|
91 konrad.r 1.16 }
|
92 kumpf 1.22
|
93 konrad.r 1.16 //
|
94 mike 1.2 // Construct the singleton instance of the UserManager and return a
95 // pointer to that instance.
96 //
97 UserManager* UserManager::getInstance(CIMRepository* repository)
98 {
|
99 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::getInstance");
|
100 mike 1.2
|
101 kumpf 1.5 if (!_instance && !repository)
102 {
103 PEG_METHOD_EXIT();
104 throw CannotCreateUserManagerInstance();
105 }
|
106 mike 1.2
|
107 kumpf 1.4 if (!_instance)
|
108 mike 1.2 {
|
109 aruran.ms 1.18 AutoMutex lock(_userManagerMutex);
110 if (!_instance)
111 {
112 _instance = new UserManager(repository);
113 }
|
114 mike 1.2 }
115
|
116 kumpf 1.5 PEG_METHOD_EXIT();
|
117 mike 1.2
118 return _instance;
119 }
120
|
121 kumpf 1.22 //
|
122 mike 1.2 // Add a user
123 //
|
124 kumpf 1.22 void UserManager::addUser(
125 const String& userName,
126 const String& password)
|
127 mike 1.2 {
|
128 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::addUser");
|
129 mike 1.2
|
130 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
131 mike 1.2 //
132 // Check if the user is a valid system user
133 //
|
134 kumpf 1.22 if (!System::isSystemUser(userName.getCString()))
|
135 mike 1.2 {
|
136 kumpf 1.5 PEG_METHOD_EXIT();
|
137 kumpf 1.22 throw InvalidSystemUser(userName);
|
138 mike 1.2 }
139
|
140 kumpf 1.22 //
|
141 mike 1.2 // Add the user to the password file
142 //
|
143 kumpf 1.23 _userFileHandler->addUserEntry(userName, password);
|
144 kumpf 1.7 #endif
|
145 mike 1.2
|
146 kumpf 1.5 PEG_METHOD_EXIT();
|
147 mike 1.2 }
148
149 //
150 // Modify user's password
151 //
152 void UserManager::modifyUser(
|
153 kumpf 1.22 const String& userName,
154 const String& password,
155 const String& newPassword)
|
156 mike 1.2 {
|
157 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::modifyUser");
|
158 mike 1.2
|
159 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
160 kumpf 1.23 _userFileHandler->modifyUserEntry(userName, password, newPassword);
|
161 kumpf 1.7 #endif
162
|
163 kumpf 1.5 PEG_METHOD_EXIT();
|
164 mike 1.2 }
165
|
166 kumpf 1.22 //
|
167 mike 1.2 // Remove a user
168 //
169 void UserManager::removeUser(const String& userName)
170 {
|
171 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::removeUser");
|
172 kumpf 1.7
173 #ifndef PEGASUS_NO_PASSWORDFILE
|
174 kumpf 1.23 _userFileHandler->removeUserEntry(userName);
|
175 kumpf 1.7 #endif
|
176 mike 1.2
|
177 kumpf 1.5 PEG_METHOD_EXIT();
|
178 mike 1.2 }
179
180
181 //
182 // Get a list of all the user names.
183 //
184 void UserManager::getAllUserNames(Array<String>& userNames)
185 {
|
186 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::getAllUserNames");
|
187 mike 1.2
|
188 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
189 kumpf 1.23 _userFileHandler->getAllUserNames(userNames);
|
190 kumpf 1.7 #endif
|
191 mike 1.2
|
192 kumpf 1.5 PEG_METHOD_EXIT();
|
193 mike 1.2 }
194
195 //
196 // Verify whether the specified CIM user is valid
197 //
|
198 kumpf 1.22 Boolean UserManager::verifyCIMUser(const String& userName)
|
199 mike 1.2 {
|
200 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::verifyCIMUser");
|
201 mike 1.2
|
202 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
203 kumpf 1.23 if (_userFileHandler->verifyCIMUser(userName))
|
204 kumpf 1.4 {
|
205 kumpf 1.5 PEG_METHOD_EXIT();
|
206 kumpf 1.23 return true;
|
207 kumpf 1.4 }
|
208 kumpf 1.23 #endif
209
|
210 kumpf 1.7 PEG_METHOD_EXIT();
211 return false;
|
212 mike 1.2 }
213
214 //
215 // Verify whether the specified user's password is valid
216 //
|
217 kumpf 1.22 Boolean UserManager::verifyCIMUserPassword(
218 const String& userName,
219 const String& password)
|
220 mike 1.2 {
|
221 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::verifyCIMUserPassword");
|
222 mike 1.2
|
223 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
224 kumpf 1.23 if (_userFileHandler->verifyCIMUserPassword(userName, password))
|
225 kumpf 1.4 {
|
226 kumpf 1.5 PEG_METHOD_EXIT();
|
227 kumpf 1.23 return true;
|
228 mike 1.2 }
|
229 kumpf 1.23 #endif
230
|
231 kumpf 1.7 PEG_METHOD_EXIT();
232 return false;
|
233 mike 1.2 }
234
235 //
236 // Verify whether the specified namespace is valid
237 //
|
238 kumpf 1.22 Boolean UserManager::verifyNamespace(const CIMNamespaceName& myNamespace)
|
239 mike 1.2 {
|
240 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::verifyNamespace");
|
241 mike 1.2
|
242 kumpf 1.23 if (_authHandler->verifyNamespace(myNamespace))
|
243 mike 1.2 {
|
244 kumpf 1.23 PEG_METHOD_EXIT();
245 return true;
|
246 mike 1.2 }
|
247 kumpf 1.23 else
|
248 mike 1.2 {
|
249 kumpf 1.5 PEG_METHOD_EXIT();
|
250 kumpf 1.23 return false;
|
251 mike 1.2 }
252 }
253
254 //
255 // Verify whether the specified operation has authorization
256 // to be performed by the specified user.
257 //
258 Boolean UserManager::verifyAuthorization(
|
259 kumpf 1.22 const String& userName,
260 const CIMNamespaceName& nameSpace,
261 const CIMName& cimMethodName)
|
262 mike 1.2 {
|
263 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::verifyAuthorization");
|
264 mike 1.2
|
265 kumpf 1.23 if (_authHandler->verifyAuthorization(
266 userName, nameSpace, cimMethodName))
|
267 mike 1.2 {
|
268 kumpf 1.23 PEG_METHOD_EXIT();
269 return true;
|
270 mike 1.2 }
|
271 kumpf 1.23 else
|
272 mike 1.2 {
|
273 kumpf 1.5 PEG_METHOD_EXIT();
|
274 kumpf 1.23 return false;
|
275 mike 1.2 }
276 }
277
278 //
279 // Set the authorizations
280 //
281 void UserManager::setAuthorization(
|
282 kumpf 1.22 const String& userName,
283 const CIMNamespaceName& myNamespace,
284 const String& auth)
|
285 mike 1.2 {
|
286 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::setAuthorization");
|
287 kumpf 1.3
|
288 kumpf 1.23 _authHandler->setAuthorization(userName, myNamespace, auth);
|
289 kumpf 1.3
|
290 kumpf 1.5 PEG_METHOD_EXIT();
|
291 mike 1.2 }
292
293 //
294 // Remove the authorizations for the specified user and namespace
295 //
296 void UserManager::removeAuthorization(
|
297 kumpf 1.22 const String& userName,
298 const CIMNamespaceName& myNamespace)
|
299 mike 1.2 {
|
300 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::removeAuthorization");
|
301 kumpf 1.3
|
302 kumpf 1.23 _authHandler->removeAuthorization(userName, myNamespace);
|
303 kumpf 1.3
|
304 kumpf 1.5 PEG_METHOD_EXIT();
|
305 mike 1.2 }
306
307
308 //
309 // Get the authorizations for the specified user and namespace
310 //
311 String UserManager::getAuthorization(
|
312 kumpf 1.22 const String& userName,
313 const CIMNamespaceName& myNamespace)
|
314 mike 1.2 {
|
315 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::getAuthorization");
|
316 kumpf 1.3
|
317 kumpf 1.23 String auth = _authHandler->getAuthorization(userName, myNamespace);
|
318 kumpf 1.3
|
319 kumpf 1.5 PEG_METHOD_EXIT();
|
320 mike 1.2
321 return auth;
322 }
323
324 PEGASUS_NAMESPACE_END
|