1 karl 1.14 //%2006////////////////////////////////////////////////////////////////////////
|
2 mike 1.2 //
|
3 karl 1.9 // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
4 // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
5 // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
|
6 karl 1.7 // IBM Corp.; EMC Corporation, The Open Group.
|
7 karl 1.9 // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
8 // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
|
9 karl 1.10 // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.;
10 // EMC Corporation; VERITAS Software Corporation; The Open Group.
|
11 karl 1.14 // Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.;
12 // EMC Corporation; Symantec Corporation; The Open Group.
|
13 mike 1.2 //
14 // Permission is hereby granted, free of charge, to any person obtaining a copy
|
15 chip 1.3 // of this software and associated documentation files (the "Software"), to
16 // deal in the Software without restriction, including without limitation the
17 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
|
18 mike 1.2 // sell copies of the Software, and to permit persons to whom the Software is
19 // furnished to do so, subject to the following conditions:
|
20 kumpf 1.5 //
|
21 chip 1.3 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
|
22 mike 1.2 // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
23 // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
|
24 chip 1.3 // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
25 // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
26 // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
|
27 mike 1.2 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
29 //
|
30 kumpf 1.5 //==============================================================================
|
31 mike 1.2 //
32 // Author: Sushma Fernandes, Hewlett Packard Company (sushma_fernandes@hp.com)
33 //
34 // Modified By: Nag Boranna, Hewlett Packard Company (nagaraja_boranna@hp.com)
|
35 kumpf 1.6 // Carol Ann Krug Graves, Hewlett-Packard Company
36 // (carolann_graves@hp.com)
|
37 a.arora 1.8 // Amit K Arora, IBM (amita@in.ibm.com) for PEP#101
|
38 aruran.ms 1.13 // Aruran, IBM (ashanmug@in.ibm.com) for Bug#4421
|
39 mike 1.2 //
40 //%////////////////////////////////////////////////////////////////////////////
41
42
43 ///////////////////////////////////////////////////////////////////////////////
|
44 chip 1.3 //
45 // This file implements the functionality required to manage users.
|
46 mike 1.2 //
47 ///////////////////////////////////////////////////////////////////////////////
48
49 #ifndef Pegasus_UserManager_h
50 #define Pegasus_UserManager_h
51
|
52 chip 1.3 #include <Pegasus/Common/Config.h>
|
53 mike 1.2 #include <cctype>
54 #include <Pegasus/Common/String.h>
55 #include <Pegasus/Security/UserManager/UserFileHandler.h>
56 #include <Pegasus/Security/UserManager/AuthorizationHandler.h>
57 #include <Pegasus/Security/UserManager/Linkage.h>
58
59 PEGASUS_NAMESPACE_BEGIN
60
61 /**
|
62 chip 1.3 This class interfaces with UserFileHandler for creating, removing and listing users.
|
63 mike 1.2 */
64
65 class PEGASUS_USERMANAGER_LINKAGE UserManager
66 {
67
68 private:
69
70 //
71 // Singleton instance of UserManager, the constructor
72 // and the destructor are made private
73 //
74 static UserManager* _instance;
75
|
76 aruran.ms 1.13 // UserManager Mutex member
77 static Mutex _userManagerMutex;
78
|
79 mike 1.2 //
80 // Instance of UserFileHandler
81 //
|
82 a.arora 1.8 AutoPtr<UserFileHandler> _userFileHandler; //PEP101
|
83 mike 1.2
84 //
85 // Instance of AuthorizationHandler
86 //
|
87 a.arora 1.8 AutoPtr<AuthorizationHandler> _authHandler; //Pep101
|
88 mike 1.2
89 /** Constructor. */
90 UserManager(CIMRepository* repository);
91
|
92 aruran.ms 1.13 // Default Constructor - Implementation Not Required.
93 UserManager();
94
95 // Copy COnstructor - Implementation Not Required.
96 UserManager(const UserManager&);
97
98 // Overloaded Assignment Operator - Implementation Not Required.
99 UserManager& operator=(UserManager&);
|
100 mike 1.2
101 /** Destructor. */
102 ~UserManager();
103
104 public:
105
|
106 chip 1.3 /**
107 Construct the singleton instance of the UserManager and return a
|
108 mike 1.2 pointer to that instance.
109 */
110 static UserManager* getInstance(CIMRepository* repository = 0);
111
|
112 konrad.r 1.11
113 /**
114 Terminates the UserManager singleton.
115 */
|
116 konrad.r 1.12 static void destroy(void);
|
117 chip 1.3 /**
|
118 mike 1.2 Add a user.
119
|
120 chip 1.3 @param userName The name of the user to add.
|
121 mike 1.2 @param password The password for the user.
122
123 @exception InvalidSystemUser if the user is not a system user
124 @exception FileNotReadable if unable to read password file
125 @exception DuplicateUser if the user already exists
126 @exception PasswordCacheError if there is an error processing
127 password hashtable
128 @exception CannotRenameFile if password file cannot be renamed.
129 */
130 void addUser(const String& userName, const String& passWord);
131
|
132 chip 1.3 /**
|
133 mike 1.2 Modify user's password.
134
|
135 chip 1.3 @param userName The name of the user to modify.
136 @param password User's old password.
|
137 mike 1.2 @param newPassword User's new password.
138
139 @exception InvalidUser if the user does not exist
140 @exception PasswordMismatch if the specified password does not match
141 user's current password.
142 @exception PasswordCacheError if there is an error processing
143 password hashtable
144 @exception CannotRenameFile if password file cannot be renamed.
145 */
146 void modifyUser(
147 const String& userName,
148 const String& password,
149 const String& newPassword );
150
|
151 chip 1.3 /**
152 Remove a user.
|
153 mike 1.2
|
154 chip 1.3 @param userName The name of the user to remove.
|
155 mike 1.2
156 @exception FileNotReadable if unable to read password file
157 @exception InvalidUser if the user does not exist
158 @exception PasswordCacheError if there is an error processing
159 password hashtable
160 @exception CannotRenameFile if password file cannot be renamed.
161 */
162 void removeUser(const String& userName);
163
164
165 /**
166 Get a list of all the user names.
167
168 @param userNames List containing all the user names.
169
170 @exception FileNotReadable if unable to read password file
171 */
172 void getAllUserNames(Array<String>& userNames);
173
174 /**
175 Verify user exists in the cimserver password file
176 mike 1.2
177 @param userName Name of the user to be verified
178
179 @return true if the user exists, else false
180
181 @exception FileNotReadable if unable to read password file
182 */
183 Boolean verifyCIMUser(const String& userName);
184
185 /**
186 Verify user's password matches specified password
187
188 @param userName Name of the user to be verified
189 @param password password to be verified
190
191 @return true if the user's password matches existing password , else false
192
193 @exception FileNotReadable if unable to read password file
194 @exception InvalidUser if the specified user does not exist
195 */
196 Boolean verifyCIMUserPassword(
197 mike 1.2 const String& userName,
198 const String& password );
199
|
200 kumpf 1.4 /** Verify whether the spcefied namespace is a valid namespace.
201 @param myNamespace string containing the namespace name.
202 @return true if the specified name space is valid and exists, false otherwise.
203 */
|
204 kumpf 1.6 Boolean verifyNamespace( const CIMNamespaceName& myNamespace );
|
205 mike 1.2
|
206 kumpf 1.4 /** Verify whether the specified operation has authorization to be performed
207 by the specified user.
208 @param userName string containing the user name.
209 @param nameSpace string containing the namespace name.
210 @param cimMethodName string containing the cim method name.
211 @return true if the specified user has authorizations to run the specified
212 CIM operation on the specified namespace, false otherwise.
213 */
|
214 mike 1.2 Boolean verifyAuthorization(
215 const String& userName,
|
216 kumpf 1.6 const CIMNamespaceName& nameSpace,
217 const CIMName& cimMethodName);
|
218 mike 1.2
|
219 kumpf 1.4 /** Set the authorization to the specified user on the specified namespace.
220 @param userName string containing the user name.
221 @param myNamespace string containing the namespace name.
222 @param auth string containing the authorizations.
223 */
|
224 mike 1.2 void setAuthorization(
225 const String& userName,
|
226 kumpf 1.6 const CIMNamespaceName& myNamespace,
|
227 mike 1.2 const String& auth);
228
|
229 kumpf 1.4 /** Remove the authorizations of the specified user on the specified namespace.
230 @param userName string containing the user name.
231 @param myNamespace string containing the namespace name.
232 */
|
233 mike 1.2 void removeAuthorization(
234 const String& userName,
|
235 kumpf 1.6 const CIMNamespaceName& myNamespace);
|
236 mike 1.2
|
237 kumpf 1.4 /** Get the authorizations of the specified user on the specified namespace.
238 @param userName string containing the user name.
239 @param myNamespace string containing the namespace name.
240 @return a string containing the authorizations.
241 */
|
242 mike 1.2 String getAuthorization(
243 const String& userName,
|
244 kumpf 1.6 const CIMNamespaceName& myNamespace);
|
245 mike 1.2 };
246
247 PEGASUS_NAMESPACE_END
248
249 #endif /* Pegasus_UserManager_h */
250
|