version 1.51, 2005/07/22 21:54:09
|
version 1.52, 2005/07/26 00:06:18
|
|
|
// Amit K Arora, IBM (amita@in.ibm.com) for PEP#101 | // Amit K Arora, IBM (amita@in.ibm.com) for PEP#101 |
// David Dillard, VERITAS Software Corp. | // David Dillard, VERITAS Software Corp. |
// (david.dillard@veritas.com) | // (david.dillard@veritas.com) |
|
// John Alex, IBM (johnalex@us.ibm.com) - Bug#2290 |
// | // |
//%///////////////////////////////////////////////////////////////////////////// | //%///////////////////////////////////////////////////////////////////////////// |
| |
|
|
| |
void HTTPAuthenticatorDelegator::_sendResponse( | void HTTPAuthenticatorDelegator::_sendResponse( |
Uint32 queueId, | Uint32 queueId, |
Array<char>& message) |
Array<char>& message, |
|
Boolean closeConnect) |
{ | { |
PEG_METHOD_ENTER(TRC_HTTP, | PEG_METHOD_ENTER(TRC_HTTP, |
"HTTPAuthenticatorDelegator::_sendResponse"); | "HTTPAuthenticatorDelegator::_sendResponse"); |
|
|
HTTPMessage* httpMessage = new HTTPMessage(message); | HTTPMessage* httpMessage = new HTTPMessage(message); |
httpMessage->dest = queue->getQueueId(); | httpMessage->dest = queue->getQueueId(); |
| |
|
httpMessage->setCloseConnect(closeConnect); |
|
|
queue->enqueue(httpMessage); | queue->enqueue(httpMessage); |
} | } |
| |
|
|
#ifdef PEGASUS_KERBEROS_AUTHENTICATION | #ifdef PEGASUS_KERBEROS_AUTHENTICATION |
void HTTPAuthenticatorDelegator::_sendSuccess( | void HTTPAuthenticatorDelegator::_sendSuccess( |
Uint32 queueId, | Uint32 queueId, |
const String& authResponse) |
const String& authResponse, |
|
Boolean closeConnect) |
{ | { |
PEG_METHOD_ENTER(TRC_HTTP, | PEG_METHOD_ENTER(TRC_HTTP, |
"HTTPAuthenticatorDelegator::_sendSuccess"); | "HTTPAuthenticatorDelegator::_sendSuccess"); |
|
|
Array<char> message; | Array<char> message; |
XmlWriter::appendOKResponseHeader(message, authResponse); | XmlWriter::appendOKResponseHeader(message, authResponse); |
| |
_sendResponse(queueId, message); |
_sendResponse(queueId, message,closeConnect); |
| |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
} | } |
|
|
| |
void HTTPAuthenticatorDelegator::_sendChallenge( | void HTTPAuthenticatorDelegator::_sendChallenge( |
Uint32 queueId, | Uint32 queueId, |
const String& authResponse) |
const String& authResponse, |
|
Boolean closeConnect) |
{ | { |
PEG_METHOD_ENTER(TRC_HTTP, | PEG_METHOD_ENTER(TRC_HTTP, |
"HTTPAuthenticatorDelegator::_sendChallenge"); | "HTTPAuthenticatorDelegator::_sendChallenge"); |
|
|
Array<char> message; | Array<char> message; |
XmlWriter::appendUnauthorizedResponseHeader(message, authResponse); | XmlWriter::appendUnauthorizedResponseHeader(message, authResponse); |
| |
_sendResponse(queueId, message); |
_sendResponse(queueId, message,closeConnect); |
| |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
} | } |
|
|
Uint32 queueId, | Uint32 queueId, |
const String& status, | const String& status, |
const String& cimError, | const String& cimError, |
const String& pegasusError) |
const String& pegasusError, |
|
Boolean closeConnect) |
{ | { |
PEG_METHOD_ENTER(TRC_HTTP, | PEG_METHOD_ENTER(TRC_HTTP, |
"HTTPAuthenticatorDelegator::_sendHttpError"); | "HTTPAuthenticatorDelegator::_sendHttpError"); |
|
|
cimError, | cimError, |
pegasusError); | pegasusError); |
| |
_sendResponse(queueId, message); |
_sendResponse(queueId, message,closeConnect); |
| |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
} | } |
|
|
| |
if (deleteMessage) | if (deleteMessage) |
{ | { |
|
PEG_TRACE_STRING(TRC_HTTP, Tracer::LEVEL3, |
|
"Deleting Message in HTTPAuthenticator::handleEnqueue"); |
|
|
delete message; | delete message; |
} | } |
| |
|
|
String startLine; | String startLine; |
Array<HTTPHeader> headers; | Array<HTTPHeader> headers; |
Uint32 contentLength; | Uint32 contentLength; |
|
String connectClose; |
|
Boolean closeConnect = false; |
| |
httpMessage->parse(startLine, headers, contentLength); | httpMessage->parse(startLine, headers, contentLength); |
| |
// | // |
|
// Check for Connection: Close |
|
// |
|
if(HTTPMessage::lookupHeader(headers, "Connection", connectClose, false)) |
|
{ |
|
if (String::equalNoCase(connectClose, "Close")) |
|
{ |
|
PEG_TRACE_STRING(TRC_HTTP, Tracer::LEVEL3, |
|
"Header in HTTP Message Contains a Connection: Close"); |
|
closeConnect = true; |
|
httpMessage->setCloseConnect(closeConnect); |
|
} |
|
} |
|
|
|
|
|
// |
// Check if the request was received on the export connection. | // Check if the request was received on the export connection. |
// Do not accept CIMOperation requests on the export connection. | // Do not accept CIMOperation requests on the export connection. |
// Username-password authentication is not done for CIMExport requests | // Username-password authentication is not done for CIMExport requests |
|
|
String msg(MessageLoader::getMessage(msgParms)); | String msg(MessageLoader::getMessage(msgParms)); |
| |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
_sendHttpError(queueId, |
_sendHttpError( |
|
queueId, |
HTTP_STATUS_FORBIDDEN, | HTTP_STATUS_FORBIDDEN, |
String::EMPTY, | String::EMPTY, |
msg); |
msg, |
|
closeConnect); |
} | } |
| |
// | // |
|
|
// | // |
PEGASUS_ASSERT(0); | PEGASUS_ASSERT(0); |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
_sendHttpError(queueId, HTTP_STATUS_BADREQUEST); |
_sendHttpError( |
|
queueId, |
|
HTTP_STATUS_BADREQUEST, |
|
String::EMPTY, |
|
String::EMPTY, |
|
closeConnect); |
} | } |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
return; | return; |
|
|
MessageLoaderParms msgParms("Pegasus.Server.HTTPAuthenticatorDelegator.BAD_CERTIFICATE", | MessageLoaderParms msgParms("Pegasus.Server.HTTPAuthenticatorDelegator.BAD_CERTIFICATE", |
"The certificate used for authentication is not valid."); | "The certificate used for authentication is not valid."); |
String msg(MessageLoader::getMessage(msgParms)); | String msg(MessageLoader::getMessage(msgParms)); |
_sendHttpError(queueId, |
_sendHttpError( |
|
queueId, |
HTTP_STATUS_UNAUTHORIZED, | HTTP_STATUS_UNAUTHORIZED, |
String::EMPTY, | String::EMPTY, |
msg); |
msg, |
|
closeConnect); |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
return; | return; |
} | } |
|
|
"The certificate used for authentication is not valid."); | "The certificate used for authentication is not valid."); |
String msg(MessageLoader::getMessage(msgParms)); | String msg(MessageLoader::getMessage(msgParms)); |
PEG_TRACE_STRING(TRC_HTTP, Tracer::LEVEL3, msg); | PEG_TRACE_STRING(TRC_HTTP, Tracer::LEVEL3, msg); |
_sendHttpError(queueId, |
_sendHttpError( |
|
queueId, |
HTTP_STATUS_UNAUTHORIZED, | HTTP_STATUS_UNAUTHORIZED, |
String::EMPTY, | String::EMPTY, |
msg); |
msg, |
|
closeConnect); |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
return; | return; |
} | } |
|
|
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
return; | return; |
} | } |
|
|
httpMessage->authInfo->setAuthenticatedUser(userName); | httpMessage->authInfo->setAuthenticatedUser(userName); |
| |
PEG_TRACE_STRING(TRC_HTTP, Tracer::LEVEL3, "User name for certificate is " + userName); | PEG_TRACE_STRING(TRC_HTTP, Tracer::LEVEL3, "User name for certificate is " + userName); |
|
|
"No username is registered to this certificate."); | "No username is registered to this certificate."); |
String msg(MessageLoader::getMessage(msgParms)); | String msg(MessageLoader::getMessage(msgParms)); |
PEG_TRACE_STRING(TRC_HTTP, Tracer::LEVEL3, msg); | PEG_TRACE_STRING(TRC_HTTP, Tracer::LEVEL3, msg); |
_sendHttpError(queueId, |
_sendHttpError( |
|
queueId, |
HTTP_STATUS_UNAUTHORIZED, | HTTP_STATUS_UNAUTHORIZED, |
String::EMPTY, | String::EMPTY, |
msg); |
msg, |
|
closeConnect); |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
return; | return; |
} | } |
|
|
return; | return; |
} | } |
| |
|
|
httpMessage->authInfo->setAuthenticatedUser(trustStoreUserName); | httpMessage->authInfo->setAuthenticatedUser(trustStoreUserName); |
| |
PEG_TRACE_STRING(TRC_HTTP, Tracer::LEVEL3, "User name for certificate is " + trustStoreUserName); |
PEG_TRACE_STRING( |
Logger::put(Logger::STANDARD_LOG, System::CIMSERVER, Logger::TRACE, |
TRC_HTTP, |
"HTTPAuthenticatorDelegator - The trusted client certificate is registered to $0.", trustStoreUserName); |
Tracer::LEVEL3, |
|
"User name for certificate is " + trustStoreUserName); |
|
Logger::put( |
|
Logger::STANDARD_LOG, |
|
System::CIMSERVER, |
|
Logger::TRACE, |
|
"HTTPAuthenticatorDelegator - The trusted client certificate is registered to $0.", |
|
trustStoreUserName); |
| |
} | } |
} | } |
|
|
MessageLoaderParms msgParms("Pegasus.Server.HTTPAuthenticatorDelegator.REQUEST_NOT_VALID","request-not-valid"); | MessageLoaderParms msgParms("Pegasus.Server.HTTPAuthenticatorDelegator.REQUEST_NOT_VALID","request-not-valid"); |
String msg(MessageLoader::getMessage(msgParms)); | String msg(MessageLoader::getMessage(msgParms)); |
| |
_sendHttpError(queueId, HTTP_STATUS_BADREQUEST, |
_sendHttpError( |
|
queueId, |
|
HTTP_STATUS_BADREQUEST, |
msg, | msg, |
e.getMessage()); |
e.getMessage(), |
|
closeConnect); |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
return; | return; |
} | } |
|
|
if (methodName != "M-POST" && methodName != "POST") | if (methodName != "M-POST" && methodName != "POST") |
{ | { |
// Only POST and M-POST are implemented by this server | // Only POST and M-POST are implemented by this server |
_sendHttpError(queueId, |
_sendHttpError( |
HTTP_STATUS_NOTIMPLEMENTED); |
queueId, |
|
HTTP_STATUS_NOTIMPLEMENTED, |
|
String::EMPTY, |
|
String::EMPTY, |
|
closeConnect); |
} | } |
else if ((httpMethod == HTTP_METHOD_M_POST) && | else if ((httpMethod == HTTP_METHOD_M_POST) && |
(httpVersion == "HTTP/1.0")) | (httpVersion == "HTTP/1.0")) |
|
|
// | // |
// M-POST method is not valid with version 1.0 | // M-POST method is not valid with version 1.0 |
// | // |
_sendHttpError(queueId, |
_sendHttpError( |
HTTP_STATUS_BADREQUEST); |
queueId, |
|
HTTP_STATUS_BADREQUEST, |
|
String::EMPTY, |
|
String::EMPTY, |
|
closeConnect); |
} | } |
else | else |
{ | { |
|
|
| |
if (!String::equal(authResp, String::EMPTY)) | if (!String::equal(authResp, String::EMPTY)) |
{ | { |
_sendChallenge(queueId, authResp); |
_sendChallenge(queueId, authResp,closeConnect); |
} | } |
else | else |
{ | { |
MessageLoaderParms msgParms("Pegasus.Server.HTTPAuthenticatorDelegator.AUTHORIZATION_HEADER_ERROR","Authorization header error"); | MessageLoaderParms msgParms("Pegasus.Server.HTTPAuthenticatorDelegator.AUTHORIZATION_HEADER_ERROR","Authorization header error"); |
String msg(MessageLoader::getMessage(msgParms)); | String msg(MessageLoader::getMessage(msgParms)); |
_sendHttpError(queueId, |
_sendHttpError( |
|
queueId, |
HTTP_STATUS_BADREQUEST, | HTTP_STATUS_BADREQUEST, |
String::EMPTY, | String::EMPTY, |
msg); |
msg, |
|
closeConnect); |
} | } |
| |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
|
|
} | } |
catch (const CannotOpenFile &) | catch (const CannotOpenFile &) |
{ | { |
_sendHttpError(queueId, |
_sendHttpError( |
HTTP_STATUS_INTERNALSERVERERROR); |
queueId, |
|
HTTP_STATUS_INTERNALSERVERERROR, |
|
String::EMPTY, |
|
String::EMPTY, |
|
closeConnect); |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
return; | return; |
| |
|
|
#endif | #endif |
if (!String::equal(authResp, String::EMPTY)) | if (!String::equal(authResp, String::EMPTY)) |
{ | { |
_sendChallenge(queueId, authResp); |
_sendChallenge(queueId, authResp,closeConnect); |
} | } |
else | else |
{ | { |
MessageLoaderParms msgParms("Pegasus.Server.HTTPAuthenticatorDelegator.AUTHORIZATION_HEADER_ERROR","Authorization header error"); | MessageLoaderParms msgParms("Pegasus.Server.HTTPAuthenticatorDelegator.AUTHORIZATION_HEADER_ERROR","Authorization header error"); |
String msg(MessageLoader::getMessage(msgParms)); | String msg(MessageLoader::getMessage(msgParms)); |
_sendHttpError(queueId, |
_sendHttpError( |
|
queueId, |
HTTP_STATUS_BADREQUEST, | HTTP_STATUS_BADREQUEST, |
String::EMPTY, | String::EMPTY, |
msg); |
msg, |
|
closeConnect); |
} | } |
| |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
|
|
{ | { |
MessageLoaderParms msgParms("Pegasus.Server.HTTPAuthenticatorDelegator.AUTHORIZATION_HEADER_ERROR","Authorization header error"); | MessageLoaderParms msgParms("Pegasus.Server.HTTPAuthenticatorDelegator.AUTHORIZATION_HEADER_ERROR","Authorization header error"); |
String msg(MessageLoader::getMessage(msgParms)); | String msg(MessageLoader::getMessage(msgParms)); |
_sendHttpError(queueId, |
_sendHttpError( |
|
queueId, |
HTTP_STATUS_BADREQUEST, | HTTP_STATUS_BADREQUEST, |
String::EMPTY, | String::EMPTY, |
msg); |
msg, |
|
closeConnect); |
} | } |
else | else |
{ | { |
if (sendAction == 1) // Send success | if (sendAction == 1) // Send success |
{ | { |
_sendSuccess(queueId, |
_sendSuccess( |
String(httpMessage->message.getData(), httpMessage->message.size())); |
queueId, |
|
String( |
|
httpMessage->message.getData(),httpMessage->message.size()), |
|
closeConnect); |
} | } |
| |
if (sendAction == 2) // Send response | if (sendAction == 2) // Send response |
{ | { |
_sendResponse(queueId, httpMessage->message); |
_sendResponse(queueId, httpMessage->message,closeConnect); |
} | } |
} | } |
| |
|
|
catch(const bad_alloc &) | catch(const bad_alloc &) |
{ | { |
delete httpMessage; | delete httpMessage; |
_sendHttpError(queueId, |
_sendHttpError( |
HTTP_STATUS_REQUEST_TOO_LARGE); |
queueId, |
|
HTTP_STATUS_REQUEST_TOO_LARGE, |
|
String::EMPTY, |
|
String::EMPTY, |
|
closeConnect); |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
deleteMessage = false; | deleteMessage = false; |
return; | return; |
|
|
// without the CIMError header since this request must not be | // without the CIMError header since this request must not be |
// processed as a CIM request. | // processed as a CIM request. |
| |
_sendHttpError(queueId, |
_sendHttpError( |
HTTP_STATUS_BADREQUEST); |
queueId, |
|
HTTP_STATUS_BADREQUEST, |
|
String::EMPTY, |
|
String::EMPTY, |
|
closeConnect); |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
return; | return; |
} // bad request | } // bad request |
|
|
| |
if (!String::equal(authResp, String::EMPTY)) | if (!String::equal(authResp, String::EMPTY)) |
{ | { |
_sendChallenge(queueId, authResp); |
_sendChallenge(queueId, authResp,closeConnect); |
} | } |
else | else |
{ | { |
MessageLoaderParms msgParms("Pegasus.Server.HTTPAuthenticatorDelegator.AUTHORIZATION_HEADER_ERROR","Authorization header error"); | MessageLoaderParms msgParms("Pegasus.Server.HTTPAuthenticatorDelegator.AUTHORIZATION_HEADER_ERROR","Authorization header error"); |
String msg(MessageLoader::getMessage(msgParms)); | String msg(MessageLoader::getMessage(msgParms)); |
_sendHttpError(queueId, |
_sendHttpError( |
|
queueId, |
HTTP_STATUS_BADREQUEST, | HTTP_STATUS_BADREQUEST, |
String::EMPTY, | String::EMPTY, |
msg); |
msg, |
|
closeConnect); |
} | } |
} | } |
} // M-POST and POST processing | } // M-POST and POST processing |