version 1.75, 2007/04/03 18:51:00
|
version 1.76, 2007/05/09 19:18:00
|
|
|
// | // |
//%///////////////////////////////////////////////////////////////////////////// | //%///////////////////////////////////////////////////////////////////////////// |
| |
|
#include <Pegasus/Common/AuditLogger.h> |
#include <Pegasus/Common/Constants.h> | #include <Pegasus/Common/Constants.h> |
#include <Pegasus/Common/HTTPAcceptor.h> | #include <Pegasus/Common/HTTPAcceptor.h> |
#include <Pegasus/Common/HTTPConnection.h> | #include <Pegasus/Common/HTTPConnection.h> |
|
|
// certificate chain, if necessary). | // certificate chain, if necessary). |
| |
String certUserName; | String certUserName; |
|
String issuerName; |
|
String subjectName; |
|
char serialNumber[32]; |
|
|
if (isRequestAuthenticated && | if (isRequestAuthenticated && |
(String::equal(httpMessage->authInfo->getAuthType(), | (String::equal(httpMessage->authInfo->getAuthType(), |
AuthenticationInfoRep::AUTH_TYPE_SSL))) | AuthenticationInfoRep::AUTH_TYPE_SSL))) |
|
|
clientCertificate->toString()); | clientCertificate->toString()); |
| |
//get certificate properties | //get certificate properties |
String issuerName = clientCertificate->getIssuerName(); |
issuerName = clientCertificate->getIssuerName(); |
char serialNumber[256]; |
|
sprintf(serialNumber, "%lu", | sprintf(serialNumber, "%lu", |
clientCertificate->getSerialNumber()); | clientCertificate->getSerialNumber()); |
|
subjectName = clientCertificate->getSubjectName(); |
| |
// | // |
// The truststore type key property is deprecated. To retain | // The truststore type key property is deprecated. To retain |
|
|
| |
if (!_authenticationManager->validateUserForHttpAuth(certUserName)) | if (!_authenticationManager->validateUserForHttpAuth(certUserName)) |
{ | { |
|
PEG_AUDIT_LOG(logCertificateBasedUserValidation( |
|
certUserName, |
|
issuerName, |
|
subjectName, |
|
serialNumber, |
|
httpMessage->ipAddress, |
|
false)); |
MessageLoaderParms msgParms( | MessageLoaderParms msgParms( |
"Pegasus.Server.HTTPAuthenticatorDelegator." | "Pegasus.Server.HTTPAuthenticatorDelegator." |
"CERTIFICATE_USER_NOT_VALID", | "CERTIFICATE_USER_NOT_VALID", |
|
|
return; | return; |
} | } |
| |
|
PEG_AUDIT_LOG(logCertificateBasedUserValidation( |
|
certUserName, |
|
issuerName, |
|
subjectName, |
|
serialNumber, |
|
httpMessage->ipAddress, |
|
true)); |
|
|
httpMessage->authInfo->setAuthenticatedUser(certUserName); | httpMessage->authInfo->setAuthenticatedUser(certUserName); |
| |
PEG_TRACE_STRING( | PEG_TRACE_STRING( |