OW_ListenerAuthenticator.cpp

Go to the documentation of this file.
00001 /*******************************************************************************
00002 * Copyright (C) 2001-2004 Vintela, Inc. All rights reserved.
00003 *
00004 * Redistribution and use in source and binary forms, with or without
00005 * modification, are permitted provided that the following conditions are met:
00006 *
00007 *  - Redistributions of source code must retain the above copyright notice,
00008 *    this list of conditions and the following disclaimer.
00009 *
00010 *  - Redistributions in binary form must reproduce the above copyright notice,
00011 *    this list of conditions and the following disclaimer in the documentation
00012 *    and/or other materials provided with the distribution.
00013 *
00014 *  - Neither the name of Vintela, Inc. nor the names of its
00015 *    contributors may be used to endorse or promote products derived from this
00016 *    software without specific prior written permission.
00017 *
00018 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS''
00019 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
00020 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
00021 * ARE DISCLAIMED. IN NO EVENT SHALL Vintela, Inc. OR THE CONTRIBUTORS
00022 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
00023 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
00024 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
00025 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
00026 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
00027 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
00028 * POSSIBILITY OF SUCH DAMAGE.
00029 *******************************************************************************/
00030 
00036 #include "OW_config.h"
00037 #include "OW_ListenerAuthenticator.hpp"
00038 #include "OW_CryptographicRandomNumber.hpp"
00039 
00040 namespace OW_NAMESPACE
00041 {
00042 
00044 ListenerAuthenticator::ListenerAuthenticator()
00045    : AuthenticatorIFC(), m_passwdMap()
00046 {}
00048 ListenerAuthenticator::~ListenerAuthenticator() 
00049 {
00050 }
00052 bool
00053 ListenerAuthenticator::doAuthenticate(String& userName,
00054       const String& info, String& details, OperationContext& context)
00055 {
00056    bool rval = false;
00057    if (info.empty()) // no "Authorization" header
00058    {
00059       details = "You must authenticate to access this resource";
00060       return rval;
00061    }
00062    String password = info;
00063    if (m_passwdMap.count(userName) < 1) // user not found in password file
00064    {
00065       rval = false;
00066    }
00067    else
00068    {
00069       String truePass = m_passwdMap[userName];
00070       rval = password.equals(truePass);
00071    }
00072    if (!rval)
00073    {
00074       details = "Invalid username or password";
00075    }
00076    return rval;
00077 }
00079 void
00080 ListenerAuthenticator::doInit(ServiceEnvironmentIFCRef)
00081 {
00082 }
00084 String
00085 ListenerAuthenticator::getNewCredentials()
00086 {
00087    String name, pass;
00088    CryptographicRandomNumber rn('0', 'z');
00089    MutexLock lock(m_mutex);
00090    do
00091    {
00092       name.erase();
00093       for (size_t i = 0; i < 128;)
00094       {
00095          int x = rn.getNextNumber();
00096          if ((x > '9' && x < 'A') || (x > 'Z' && x < 'a'))
00097          { // only allow alpha-numeric
00098             continue;
00099          }
00100          name += String(static_cast<char>(x));
00101          ++i;
00102       }
00103    } while (m_passwdMap.find(name) != m_passwdMap.end());
00104    for (size_t i = 0; i < 128;)
00105    {
00106       int x = rn.getNextNumber();
00107       if ((x > '9' && x < 'A') || (x > 'Z' && x < 'a'))
00108       { // only allow alpha-numeric
00109          continue;
00110       }
00111       pass += String(static_cast<char>(x));
00112       ++i;
00113    }
00114    m_passwdMap[name] = pass;
00115    return name + ":" + pass;
00116 }
00118 void
00119 ListenerAuthenticator::removeCredentials(const String& creds)
00120 {
00121    size_t idx = creds.indexOf(":");
00122    String name = creds.substring(0, idx);
00123    Map<String, String>::iterator iter;
00124    MutexLock lock(m_mutex);
00125    iter = m_passwdMap.find(name);
00126    if (iter != m_passwdMap.end())
00127    {
00128       m_passwdMap.erase(iter);
00129    }
00130 }
00131 
00132 } // end namespace OW_NAMESPACE
00133 

Generated on Thu Feb 9 08:48:03 2006 for openwbem by  doxygen 1.4.6