openwbem: OW_SimpleAuthenticator.cpp Source File

00001 /*******************************************************************************
00002 * Copyright (C) 2001-2004 Vintela, Inc. All rights reserved.
00003 *
00004 * Redistribution and use in source and binary forms, with or without
00005 * modification, are permitted provided that the following conditions are met:
00006 *
00007 *  - Redistributions of source code must retain the above copyright notice,
00008 *    this list of conditions and the following disclaimer.
00009 *
00010 *  - Redistributions in binary form must reproduce the above copyright notice,
00011 *    this list of conditions and the following disclaimer in the documentation
00012 *    and/or other materials provided with the distribution.
00013 *
00014 *  - Neither the name of Vintela, Inc. nor the names of its
00015 *    contributors may be used to endorse or promote products derived from this
00016 *    software without specific prior written permission.
00017 *
00018 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS''
00019 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
00020 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
00021 * ARE DISCLAIMED. IN NO EVENT SHALL Vintela, Inc. OR THE CONTRIBUTORS
00022 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
00023 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
00024 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
00025 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
00026 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
00027 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
00028 * POSSIBILITY OF SUCH DAMAGE.
00029 *******************************************************************************/
00030 
00036 #include "OW_config.h"
00037 #include "OW_AuthenticatorIFC.hpp"
00038 #include "OW_AuthenticationException.hpp"
00039 #include "OW_String.hpp"
00040 #include "OW_Map.hpp"
00041 #include "OW_ConfigOpts.hpp"
00042 #include "OW_Format.hpp"
00043 #include <fstream>
00044 #include <iosfwd>
00045 
00046 namespace OW_NAMESPACE
00047 {
00048 
00049 namespace
00050 {
00051    // anonymous namespace is to prevent possible linkage problems or identifier
00052    // conflict whens the library is dynamically loaded
00053 class SimpleAuthenticator: public AuthenticatorIFC
00054 {
00055 public:
00056    SimpleAuthenticator();
00057    virtual ~SimpleAuthenticator() { };
00058 
00059    enum EErrorCodes
00060    {
00061       E_NO_PASSWORD_FILE,
00062       E_CANNOT_OPEN_PASSWORD_FILE,
00063       E_INVALID_PASSWORD_FILE
00064    };
00065 
00070 protected:
00071    virtual void doInit(ServiceEnvironmentIFCRef);
00072    bool doAuthenticate(String& userName,
00073       const String& info, String& details, OperationContext& context);
00074 private:
00075    String m_passwordPath;
00076    Map<String, String> m_passwords;
00081    void loadPasswordFile(const ServiceEnvironmentIFCRef& env);
00082    bool doAuthenticate(const String& userName, const String& passwd);
00083 };
00084 SimpleAuthenticator::SimpleAuthenticator()
00085 {
00086 }
00088 void
00089 SimpleAuthenticator::doInit(ServiceEnvironmentIFCRef env)
00090 {
00091    loadPasswordFile(env);
00092 }
00094 bool
00095 SimpleAuthenticator::doAuthenticate(String& userName,
00096       const String& info, String& details, OperationContext& context)
00097 {
00098    bool rval = false;
00099    if (info.empty())
00100    {
00101       details = "You must authenticate to access this resource";
00102       return rval;
00103    }
00104    if (!(rval = doAuthenticate(userName, info)))
00105    {
00106       details = "Invalid username or password";
00107    }
00108    return rval;
00109 }
00111 bool
00112 SimpleAuthenticator::doAuthenticate(const String& userName,
00113    const String& passwd)
00114 {
00115    bool rval;
00116    if (m_passwords.count(userName) < 1) // user not found in password file
00117    {
00118       rval = false;
00119    }
00120    else
00121    {
00122       String truePass = m_passwords[userName];
00123       rval = passwd.equals(truePass);
00124    }
00125    return rval;
00126 }
00128 // Private
00129 void
00130 SimpleAuthenticator::loadPasswordFile(const ServiceEnvironmentIFCRef& env)
00131 {
00132    // get path to password file from config file
00133    String passwdFile = env->getConfigItem(ConfigOpts::SIMPLE_AUTH_PASSWORD_FILE_opt, OW_DEFAULT_SIMPLE_AUTH_PASSWORD_FILE);
00134    if (passwdFile.empty())
00135    {
00136       OW_THROW_ERR(AuthenticationException, "No password file given for "
00137          "simple authorization module", E_NO_PASSWORD_FILE);
00138    }
00139    std::ifstream infile(passwdFile.c_str(), std::ios::in);
00140    if (!infile)
00141    {
00142       OW_THROW_ERR(AuthenticationException, "Cannot open password file", E_CANNOT_OPEN_PASSWORD_FILE);
00143    }
00144    // read name/password pairs from file into password map.
00145    while (infile)
00146    {
00147       String line;
00148       String name;
00149       String passwd;
00150       int lineCount = 0;
00151       line = String::getLine(infile);
00152       lineCount++;
00153       line.trim();
00154       if (line.empty()) // skip blank lines
00155       {
00156          continue;
00157       }
00158       size_t index = line.indexOf(':');
00159       if (index != String::npos)
00160       {
00161          name = line.substring(0, index);
00162          passwd = line.substring(index + 1);
00163       }
00164       else
00165       {
00166          OW_THROW_ERR(AuthenticationException, Format("Invalid syntax in "
00167             "%1 at line %2", passwdFile, lineCount).c_str(), E_INVALID_PASSWORD_FILE);
00168       }
00169       m_passwords[name] = passwd;
00170    }
00171 }
00172       
00173 } // end anonymous namespace
00174 
00175 } // end namespace OW_NAMESPACE
00176 
00178 OW_AUTHENTICATOR_FACTORY(OpenWBEM::SimpleAuthenticator, simple)
00179