1 //%2005////////////////////////////////////////////////////////////////////////
3 // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
4 // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
5 // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
6 // IBM Corp.; EMC Corporation, The Open Group.
7 // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
8 // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
9 // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.;
10 // EMC Corporation; VERITAS Software Corporation; The Open Group.
12 // Permission is hereby granted, free of charge, to any person obtaining a copy
13 // of this software and associated documentation files (the "Software"), to
14 // deal in the Software without restriction, including without limitation the
15 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
16 // sell copies of the Software, and to permit persons to whom the Software is
17 // furnished to do so, subject to the following conditions:
19 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
20 // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
21 // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
22 // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
23 // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
24 // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
25 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
28 //==============================================================================
30 // Author: Nag Boranna, Hewlett-Packard Company(nagaraja_boranna@hp.com)
32 // Modified By: Jair Santos, Hewlett-Packard Company(jair.santos@hp.com)
33 // Sushma Fernandes, Hewlett-Packard Company(sushma_fernandes@hp.com)
35 //%/////////////////////////////////////////////////////////////////////////////
38 #include <Pegasus/Common/Logger.h>
39 #include <Pegasus/Common/Tracer.h>
40 #include <Pegasus/Common/Base64.h>
42 #include "SecureBasicAuthenticator.h"
43 #include "PAMBasicAuthenticator.h"
44 #include "BasicAuthenticationHandler.h"
49 PEGASUS_NAMESPACE_BEGIN
52 BasicAuthenticationHandler::BasicAuthenticationHandler()
54 PEG_METHOD_ENTER(TRC_AUTHENTICATION,
55 "BasicAuthenticationHandler::BasicAuthenticationHandler()");
57 #ifdef PEGASUS_PAM_AUTHENTICATION
58 _basicAuthenticator = (BasicAuthenticator*) new PAMBasicAuthenticator();
60 _basicAuthenticator = (BasicAuthenticator*) new SecureBasicAuthenticator();
66 BasicAuthenticationHandler::~BasicAuthenticationHandler()
68 PEG_METHOD_ENTER(TRC_AUTHENTICATION,
69 "BasicAuthenticationHandler::~BasicAuthenticationHandler()");
71 if (_basicAuthenticator)
73 delete _basicAuthenticator;
79 Boolean BasicAuthenticationHandler::authenticate(
80 const String& authHeader,
81 AuthenticationInfo* authInfo)
84 TRC_AUTHENTICATION, "BasicAuthenticationHandler::authenticate()");
86 Boolean authenticated = false;
89 // copy userPass string to char array for decoding
93 Uint32 length = authHeader.size();
95 userPassArray.reserveCapacity( length );
96 userPassArray.clear();
98 for( Uint32 i = 0; i < length; i++ )
100 userPassArray.append( static_cast<char>(authHeader[i]) );
104 // base64 decode the userPass array
108 decodedArray = Base64::decode( userPassArray );
111 String( (const char*)decodedArray.getData(), decodedArray.size() );
113 Uint32 pos = decodedStr.find(':');
115 if (pos == PEG_NOT_FOUND)
118 return (authenticated);
121 String userName = decodedStr.subString(0, pos);
123 String password = decodedStr.subString(pos + 1);
125 #ifdef PEGASUS_OS_OS400
126 // OS400 APIs require user profile to be uppercase
127 for(int i=0; i < userName.size(); i++)
129 userName[i] = toupper(userName[i]);
133 #ifdef PEGASUS_WMIMAPPER
134 authenticated = true;
136 authInfo->setAuthenticatedUser(userName);
137 authInfo->setAuthenticatedPassword(password);
139 authenticated = _basicAuthenticator->authenticate(userName, password);
143 authInfo->setAuthenticatedUser(userName);
148 // Log a message for basic authentication failure
150 Logger::put_l (Logger::STANDARD_LOG, System::CIMSERVER,
151 Logger::INFORMATION, BASIC_AUTHENTICATION_FAILED_KEY,
152 BASIC_AUTHENTICATION_FAILED, userName );
158 return (authenticated);
161 Boolean BasicAuthenticationHandler::validateUser(const String& userName)
163 return _basicAuthenticator->validateUser(userName);
166 String BasicAuthenticationHandler::getAuthResponseHeader(
167 const String& authType,
168 const String& userName,
169 AuthenticationInfo* authInfo)
171 PEG_METHOD_ENTER(TRC_AUTHENTICATION,
172 "BasicAuthenticationHandler::getAuthResponseHeader()");
174 String respHeader = _basicAuthenticator->getAuthResponseHeader();
181 PEGASUS_NAMESPACE_END