~drizzle-trunk/drizzle/development : contents of drizzled/plugin/authentication.cc at revision 1859.2.14

~drizzle-trunk/drizzle/development : (revision 1859.2.14)

/* -*- mode: c++; c-basic-offset: 2; indent-tabs-mode: nil; -*-
 *  vim:expandtab:shiftwidth=2:tabstop=2:smarttab:
 *
 *  Copyright (C) 2008 Sun Microsystems
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 */

#include "config.h"
#include "drizzled/plugin/authentication.h"
#include "drizzled/error.h"
#include "drizzled/gettext.h"
#include "drizzled/security_context.h"

#include <vector>

using namespace std;

namespace drizzled
{

std::vector<plugin::Authentication *> all_authentication;


bool plugin::Authentication::addPlugin(plugin::Authentication *auth)
{
  if (auth != NULL)
    all_authentication.push_back(auth);
  return false;
}

void plugin::Authentication::removePlugin(plugin::Authentication *auth)
{
  if (auth != NULL)
    all_authentication.erase(find(all_authentication.begin(),
                                  all_authentication.end(),
                                  auth));
}

class AuthenticateBy : public unary_function<plugin::Authentication *, bool>
{
  const SecurityContext &sctx;
  const string &password;
public:
  AuthenticateBy(const SecurityContext &sctx_arg, const string &password_arg) :
    unary_function<plugin::Authentication *, bool>(),
    sctx(sctx_arg), password(password_arg) {}

  inline result_type operator()(argument_type auth)
  {
    return auth->authenticate(sctx, password);
  }
};

bool plugin::Authentication::isAuthenticated(const SecurityContext &sctx,
                                             const string &password)
{
  /* If we never loaded any auth plugins, just return true */
  if (all_authentication.empty())
    return true;

  /* Use find_if instead of foreach so that we can collect return codes */
  vector<plugin::Authentication *>::iterator iter=
    find_if(all_authentication.begin(), all_authentication.end(),
            AuthenticateBy(sctx, password));

  /* We only require one plugin to return success in order to authenticate.
   * If iter is == end() here, that means that all of the plugins returned
   * false, which means they all failed.
   */
  if (iter == all_authentication.end())
  {
    my_error(ER_ACCESS_DENIED_ERROR, MYF(0),
             sctx.getUser().c_str(),
             sctx.getIp().c_str(),
             password.empty() ? ER(ER_NO) : ER(ER_YES));
    return false;
  }
  return true;
}

} /* namespace drizzled */

390.1.2 by Monty Taylor Fixed copyright headers in drizzled/	1	/* -- mode: c++; c-basic-offset: 2; indent-tabs-mode: nil; --
	2	* vim:expandtab:shiftwidth=2:tabstop=2:smarttab:
	3	*
1010 by Brian Aker Replacing Sun employee copyright headers (aka... anything done by a Sun	4	* Copyright (C) 2008 Sun Microsystems
390.1.2 by Monty Taylor Fixed copyright headers in drizzled/	5	*
	6	* This program is free software; you can redistribute it and/or modify
	7	* it under the terms of the GNU General Public License as published by
	8	* the Free Software Foundation; either version 2 of the License, or
	9	* (at your option) any later version.
	10	*
	11	* This program is distributed in the hope that it will be useful,
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	14	* GNU General Public License for more details.
	15	*
	16	* You should have received a copy of the GNU General Public License
	17	* along with this program; if not, write to the Free Software
	18	* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
	19	*/
	20
1241.9.36 by Monty Taylor ZOMG. I deleted drizzled/server_includes.h.	21	#include "config.h"
1130.1.12 by Monty Taylor Moved service stuff into plugin/	22	#include "drizzled/plugin/authentication.h"
1317.1.3 by Monty Taylor Fixed Authentication plugin interface to use SecurityContext rather than the	23	#include "drizzled/error.h"
1130.1.1 by Monty Taylor Merged in plugin-slot-reorg patches.	24	#include "drizzled/gettext.h"
1317.1.3 by Monty Taylor Fixed Authentication plugin interface to use SecurityContext rather than the	25	#include "drizzled/security_context.h"
259 by Brian Aker First pass on PAM auth	26
968.2.35 by Monty Taylor Removed plugin_foreach from authentication.	27	#include <vector>
	28
	29	using namespace std;
	30
1130.3.10 by Monty Taylor Cleaned up service namespacing.	31	namespace drizzled
1130.3.10 by Monty Taylor Cleaned up service namespacing.	32	{
1130.1.12 by Monty Taylor Moved service stuff into plugin/	33
	34	std::vector<plugin::Authentication *> all_authentication;
	35
	36
1130.1.19 by Monty Taylor Added error reporting to plugin registration.	37	bool plugin::Authentication::addPlugin(plugin::Authentication *auth)
1130.1.1 by Monty Taylor Merged in plugin-slot-reorg patches.	38	{
	39	if (auth != NULL)
	40	all_authentication.push_back(auth);
1130.1.19 by Monty Taylor Added error reporting to plugin registration.	41	return false;
1130.1.1 by Monty Taylor Merged in plugin-slot-reorg patches.	42	}
	43
1130.1.18 by Monty Taylor Changed ::add() and ::remove() to ::addPlugin() and ::removePlugin() so that	44	void plugin::Authentication::removePlugin(plugin::Authentication *auth)
1130.1.1 by Monty Taylor Merged in plugin-slot-reorg patches.	45	{
	46	if (auth != NULL)
	47	all_authentication.erase(find(all_authentication.begin(),
	48	all_authentication.end(),
	49	auth));
	50	}
	51
	52	class AuthenticateBy : public unary_function<plugin::Authentication *, bool>
968.2.35 by Monty Taylor Removed plugin_foreach from authentication.	53	{
1317.1.3 by Monty Taylor Fixed Authentication plugin interface to use SecurityContext rather than the	54	const SecurityContext &sctx;
	55	const string &password;
968.2.35 by Monty Taylor Removed plugin_foreach from authentication.	56	public:
1317.1.3 by Monty Taylor Fixed Authentication plugin interface to use SecurityContext rather than the	57	AuthenticateBy(const SecurityContext &sctx_arg, const string &password_arg) :
1130.1.1 by Monty Taylor Merged in plugin-slot-reorg patches.	58	unary_function<plugin::Authentication *, bool>(),
1317.1.3 by Monty Taylor Fixed Authentication plugin interface to use SecurityContext rather than the	59	sctx(sctx_arg), password(password_arg) {}
968.2.35 by Monty Taylor Removed plugin_foreach from authentication.	60
	61	inline result_type operator()(argument_type auth)
259 by Brian Aker First pass on PAM auth	62	{
1317.1.3 by Monty Taylor Fixed Authentication plugin interface to use SecurityContext rather than the	63	return auth->authenticate(sctx, password);
259 by Brian Aker First pass on PAM auth	64	}
968.2.35 by Monty Taylor Removed plugin_foreach from authentication.	65	};
259 by Brian Aker First pass on PAM auth	66
1317.1.3 by Monty Taylor Fixed Authentication plugin interface to use SecurityContext rather than the	67	bool plugin::Authentication::isAuthenticated(const SecurityContext &sctx,
	68	const string &password)
259 by Brian Aker First pass on PAM auth	69	{
259 by Brian Aker First pass on PAM auth	70	/* If we never loaded any auth plugins, just return true */
1317.5.1 by Monty Taylor Replaced call of size()==0 with empty()	71	if (all_authentication.empty())
259 by Brian Aker First pass on PAM auth	72	return true;
259 by Brian Aker First pass on PAM auth	73
968.2.35 by Monty Taylor Removed plugin_foreach from authentication.	74	/* Use find_if instead of foreach so that we can collect return codes */
1130.1.1 by Monty Taylor Merged in plugin-slot-reorg patches.	75	vector<plugin::Authentication *>::iterator iter=
968.2.35 by Monty Taylor Removed plugin_foreach from authentication.	76	find_if(all_authentication.begin(), all_authentication.end(),
1317.1.3 by Monty Taylor Fixed Authentication plugin interface to use SecurityContext rather than the	77	AuthenticateBy(sctx, password));
	78
1337.4.4 by Eric Day Fixed authentication plugin checks, added required functionality for protocol/auth plugins to specify password type and context.	79	/* We only require one plugin to return success in order to authenticate.
	80	* If iter is == end() here, that means that all of the plugins returned
	81	* false, which means they all failed.
968.2.35 by Monty Taylor Removed plugin_foreach from authentication.	82	*/
1337.4.4 by Eric Day Fixed authentication plugin checks, added required functionality for protocol/auth plugins to specify password type and context.	83	if (iter == all_authentication.end())
1317.1.3 by Monty Taylor Fixed Authentication plugin interface to use SecurityContext rather than the	84	{
	85	my_error(ER_ACCESS_DENIED_ERROR, MYF(0),
	86	sctx.getUser().c_str(),
	87	sctx.getIp().c_str(),
	88	password.empty() ? ER(ER_NO) : ER(ER_YES));
1337.4.4 by Eric Day Fixed authentication plugin checks, added required functionality for protocol/auth plugins to specify password type and context.	89	return false;
1317.1.3 by Monty Taylor Fixed Authentication plugin interface to use SecurityContext rather than the	90	}
1337.4.4 by Eric Day Fixed authentication plugin checks, added required functionality for protocol/auth plugins to specify password type and context.	91	return true;
259 by Brian Aker First pass on PAM auth	92	}
259 by Brian Aker First pass on PAM auth	93
1130.3.10 by Monty Taylor Cleaned up service namespacing.	94	} /* namespace drizzled */