~drizzle-trunk/drizzle/development

« back to all changes in this revision

Viewing changes to drizzled/plugin/authentication.cc

Committer: Brian Aker
Date: 2010-12-18 10:14:05 UTC
mfrom: (2008.1.3 clean)
Revision ID: brian@tangent.org-20101218101405-qjbse29shi9coklg

Merge of user identifier work

files added:
drizzled/identifier/user.cc

drizzled/identifier/user.h

plugin/utility_functions/tests/t/execute.test

files removed:
drizzled/security_context.h

files renamed:
plugin/utility_functions/tests/t/execute.test => plugin/utility_functions/tests/t/execute_complex.disabled

files modified:
drizzled/db.cc

drizzled/execute.cc

drizzled/identifier.h

drizzled/include.am

drizzled/plugin/authentication.cc

drizzled/plugin/authentication.h

drizzled/plugin/authorization.cc

drizzled/plugin/authorization.h

drizzled/plugin/schema_engine.cc

drizzled/session.cc

drizzled/session.h

drizzled/sql_base.cc

drizzled/statement/create_schema.cc

drizzled/table.cc

plugin/auth_file/auth_file.cc

plugin/auth_http/auth_http.cc

plugin/auth_ldap/auth_ldap.cc

plugin/auth_pam/auth_pam.cc

plugin/auth_test/auth_test.cc

plugin/console/console.cc

plugin/drizzle_protocol/drizzle_protocol.cc

plugin/innobase/handler/ha_innodb.cc

plugin/logging_stats/logging_stats.cc

plugin/logging_stats/scoreboard.cc

plugin/mysql_protocol/mysql_protocol.cc

plugin/session_dictionary/processlist.cc

plugin/simple_user_policy/policy.h

plugin/user_locks/barriers.h

plugin/user_locks/create_barrier.cc

plugin/user_locks/get_lock.cc

plugin/user_locks/get_locks.cc

plugin/user_locks/is_free_lock.cc

plugin/user_locks/is_used_lock.cc

plugin/user_locks/key.h

plugin/user_locks/release_barrier.cc

plugin/user_locks/release_lock.cc

plugin/user_locks/release_wait.cc

plugin/user_locks/signal.cc

plugin/user_locks/wait.cc

plugin/user_locks/wait_for_lock.cc

plugin/user_locks/wait_until.cc

plugin/utility_functions/tests/r/execute.result

plugin/utility_functions/user.cc

support-files/drizzle.spec.in

unittests/plugin/authentication_test.cc

unittests/plugin/plugin_stubs.h

Show diffs side-by-side

added added

removed removed

drizzled/plugin/authentication.cc

#include "drizzled/plugin/authentication.h"

#include "drizzled/error.h"

#include "drizzled/gettext.h"

#include "drizzled/security_context.h"

#include "drizzled/identifier.h"

#include <vector>

{

if (auth != NULL)

all_authentication.push_back(auth);

return false;

}

class AuthenticateBy : public std::unary_function<plugin::Authentication *, bool>

{

const SecurityContext &sctx;

const identifier::User &sctx;

const std::string &password;

public:

AuthenticateBy(const SecurityContext &sctx_arg, const std::string &password_arg) :

AuthenticateBy(const identifier::User &sctx_arg, const std::string &password_arg) :

std::unary_function<plugin::Authentication *, bool>(),

sctx(sctx_arg), password(password_arg) {}

}

};

bool plugin::Authentication::isAuthenticated(const SecurityContext &sctx,

bool plugin::Authentication::isAuthenticated(drizzled::identifier::User::const_shared_ptr sctx,

const std::string &password)

{

/* If we never loaded any auth plugins, just return true */

/* Use find_if instead of foreach so that we can collect return codes */

std::vector<plugin::Authentication *>::iterator iter=

std::find_if(all_authentication.begin(), all_authentication.end(),

AuthenticateBy(sctx, password));

AuthenticateBy(*sctx, password));

/* We only require one plugin to return success in order to authenticate.

* If iter is == end() here, that means that all of the plugins returned

if (iter == all_authentication.end())

{

my_error(ER_ACCESS_DENIED_ERROR, MYF(0),

sctx.getUser().c_str(),

sctx.getIp().c_str(),

sctx->username().c_str(),

sctx->address().c_str(),

password.empty() ? ER(ER_NO) : ER(ER_YES));

return false;

}

return true;

}

Older »