1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
/* -*- mode: c++; c-basic-offset: 2; indent-tabs-mode: nil; -*-
* vim:expandtab:shiftwidth=2:tabstop=2:smarttab:
*
* Copyright (C) 2008 Sun Microsystems
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
#include "config.h"
#include "drizzled/plugin/authentication.h"
#include "drizzled/error.h"
#include "drizzled/gettext.h"
#include "drizzled/security_context.h"
#include <vector>
using namespace std;
namespace drizzled
{
std::vector<plugin::Authentication *> all_authentication;
bool plugin::Authentication::addPlugin(plugin::Authentication *auth)
{
if (auth != NULL)
all_authentication.push_back(auth);
return false;
}
void plugin::Authentication::removePlugin(plugin::Authentication *auth)
{
if (auth != NULL)
all_authentication.erase(find(all_authentication.begin(),
all_authentication.end(),
auth));
}
class AuthenticateBy : public unary_function<plugin::Authentication *, bool>
{
const SecurityContext &sctx;
const string &password;
public:
AuthenticateBy(const SecurityContext &sctx_arg, const string &password_arg) :
unary_function<plugin::Authentication *, bool>(),
sctx(sctx_arg), password(password_arg) {}
inline result_type operator()(argument_type auth)
{
return auth->authenticate(sctx, password);
}
};
bool plugin::Authentication::isAuthenticated(const SecurityContext &sctx,
const string &password)
{
/* If we never loaded any auth plugins, just return true */
if (all_authentication.empty())
return true;
/* Use find_if instead of foreach so that we can collect return codes */
vector<plugin::Authentication *>::iterator iter=
find_if(all_authentication.begin(), all_authentication.end(),
AuthenticateBy(sctx, password));
/* We only require one plugin to return success in order to authenticate.
* If iter is == end() here, that means that all of the plugins returned
* false, which means they all failed.
*/
if (iter == all_authentication.end())
{
my_error(ER_ACCESS_DENIED_ERROR, MYF(0),
sctx.getUser().c_str(),
sctx.getIp().c_str(),
password.empty() ? ER(ER_NO) : ER(ER_YES));
return false;
}
return true;
}
} /* namespace drizzled */
|