00001
00002
00003
00004
00005
00006
00007
00008 #include "eirods_native_auth_object.h"
00009 #include "eirods_auth_object.h"
00010 #include "eirods_auth_factory.h"
00011 #include "eirods_auth_plugin.h"
00012 #include "eirods_auth_manager.h"
00013 #include "eirods_auth_constants.h"
00014 #include "eirods_kvp_string_parser.h"
00015 #include "eirods_pluggable_auth_scheme.h"
00016
00017
00018
00019 #include "authRequest.h"
00020 #include "authResponse.h"
00021 #include "authCheck.h"
00022 #include "miscServerFunct.h"
00023
00024 int rsAuthResponse(
00025 rsComm_t* _comm,
00026 authResponseInp_t* _resp ) {
00027
00028
00029 if( !_comm ) {
00030 rodsLog( LOG_ERROR, "rsAuthRequest - null comm pointer" );
00031 return SYS_INVALID_INPUT_PARAM;
00032 }
00033 if( !_resp ) {
00034 rodsLog( LOG_ERROR, "rsAuthRequest - null auth response pointer" );
00035 return SYS_INVALID_INPUT_PARAM;
00036 }
00037
00038
00039
00040
00041
00042 eirods::pluggable_auth_scheme& plug_a = eirods::pluggable_auth_scheme::get_instance();
00043 std::string auth_scheme = plug_a.get( );
00044 if( auth_scheme.empty() ) {
00045 auth_scheme = eirods::AUTH_NATIVE_SCHEME;
00046 }
00047
00048
00049
00050 plug_a.set( "" );
00051
00052
00053
00054 eirods::auth_object_ptr auth_obj;
00055 eirods::error ret = eirods::auth_factory(
00056 auth_scheme,
00057 &_comm->rError,
00058 auth_obj );
00059 if( !ret.ok() ){
00060 eirods::log( PASS( ret ) );
00061 return ret.code();
00062 }
00063
00064
00065
00066 eirods::plugin_ptr ptr;
00067 ret = auth_obj->resolve(
00068 eirods::AUTH_INTERFACE,
00069 ptr );
00070 if( !ret.ok() ){
00071 eirods::log( PASS( ret ) );
00072 return ret.code();
00073 }
00074 eirods::auth_ptr auth_plugin = boost::dynamic_pointer_cast< eirods::auth >( ptr );
00075
00076
00077
00078 ret = auth_plugin->call<
00079 rsComm_t*,
00080 authResponseInp_t* >(
00081 eirods::AUTH_AGENT_AUTH_RESPONSE,
00082 auth_obj,
00083 _comm,
00084 _resp );
00085 if( !ret.ok() ){
00086 eirods::log( PASS( ret ) );
00087 return ret.code();
00088 }
00089
00090
00091
00092 return 0;
00093
00094
00095 }
00096
00097 int
00098 chkProxyUserPriv (rsComm_t *rsComm, int proxyUserPriv)
00099 {
00100 if (strcmp (rsComm->proxyUser.userName, rsComm->clientUser.userName)
00101 == 0) return 0;
00102
00103
00104
00105 if (proxyUserPriv >= LOCAL_PRIV_USER_AUTH ||
00106 (proxyUserPriv >= REMOTE_PRIV_USER_AUTH &&
00107 strcmp (rsComm->proxyUser.rodsZone,rsComm->clientUser.rodsZone) == 0)) {
00108 return 0;
00109 } else {
00110 rodsLog (LOG_ERROR,
00111 "rsAuthResponse: proxyuser %s with %d no priv to auth clientUser %s",
00112 rsComm->proxyUser.userName,
00113 proxyUserPriv,
00114 rsComm->clientUser.userName);
00115 return (SYS_PROXYUSER_NO_PRIV);
00116 }
00117 }
00118