[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[myserver-commit] [2852] Added new `AuthMethod', `AuthMethodFactory' cla
|
From: |
Giuseppe Scrivano |
|
Subject: |
[myserver-commit] [2852] Added new `AuthMethod', `AuthMethodFactory' classes. |
|
Date: |
Sun, 28 Sep 2008 20:56:35 +0000 |
Revision: 2852
http://svn.sv.gnu.org/viewvc/?view=rev&root=myserver&revision=2852
Author: gscrivano
Date: 2008-09-28 20:56:35 +0000 (Sun, 28 Sep 2008)
Log Message:
-----------
Added new `AuthMethod', `AuthMethodFactory' classes.
Modified Paths:
--------------
branches/myserver_sec_new/include/base/xml/xml_parser.h
branches/myserver_sec_new/include/conf/security/Makefile.am
branches/myserver_sec_new/include/conf/security/security_cache.h
branches/myserver_sec_new/include/conf/security/security_manager.h
branches/myserver_sec_new/include/conf/security/validator.h
branches/myserver_sec_new/include/conf/security/xml_validator.h
branches/myserver_sec_new/src/conf/security/Makefile.am
branches/myserver_sec_new/src/conf/security/security_cache.cpp
branches/myserver_sec_new/src/conf/security/security_manager.cpp
branches/myserver_sec_new/src/conf/security/validator.cpp
branches/myserver_sec_new/src/conf/security/validator_factory.cpp
branches/myserver_sec_new/src/conf/security/xml_validator.cpp
branches/myserver_sec_new/src/protocol/http/http.cpp
branches/myserver_sec_new/tests/test_security_manager.cpp
branches/myserver_sec_new/tests/test_validator.cpp
branches/myserver_sec_new/tests/test_xml_validator.cpp
Added Paths:
-----------
branches/myserver_sec_new/include/conf/security/auth_method.h
branches/myserver_sec_new/include/conf/security/auth_method_factory.h
branches/myserver_sec_new/src/conf/security/auth_method.cpp
branches/myserver_sec_new/src/conf/security/auth_method_factory.cpp
Modified: branches/myserver_sec_new/include/base/xml/xml_parser.h
===================================================================
--- branches/myserver_sec_new/include/base/xml/xml_parser.h 2008-09-28
14:44:47 UTC (rev 2851)
+++ branches/myserver_sec_new/include/base/xml/xml_parser.h 2008-09-28
20:56:35 UTC (rev 2852)
@@ -96,6 +96,7 @@
XmlXPathResult* evaluateXpath(string & path){return
evaluateXpath(path.c_str());}
XmlXPathResult* evaluateXpath(const char*);
bool isXpathEnabled(){return useXpath;}
+
private:
xmlXPathContextPtr xpathCtx;
bool useXpath;
Modified: branches/myserver_sec_new/include/conf/security/Makefile.am
===================================================================
--- branches/myserver_sec_new/include/conf/security/Makefile.am 2008-09-28
14:44:47 UTC (rev 2851)
+++ branches/myserver_sec_new/include/conf/security/Makefile.am 2008-09-28
20:56:35 UTC (rev 2852)
@@ -1,4 +1,4 @@
securityincludedir=$(includedir)/myserver/include/conf/security
-securityinclude_HEADERS = auth_domain.h security_cache.h security_domain.h
security_manager.h validator.h validator_factory.h xml_validator.h
+securityinclude_HEADERS = auth_domain.h auth_method.h auth_method_factory.h
security_cache.h security_domain.h security_manager.h validator.h
validator_factory.h xml_validator.h
SUBDIRS =
Added: branches/myserver_sec_new/include/conf/security/auth_method.h
===================================================================
--- branches/myserver_sec_new/include/conf/security/auth_method.h
(rev 0)
+++ branches/myserver_sec_new/include/conf/security/auth_method.h
2008-09-28 20:56:35 UTC (rev 2852)
@@ -0,0 +1,36 @@
+/* -*- mode: c++ -*- */
+/*
+MyServer
+Copyright (C) 2002, 2003, 2004, 2008 Free Software Foundation, Inc.
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef AUTH_METHOD_H
+#define AUTH_METHOD_H
+
+#include "stdafx.h"
+#include <include/conf/security/security_manager.h>
+
+using namespace std;
+
+class AuthMethod
+{
+public:
+ AuthMethod ();
+ virtual ~AuthMethod();
+
+ virtual int getPermissionMask (SecurityToken* st);
+};
+
+#endif
Added: branches/myserver_sec_new/include/conf/security/auth_method_factory.h
===================================================================
--- branches/myserver_sec_new/include/conf/security/auth_method_factory.h
(rev 0)
+++ branches/myserver_sec_new/include/conf/security/auth_method_factory.h
2008-09-28 20:56:35 UTC (rev 2852)
@@ -0,0 +1,41 @@
+/*
+MyServer
+Copyright (C) 2008 Free Software Foundation, Inc.
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef AUTH_METHOD_FACTORY_H
+#define AUTH_METHOD_FACTORY_H
+
+#include "stdafx.h"
+#include <include/base/hash_map/hash_map.h>
+#include <string>
+
+using namespace std;
+
+class AuthMethod;
+
+
+class AuthMethodFactory
+{
+public:
+ AuthMethodFactory ();
+ virtual ~AuthMethodFactory ();
+ AuthMethod* getAuthMethod (string &name);
+ AuthMethod* addAuthMethod (string &name, AuthMethod* authMethod);
+ bool isAuthMethodPresent (string &name);
+private:
+ HashMap<string, AuthMethod*> authMethods;
+};
+#endif
Modified: branches/myserver_sec_new/include/conf/security/security_cache.h
===================================================================
--- branches/myserver_sec_new/include/conf/security/security_cache.h
2008-09-28 14:44:47 UTC (rev 2851)
+++ branches/myserver_sec_new/include/conf/security/security_cache.h
2008-09-28 20:56:35 UTC (rev 2852)
@@ -19,7 +19,12 @@
#define SECURITY_CACHE_H
#include <include/base/hash_map/hash_map.h>
#include <include/conf/security/security_manager.h>
+
+#include <include/conf/security/auth_method_factory.h>
+#include <include/conf/security/auth_method.h>
#include <include/conf/security/validator_factory.h>
+#include <include/conf/security/validator.h>
+#include <include/conf/security/xml_validator.h>
#include <string>
@@ -40,9 +45,11 @@
/////////OLD NASTY AND DISGUSTING. TEMPORARY SOLUTION TO DON'T BREAK
APIs////////////////////////////////////
static class SecurityManager sm;
+ static class AuthMethodFactory authMethodFactory;
static class ValidatorFactory validatorFactory;
- int getPermissionMask (SecurityToken* st){string xml("xml"); return
sm.getPermissionMask (st, NULL, xml);}
+ int getPermissionMask (SecurityToken* st);
+
int getErrorFileName (const char *root, int error,
const char* sysdirectory, string& out){return 0;}
private:
Modified: branches/myserver_sec_new/include/conf/security/security_manager.h
===================================================================
--- branches/myserver_sec_new/include/conf/security/security_manager.h
2008-09-28 14:44:47 UTC (rev 2851)
+++ branches/myserver_sec_new/include/conf/security/security_manager.h
2008-09-28 20:56:35 UTC (rev 2852)
@@ -25,25 +25,12 @@
#include <include/protocol/http/http_headers.h>
#include <include/base/hash_map/hash_map.h>
-#ifndef DO_NOT_USE_SSL
-#include<openssl/ssl.h>
-#include<openssl/crypto.h>
-#include<openssl/lhash.h>
-#include<openssl/err.h>
-#include<openssl/bn.h>
-#include<openssl/pem.h>
-#include<openssl/x509.h>
-#include<openssl/rand.h>
-#include<openssl/pem.h>
-#include<openssl/err.h>
-#include<openssl/rsa.h>
-#endif
-
#include <string>
using namespace std;
class SecurityDomain;
+class AuthMethodFactory;
class ValidatorFactory;
class Vhost;
class Server;
@@ -90,18 +77,23 @@
string *resource;
/*!
+ *Permission mask.
+ */
+ int mask;
+
+ /*!
*Password that the user should provide to have access.
*This is used in authorization schemes like the HTTP digest,
*where the password is not sent in clear on the network.
*/
string neededPassword;
-
+
/*!
- *Permission mask. If [password] is NULL then only the
- *user is considered.
+ *The obtained mask if password were correct.
*/
- int mask;
+ int providedMask;
+
HashMap<string,string*> values;
/*! If it is true the security manager will use the cached values. */
@@ -117,7 +109,6 @@
///////OLD NOT USED////////////
char* requiredPassword;
const char* filename;
- int *providedMask;
struct HttpThreadContext* td;
char* authType;
int authTypeLen;
@@ -127,15 +118,17 @@
class SecurityManager
{
public:
- SecurityManager(ValidatorFactory*);
+ SecurityManager(ValidatorFactory*, AuthMethodFactory*);
~SecurityManager();
int getPermissionMask(SecurityToken* st,
list<SecurityDomain*> *domains,
- string& validator);
+ string& validator,
+ string& authMethod);
private:
ValidatorFactory *validatorFactory;
+ AuthMethodFactory *authMethodFactory;
};
#endif
Modified: branches/myserver_sec_new/include/conf/security/validator.h
===================================================================
--- branches/myserver_sec_new/include/conf/security/validator.h 2008-09-28
14:44:47 UTC (rev 2851)
+++ branches/myserver_sec_new/include/conf/security/validator.h 2008-09-28
20:56:35 UTC (rev 2852)
@@ -22,6 +22,7 @@
#include "stdafx.h"
#include <include/base/hash_map/hash_map.h>
+#include <include/conf/security/auth_method.h>
#include <include/conf/security/security_domain.h>
#include <include/conf/security/security_manager.h>
@@ -36,17 +37,21 @@
virtual ~Validator ();
int getPermissionMask (SecurityToken* st,
- list<SecurityDomain*> *domains);
+ list<SecurityDomain*> *domains,
+ AuthMethod* authMethod);
- virtual int getPermissionMaskImpl (SecurityToken* st);
+ virtual int getPermissionMaskImpl (SecurityToken* st,
+ HashMap<string, SecurityDomain*>
*hashedDomains,
+ AuthMethod* authMethod);
- string *getValue (string &name);
+ string *getValue (HashMap<string, SecurityDomain*> *hashedDomains,
+ string &name);
protected:
- int initializeDomains (SecurityToken* st,
+ int initializeDomains (HashMap<string, SecurityDomain*> *hashedDomains,
+ SecurityToken* st,
list<SecurityDomain*> *domains);
- void clearDomains ();
- HashMap<string, SecurityDomain*> hashedDomains;
+ void clearDomains (HashMap<string, SecurityDomain*> *hashedDomains);
};
#endif
Modified: branches/myserver_sec_new/include/conf/security/xml_validator.h
===================================================================
--- branches/myserver_sec_new/include/conf/security/xml_validator.h
2008-09-28 14:44:47 UTC (rev 2851)
+++ branches/myserver_sec_new/include/conf/security/xml_validator.h
2008-09-28 20:56:35 UTC (rev 2852)
@@ -26,20 +26,44 @@
#include <include/conf/security/security_manager.h>
#include <include/server/server.h>
#include <include/base/sync/mutex.h>
-#include <include/conf/security/security_cache.h>
#include <include/conf/security/validator.h>
#include <include/base/xml/xml_parser.h>
-class XmlValidator : public Validator
+class SecurityCache;
+
+class XmlValidator : public Validator, public AuthMethod
{
public:
XmlValidator ();
virtual ~XmlValidator ();
- virtual int getPermissionMaskImpl (SecurityToken *st);
+ using Validator::getPermissionMask;
+
+ virtual int getPermissionMask (SecurityToken* st);
+
+ virtual int getPermissionMaskImpl (SecurityToken* st,
+ HashMap<string, SecurityDomain*>
*hashedDomains,
+ AuthMethod* authMethod);
+
private:
- int computeXmlNode (xmlNodePtr node, SecurityToken *st, int *cmd);
- SecurityCache* getCache(Server*);
+ XmlParser* getParser(SecurityToken* st);
+ bool doCondition (xmlNodePtr node,
+ HashMap<string, SecurityDomain*> *hashedDomains);
+
+ void doReturn (xmlNodePtr node,
+ int *cmd,
+ HashMap<string, SecurityDomain*> *hashedDomains);
+
+ void doDefine (xmlNodePtr node,
+ SecurityToken *st,
+ HashMap<string, SecurityDomain*> *hashedDomains);
+
+ int computeXmlNode (xmlNodePtr node,
+ SecurityToken *st,
+ int *cmd,
+ HashMap<string, SecurityDomain*> *hashedDomains);
+
+ SecurityCache *getCache(Server*);
SecurityCache *secCache;
Mutex cacheMutex;
};
Modified: branches/myserver_sec_new/src/conf/security/Makefile.am
===================================================================
--- branches/myserver_sec_new/src/conf/security/Makefile.am 2008-09-28
14:44:47 UTC (rev 2851)
+++ branches/myserver_sec_new/src/conf/security/Makefile.am 2008-09-28
20:56:35 UTC (rev 2852)
@@ -1,4 +1,4 @@
lib_LIBRARIES = libsecurity.a
-libsecurity_a_SOURCES = auth_domain.cpp security_cache.cpp
security_domain.cpp security_manager.cpp validator.cpp validator_factory.cpp
xml_validator.cpp
+libsecurity_a_SOURCES = auth_domain.cpp auth_method.cpp
auth_method_factory.cpp security_cache.cpp security_domain.cpp
security_manager.cpp validator.cpp validator_factory.cpp xml_validator.cpp
SUBDIRS =
INCLUDES = $(all_includes)
Added: branches/myserver_sec_new/src/conf/security/auth_method.cpp
===================================================================
--- branches/myserver_sec_new/src/conf/security/auth_method.cpp
(rev 0)
+++ branches/myserver_sec_new/src/conf/security/auth_method.cpp 2008-09-28
20:56:35 UTC (rev 2852)
@@ -0,0 +1,38 @@
+/*
+MyServer
+Copyright (C) 2002-2008 Free Software Foundation, Inc.
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+
+#include <include/conf/security/auth_method.h>
+
+
+AuthMethod::AuthMethod ()
+{
+
+}
+
+AuthMethod::~AuthMethod()
+{
+
+}
+
+/*!
+ *Get the permission mask for the specified user/password.
+ */
+int AuthMethod::getPermissionMask (SecurityToken* st)
+{
+ return 0;
+}
Added: branches/myserver_sec_new/src/conf/security/auth_method_factory.cpp
===================================================================
--- branches/myserver_sec_new/src/conf/security/auth_method_factory.cpp
(rev 0)
+++ branches/myserver_sec_new/src/conf/security/auth_method_factory.cpp
2008-09-28 20:56:35 UTC (rev 2852)
@@ -0,0 +1,66 @@
+/*
+MyServer
+Copyright (C) 2002-2008 Free Software Foundation, Inc.
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include <include/conf/security/auth_method_factory.h>
+#include <include/conf/security/auth_method.h>
+
+#include <string>
+
+using namespace std;
+
+AuthMethodFactory::AuthMethodFactory ()
+{
+ // XmlAuthMethod* xmlAuthMethod = new XmlAuthMethod;
+ // string xml ("xml");
+
+ // authMethods.put (xml, xmlAuthMethod);
+}
+
+AuthMethodFactory::~AuthMethodFactory ()
+{
+ authMethods.clear ();
+}
+
+/*!
+ *Return an AuthMethod given its name.
+ */
+AuthMethod* AuthMethodFactory::getAuthMethod(string &name)
+{
+ return authMethods.get (name);
+}
+
+/*!
+ *Add a new AuthMethod to the factory.
+ *\param name AuthMethod name.
+ *\param authMethod The authMethod to add.
+ *\return The old authMethod registered with [name], in any.
+ */
+AuthMethod* AuthMethodFactory::addAuthMethod(string &name, AuthMethod*
authMethod)
+{
+ return authMethods.put (name, authMethod);
+
+}
+
+/*!
+ *Check if the specified authMethod is present in the factory.
+ *\param name The authMethod name.
+ *\return a bool value to indicate if it is present or not.
+ */
+bool AuthMethodFactory::isAuthMethodPresent (string &name)
+{
+ return getAuthMethod (name) != NULL;
+}
Modified: branches/myserver_sec_new/src/conf/security/security_cache.cpp
===================================================================
--- branches/myserver_sec_new/src/conf/security/security_cache.cpp
2008-09-28 14:44:47 UTC (rev 2851)
+++ branches/myserver_sec_new/src/conf/security/security_cache.cpp
2008-09-28 20:56:35 UTC (rev 2852)
@@ -25,10 +25,24 @@
using namespace std;
+AuthMethodFactory SecurityCache::authMethodFactory;
ValidatorFactory SecurityCache::validatorFactory;
-SecurityManager SecurityCache::sm(&SecurityCache::validatorFactory);
+SecurityManager SecurityCache::sm(&SecurityCache::validatorFactory,
&SecurityCache::authMethodFactory);
-
+int SecurityCache::getPermissionMask (SecurityToken* st)
+{
+ string xml("xml");
+ if (!validatorFactory.isValidatorPresent (xml))
+ {
+ XmlValidator*xmlV = new XmlValidator ();
+
+ validatorFactory.addValidator (xml, xmlV);
+ authMethodFactory.addAuthMethod (xml, (AuthMethod*) xmlV);
+ }
+ return sm.getPermissionMask (st, NULL, xml, xml);
+}
+/////////////////////////////////////////////////////////////////////////////////////
+
/*!
*Constructor for the SecurityCache object.
*/
@@ -205,7 +219,7 @@
}
else
{
- /*!
+ /*!
*Create the parser and add it to the dictionary.
*/
XmlParser* old;
Modified: branches/myserver_sec_new/src/conf/security/security_manager.cpp
===================================================================
--- branches/myserver_sec_new/src/conf/security/security_manager.cpp
2008-09-28 14:44:47 UTC (rev 2851)
+++ branches/myserver_sec_new/src/conf/security/security_manager.cpp
2008-09-28 20:56:35 UTC (rev 2852)
@@ -19,6 +19,8 @@
#include <include/conf/security/security_manager.h>
#include <include/conf/security/validator.h>
#include <include/conf/security/validator_factory.h>
+#include <include/conf/security/auth_method.h>
+#include <include/conf/security/auth_method_factory.h>
#include <string>
#include <sstream>
@@ -50,9 +52,17 @@
}
-SecurityManager::SecurityManager (ValidatorFactory* vf)
+SecurityManager::SecurityManager (ValidatorFactory* vf, AuthMethodFactory* amf)
{
+ /*
+ HashMap<string, Validator*>::Iterator it = validators.begin ();
+
+ for (;it != validators.end (); it++)
+ {
+ delete *it;
+ }*/
validatorFactory = vf;
+ authMethodFactory = amf;
}
SecurityManager::~SecurityManager ()
@@ -65,18 +75,22 @@
*/
int SecurityManager::getPermissionMask (SecurityToken* st,
list<SecurityDomain*> *domains,
- string& validator)
+ string &validator,
+ string &authMethod)
{
- Validator* v = validatorFactory->getValidator(validator);
+ string xml ("xml");
- if (v == NULL)
- {
- string xml ("xml");
+ Validator *v = validatorFactory->getValidator (validator);
+ AuthMethod *am = authMethodFactory->getAuthMethod (authMethod);
+
+ if (!v)
v = validatorFactory->getValidator (xml);
- }
- if (v == NULL)
+ if (!am)
+ am = authMethodFactory->getAuthMethod (xml);
+
+ if (!am || !v)
return 0;
- return v->getPermissionMask (st, domains);
+ return v->getPermissionMask (st, domains, am);
}
Modified: branches/myserver_sec_new/src/conf/security/validator.cpp
===================================================================
--- branches/myserver_sec_new/src/conf/security/validator.cpp 2008-09-28
14:44:47 UTC (rev 2851)
+++ branches/myserver_sec_new/src/conf/security/validator.cpp 2008-09-28
20:56:35 UTC (rev 2852)
@@ -34,17 +34,29 @@
*Decorate getPermissionMaskImpl.
*/
int Validator::getPermissionMask (SecurityToken* st,
- list<SecurityDomain*> *domains)
+ list<SecurityDomain*> *domains,
+ AuthMethod* authMethod)
{
- int ret = initializeDomains (st, domains);
+ HashMap<string, SecurityDomain*> hashedDomains;
+ if (st->done)
+ return st->mask;
+
+ int ret = initializeDomains (&hashedDomains, st, domains);
+
if(ret)
return ret;
- ret = getPermissionMaskImpl (st);
+ if (authMethod)
+ ret = authMethod->getPermissionMask (st);
- clearDomains ();
+ if (!getPermissionMaskImpl (st, &hashedDomains, authMethod))
+ ret = 0;
+
+ clearDomains (&hashedDomains);
+ st->done = true;
+
return ret;
}
@@ -52,7 +64,9 @@
/*!
*Get the permission mask for the requested resource.
*/
-int Validator::getPermissionMaskImpl (SecurityToken* st)
+int Validator::getPermissionMaskImpl (SecurityToken* st,
+ HashMap<string, SecurityDomain*>
*hashedDomains,
+ AuthMethod* authMethod)
{
return 0;
}
@@ -62,19 +76,21 @@
/*!
*Initialize the domains.
*/
-int Validator::initializeDomains (SecurityToken* st,
+int Validator::initializeDomains (HashMap<string, SecurityDomain*>
*hashedDomains,
+ SecurityToken* st,
list<SecurityDomain*> *domains)
{
- string authName ("");
- hashedDomains.put (authName, new AuthDomain(st));
+ string authName ("auth");
+ hashedDomains->put (authName, new AuthDomain(st));
+
if (domains)
{
for (list<SecurityDomain*>::iterator it = domains->begin (); it !=
domains->end (); it++)
{
SecurityDomain *domain = *it;
- string name = domain->getName();
- hashedDomains.put (name, domain);
+ string name = domain->getName ();
+ hashedDomains->put (name, domain);
}
}
@@ -84,11 +100,11 @@
/*!
*Clear the resources used by the domains.
*/
-void Validator::clearDomains ()
+void Validator::clearDomains (HashMap<string, SecurityDomain*> *hashedDomains)
{
- HashMap<string, SecurityDomain*>::Iterator it = hashedDomains.begin();
+ HashMap<string, SecurityDomain*>::Iterator it = hashedDomains->begin();
- for (;it != hashedDomains.end(); it++)
+ for (;it != hashedDomains->end(); it++)
{
delete *it;
}
@@ -97,10 +113,11 @@
/*!
*Get the value for [name] in the form domain.variable.
+ *\param hashedDomains Registered security domains.
*\param name Variable name.
*\return The value of the requested variable.
*/
-string *Validator::getValue (string &name)
+string *Validator::getValue (HashMap<string, SecurityDomain*> *hashedDomains,
string &name)
{
string domain;
string var;
@@ -118,7 +135,7 @@
var = name;
}
- securityDomain = hashedDomains.get (domain);
+ securityDomain = hashedDomains->get (domain);
if (securityDomain)
return securityDomain->getValue (var);
Modified: branches/myserver_sec_new/src/conf/security/validator_factory.cpp
===================================================================
--- branches/myserver_sec_new/src/conf/security/validator_factory.cpp
2008-09-28 14:44:47 UTC (rev 2851)
+++ branches/myserver_sec_new/src/conf/security/validator_factory.cpp
2008-09-28 20:56:35 UTC (rev 2852)
@@ -35,13 +35,6 @@
ValidatorFactory::~ValidatorFactory ()
{
- HashMap<string, Validator*>::Iterator it = validators.begin ();
-
- for (;it != validators.end (); it++)
- {
- delete *it;
- }
-
validators.clear ();
}
@@ -62,7 +55,6 @@
Validator* ValidatorFactory::addValidator(string &name, Validator* validator)
{
return validators.put (name, validator);
-
}
/*!
Modified: branches/myserver_sec_new/src/conf/security/xml_validator.cpp
===================================================================
--- branches/myserver_sec_new/src/conf/security/xml_validator.cpp
2008-09-28 14:44:47 UTC (rev 2851)
+++ branches/myserver_sec_new/src/conf/security/xml_validator.cpp
2008-09-28 20:56:35 UTC (rev 2852)
@@ -18,6 +18,7 @@
#include <include/conf/security/xml_validator.h>
#include <include/conf/security/auth_domain.h>
+#include <include/conf/security/security_cache.h>
XmlValidator::XmlValidator ()
{
@@ -38,7 +39,7 @@
*/
SecurityCache* XmlValidator::getCache(Server *server)
{
- if (secCache == NULL && server != NULL)
+ if (!secCache && server)
{
const char *data = server->getHashedData ("SECURITY_CACHE_NODES");
secCache = new SecurityCache ();
@@ -52,84 +53,266 @@
return secCache;
}
-
/*!
- *\see XmlValidator#getPermissionMaskImpl.
+ *Get the XML parser to use.
*/
-int XmlValidator::getPermissionMaskImpl (SecurityToken* st)
+XmlParser* XmlValidator::getParser(SecurityToken* st)
{
const char *secName;
- XmlParser* xmlFile;
+
SecurityCache *cache = getCache (st->server);
- if (cache == NULL)
- return 0;
+ if (!cache)
+ return NULL;
secName = st->vhost ? st->vhost->getHashedData ("SECURITY_FILE_NAME") : NULL;
- if (secName == NULL)
+ if (!secName)
secName = st->server ? st->server->getHashedData ("SECURITY_FILE_NAME") :
NULL;
- if (secName == NULL)
+ if (!secName)
secName = ".security.xml";
- xmlFile = cache->getParser (*st->resource, *st->sysdirectory, false,
secName);
+ return cache->getParser (*st->resource, *st->sysdirectory, false, secName);
+}
- if (xmlFile == NULL)
+/*!
+ *\see AuthMethod#getPermissionMask.
+ */
+int XmlValidator::getPermissionMask (SecurityToken* st)
+{
+ xmlNodePtr root;
+ XmlParser* xmlFile = getParser (st);
+
+ if (!xmlFile)
return 0;
for (xmlNodePtr cur = xmlFile->getDoc ()->children; cur; cur = cur->next)
if (cur->type == XML_ELEMENT_NODE)
{
- int cmd;
+ for (xmlNodePtr curChild = cur->children; curChild; curChild =
curChild->next)
+ if (curChild->type == XML_ELEMENT_NODE)
+ {
+ root = curChild;
+ break;
+ }
+ }
- computeXmlNode (cur, st, &cmd);
+ for (xmlNodePtr cur = root; cur; cur = cur->next)
+ {
+ if (xmlStrcmp (cur->name, (const xmlChar *) "USER"))
+ continue;
+
+ xmlAttr *attrs = cur->properties;
+
+ const xmlChar* name;
+ const xmlChar* password;
- return cmd;
+ int permissions = 0;
+
+ while (attrs)
+ {
+ if (!xmlStrcmp (attrs->name, (const xmlChar *)"name") &&
+ attrs->children && attrs->children->content)
+ name = attrs->children->content;
+
+ if (!xmlStrcmp (attrs->name, (const xmlChar *)"password") &&
+ attrs->children && attrs->children->content)
+ password = attrs->children->content;
+
+ if (!xmlStrcmp (attrs->name, (const xmlChar *)"read") &&
+ attrs->children && attrs->children->content &&
+ !xmlStrcmp(attrs->children->content, (const xmlChar *) "YES"))
+ permissions |= MYSERVER_PERMISSION_READ;
+
+ if (!xmlStrcmp (attrs->name, (const xmlChar *)"write") &&
+ attrs->children && attrs->children->content &&
+ !xmlStrcmp(attrs->children->content, (const xmlChar *) "YES"))
+ permissions |= MYSERVER_PERMISSION_WRITE;
+
+ if (!xmlStrcmp (attrs->name, (const xmlChar *)"execute") &&
+ attrs->children && attrs->children->content &&
+ !xmlStrcmp(attrs->children->content, (const xmlChar *) "YES"))
+ permissions |= MYSERVER_PERMISSION_EXECUTE;
+
+ if (!xmlStrcmp (attrs->name, (const xmlChar *)"browse") &&
+ attrs->children && attrs->children->content &&
+ !xmlStrcmp(attrs->children->content, (const xmlChar *) "YES"))
+ permissions |= MYSERVER_PERMISSION_BROWSE;
+
+ attrs = attrs->next;
}
+ if (xmlStrcmp (name, (const xmlChar *)st->user.c_str ()))
+ continue;
+
+ st->providedMask = permissions;
+
+ if (xmlStrcmp (password, (const xmlChar *)st->password.c_str ()))
+ st->mask = 0;
+ else
+ st->mask = permissions;
+
+ return st->mask;
+ }
+
return 0;
}
+
/*!
- *Compute the current XML node.
+ *\see XmlValidator#getPermissionMaskImpl.
*/
-int XmlValidator::computeXmlNode (xmlNodePtr node, SecurityToken *st, int *cmd)
+int XmlValidator::getPermissionMaskImpl (SecurityToken* st,
+ HashMap<string, SecurityDomain*>
*hashedDomains,
+ AuthMethod* authMethod)
{
- printf ("%s\n", node->name);
+ XmlParser* xmlFile = getParser (st);
- if (node == NULL)
+ if (!xmlFile)
return 0;
- for (xmlNodePtr cur = node->children; cur; cur = cur->next)
+ for (xmlNodePtr cur = xmlFile->getDoc ()->children; cur; cur = cur->next)
if (cur->type == XML_ELEMENT_NODE)
{
- if (!xmlStrcmp (cur->name, (const xmlChar *) "CONDITION"))
- {
- string name;
- const xmlChar *value = "";
- xmlAttr *attrs = cur->properties;
+ int cmd = 1;
- while (attrs)
- {
- if(!xmlStrcmp (attrs->name, (const xmlChar *)"name") &&
- attrs->children && attrs->children->content)
- name.assign ((const char*)attrs->children->content);
-
- if(!xmlStrcmp (attrs->name, (const xmlChar *)"value") &&
- attrs->children && attrs->children->content)
- value = attrs->children->content;
-
- attrs = attrs->next;
- }
+ computeXmlNode (cur, st, &cmd, hashedDomains);
- string *storedValue = getValue (name);
+ return cmd;
+ }
- if (storedValue && storedValue->compare ((const char*)value) == 0)
- computeXmlNode (cur, st, cmd);
+ return 0;
+}
- }
+/*!
+ *Compute the current XML node.
+ */
+int XmlValidator::computeXmlNode (xmlNodePtr node,
+ SecurityToken *st,
+ int *cmd,
+ HashMap<string, SecurityDomain*>
*hashedDomains)
+{
+ if (!node)
+ return 0;
+
+ for (xmlNodePtr cur = node->children; cur; cur = cur->next)
+ {
+ if (cur->type != XML_ELEMENT_NODE)
+ continue;
+
+ if (!xmlStrcmp (cur->name, (const xmlChar *) "CONDITION"))
+ {
+ if (doCondition (cur, hashedDomains) && computeXmlNode (cur, st, cmd,
hashedDomains))
+ return 1;
}
+ else if (!xmlStrcmp (cur->name, (const xmlChar *) "RETURN"))
+ {
+ doReturn (cur, cmd, hashedDomains);
+ return 1;
+ }
+ else if (!xmlStrcmp (cur->name, (const xmlChar *) "DEFINE"))
+ {
+ doDefine (cur, st, hashedDomains);
+ }
+ }
return 0;
}
+
+/*!
+ *Handle a CONDITION.
+ */
+bool XmlValidator::doCondition (xmlNodePtr node, HashMap<string,
SecurityDomain*> *hashedDomains)
+{
+ string name;
+ const xmlChar *isNot = (const xmlChar*)"";
+ const xmlChar *value = (const xmlChar*)"";
+ xmlAttr *attrs = node->properties;
+
+ while (attrs)
+ {
+ if(!xmlStrcmp (attrs->name, (const xmlChar *)"name") &&
+ attrs->children && attrs->children->content)
+ name.assign ((const char*)attrs->children->content);
+
+ if(!xmlStrcmp (attrs->name, (const xmlChar *)"value") &&
+ attrs->children && attrs->children->content)
+ value = attrs->children->content;
+
+ if(!xmlStrcmp (attrs->name, (const xmlChar *)"not") &&
+ attrs->children && attrs->children->content)
+ isNot = attrs->children->content;
+
+ attrs = attrs->next;
+ }
+
+ string *storedValue = getValue (hashedDomains, name);
+
+ if (!storedValue)
+ return false;
+
+ bool eq = storedValue->compare ((const char*)value) == 0;
+
+ if (!xmlStrcmp (isNot, (const xmlChar *) "yes"))
+ return !eq;
+
+ return eq;
+}
+
+/*!
+ *Handle a DEFINE.
+ */
+void XmlValidator::doDefine (xmlNodePtr node, SecurityToken *st,
HashMap<string, SecurityDomain*> *hashedDomains)
+{
+ string name;
+ const xmlChar *value = (const xmlChar*)"";
+ xmlAttr *attrs = node->properties;
+
+ while (attrs)
+ {
+ if(!xmlStrcmp (attrs->name, (const xmlChar *)"name") &&
+ attrs->children && attrs->children->content)
+ name.assign ((const char*)attrs->children->content);
+
+ if(!xmlStrcmp (attrs->name, (const xmlChar *)"value") &&
+ attrs->children && attrs->children->content)
+ value = attrs->children->content;
+
+ attrs = attrs->next;
+ }
+
+ if (!value)
+ return;
+
+ string *valStr = new string ((const char *)value);
+
+ string *old = st->values.put (name, valStr);
+
+ if (old)
+ delete old;
+}
+
+/*!
+ *Handle a RETURN.
+ */
+void XmlValidator::doReturn (xmlNodePtr node, int *cmd, HashMap<string,
SecurityDomain*> *hashedDomains)
+{
+ xmlAttr *attrs = node->properties;
+
+ xmlChar *value = NULL;
+
+ while (attrs)
+ {
+ if (!xmlStrcmp (attrs->name, (const xmlChar *)"value") &&
+ attrs->children && attrs->children->content)
+ value = attrs->children->content;
+
+ attrs = attrs->next;
+ }
+
+ if (value && !xmlStrcmp (value, (const xmlChar *) "ALLOW"))
+ *cmd = 1;
+ else
+ *cmd = 0;
+}
Modified: branches/myserver_sec_new/src/protocol/http/http.cpp
===================================================================
--- branches/myserver_sec_new/src/protocol/http/http.cpp 2008-09-28
14:44:47 UTC (rev 2851)
+++ branches/myserver_sec_new/src/protocol/http/http.cpp 2008-09-28
20:56:35 UTC (rev 2852)
@@ -428,7 +428,6 @@
st.filename = file.c_str();
st.requiredPassword =
((HttpUserData*)td->connection->protocolBuffer)->requiredPassword;
- st.providedMask = &providedMask;
staticHttp.secCacheMutex.lock();
try
{
Modified: branches/myserver_sec_new/tests/test_security_manager.cpp
===================================================================
--- branches/myserver_sec_new/tests/test_security_manager.cpp 2008-09-28
14:44:47 UTC (rev 2851)
+++ branches/myserver_sec_new/tests/test_security_manager.cpp 2008-09-28
20:56:35 UTC (rev 2852)
@@ -24,6 +24,7 @@
#include <include/conf/security/security_manager.h>
#include <include/conf/security/validator_factory.h>
+#include <include/conf/security/auth_method_factory.h>
#include <string.h>
@@ -36,12 +37,13 @@
CPPUNIT_TEST( testGetPermissionMask );
CPPUNIT_TEST_SUITE_END();
+ AuthMethodFactory authMethodFactory;
ValidatorFactory validatorFactory;
SecurityManager* securityManager;
public:
void setUp()
{
- securityManager = new SecurityManager(&validatorFactory);
+ securityManager = new SecurityManager(&validatorFactory,
&authMethodFactory);
}
void tearDown()
@@ -51,10 +53,9 @@
void testGetPermissionMask()
{
- string val("value");
SecurityToken secToken;
- string validator("xml");
- CPPUNIT_ASSERT_EQUAL(securityManager->getPermissionMask(&secToken, NULL,
validator), 0);
+ string xml("xml");
+ CPPUNIT_ASSERT_EQUAL(securityManager->getPermissionMask(&secToken, NULL,
xml, xml), 0);
}
};
Modified: branches/myserver_sec_new/tests/test_validator.cpp
===================================================================
--- branches/myserver_sec_new/tests/test_validator.cpp 2008-09-28 14:44:47 UTC
(rev 2851)
+++ branches/myserver_sec_new/tests/test_validator.cpp 2008-09-28 20:56:35 UTC
(rev 2852)
@@ -25,7 +25,7 @@
public:
void setUp()
{
- validator = new Validator();
+ validator = new Validator ();
}
void tearDown()
@@ -33,26 +33,26 @@
delete validator;
}
- void testGetValue()
+ void testGetValue ()
{
- string val("value");
- CPPUNIT_ASSERT_EQUAL(validator->getValue(val), (string*)NULL);
-
+ string val ("value");
+ HashMap<string, SecurityDomain*> hashedDomains;
+ CPPUNIT_ASSERT_EQUAL (validator->getValue (&hashedDomains, val),
(string*)NULL);
}
- void testGetPermissionMaskImpl()
+ void testGetPermissionMaskImpl ()
{
- string val("value");
+ string val ("value");
SecurityToken secToken;
- CPPUNIT_ASSERT_EQUAL(validator->getPermissionMaskImpl(&secToken), 0);
+ CPPUNIT_ASSERT_EQUAL (validator->getPermissionMaskImpl (&secToken, NULL,
NULL), 0);
}
- void testGetPermissionMask()
+ void testGetPermissionMask ()
{
- string val("value");
+ string val ("value");
SecurityToken secToken;
- CPPUNIT_ASSERT_EQUAL(validator->getPermissionMask(&secToken, NULL), 0);
+ CPPUNIT_ASSERT_EQUAL (validator->getPermissionMask (&secToken, NULL,
NULL), 0);
}
};
Modified: branches/myserver_sec_new/tests/test_xml_validator.cpp
===================================================================
--- branches/myserver_sec_new/tests/test_xml_validator.cpp 2008-09-28
14:44:47 UTC (rev 2851)
+++ branches/myserver_sec_new/tests/test_xml_validator.cpp 2008-09-28
20:56:35 UTC (rev 2852)
@@ -36,7 +36,9 @@
void testGetValue()
{
string val("value");
- CPPUNIT_ASSERT_EQUAL(xmlValidator->getValue(val), (string*)NULL);
+ HashMap<string, SecurityDomain*> hashedDomains;
+
+ CPPUNIT_ASSERT_EQUAL(xmlValidator->getValue(&hashedDomains, val),
(string*)NULL);
}
@@ -44,7 +46,7 @@
{
string val("value");
SecurityToken secToken;
- CPPUNIT_ASSERT_EQUAL(xmlValidator->getPermissionMaskImpl(&secToken), 0);
+ CPPUNIT_ASSERT_EQUAL(xmlValidator->getPermissionMaskImpl(&secToken, NULL,
NULL), 0);
}
@@ -52,7 +54,7 @@
{
string val("value");
SecurityToken secToken;
- CPPUNIT_ASSERT_EQUAL(xmlValidator->getPermissionMask(&secToken, NULL), 0);
+ CPPUNIT_ASSERT_EQUAL(xmlValidator->getPermissionMask(&secToken, NULL,
NULL), 0);
}
};
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [myserver-commit] [2852] Added new `AuthMethod', `AuthMethodFactory' classes.,
Giuseppe Scrivano <=