Back to index

nordugrid-arc-nox  1.1.0~rc6
Public Member Functions | Static Public Member Functions | Static Protected Attributes | Private Types | Private Attributes
ArcSec::UsernameTokenSH Class Reference

Adds WS-Security Username Token into SOAP Header. More...

#include <UsernameTokenSH.h>

Inheritance diagram for ArcSec::UsernameTokenSH:
Inheritance graph
[legend]
Collaboration diagram for ArcSec::UsernameTokenSH:
Collaboration graph
[legend]

List of all members.

Public Member Functions

 UsernameTokenSH (Arc::Config *cfg, Arc::ChainContext *ctx)
virtual ~UsernameTokenSH (void)
virtual bool Handle (Arc::Message *msg) const

Static Public Member Functions

static Arc::Pluginget_sechandler (Arc::PluginArgument *arg)

Static Protected Attributes

static Arc::Logger logger

Private Types

enum  { process_none, process_extract, process_generate }
enum  { password_text, password_digest }

Private Attributes

enum ArcSec::UsernameTokenSH:: { ... }  process_type_
enum ArcSec::UsernameTokenSH:: { ... }  password_type_
std::string username_
std::string password_
std::string password_source_

Detailed Description

Adds WS-Security Username Token into SOAP Header.

Definition at line 14 of file UsernameTokenSH.h.


Member Enumeration Documentation

anonymous enum [private]
Enumerator:
process_none 
process_extract 
process_generate 

Definition at line 16 of file UsernameTokenSH.h.

anonymous enum [private]
Enumerator:
password_text 
password_digest 

Definition at line 21 of file UsernameTokenSH.h.


Constructor & Destructor Documentation

Definition at line 34 of file UsernameTokenSH.cpp.

                                                         :SecHandler(cfg){
  process_type_=process_none;
  std::string process_type = (std::string)((*cfg)["Process"]);
  if(process_type == "extract") { 
    password_source_=(std::string)((*cfg)["PasswordSource"]);
    if(password_source_.empty()) {
      logger.msg(ERROR,"Missing or empty PasswordSource element");
      return;
    };
    process_type_=process_extract;
  } else if(process_type == "generate") {
    std::string pwd_encoding = (std::string)((*cfg)["PasswordEncoding"]);
    if(pwd_encoding == "digest") {
      password_type_=password_digest;
    } else if((pwd_encoding == "text") || pwd_encoding.empty()) {
      password_type_=password_text;
    } else {
      logger.msg(ERROR,"Password encoding type not supported: %s",pwd_encoding);
      return;
    };
    username_=(std::string)((*cfg)["Username"]);
    if(username_.empty()) {
      logger.msg(ERROR,"Missing or empty Username element");
      return;
    };
    password_=(std::string)((*cfg)["Password"]);
    process_type_=process_generate;
  } else {
    logger.msg(ERROR,"Processing type not supported: %s",process_type);
    return;
  };
}

Here is the call graph for this function:

Here is the caller graph for this function:

Definition at line 67 of file UsernameTokenSH.cpp.

                                  {
}

Member Function Documentation

Definition at line 17 of file UsernameTokenSH.cpp.

                                                                       {
    ArcSec::SecHandlerPluginArgument* shcarg =
            arg?dynamic_cast<ArcSec::SecHandlerPluginArgument*>(arg):NULL;
    if(!shcarg) return NULL;
    return new ArcSec::UsernameTokenSH((Arc::Config*)(*shcarg),(Arc::ChainContext*)(*shcarg));
}

Here is the call graph for this function:

bool ArcSec::UsernameTokenSH::Handle ( Arc::Message msg) const [virtual]

Implements ArcSec::SecHandler.

Definition at line 70 of file UsernameTokenSH.cpp.

                                                  {
  if(process_type_ == process_extract) {
    try {
      PayloadSOAP* soap = dynamic_cast<PayloadSOAP*>(msg->Payload());
      UsernameToken ut(*soap);
      if(!ut) {
        logger.msg(ERROR,"Failed to parse Username Token from incoming SOAP");
        return false;
      };
      std::string derived_key;
      std::ifstream stream(password_source_.c_str());  
      if(!ut.Authenticate(stream, derived_key)) {
        logger.msg(ERROR, "Failed to authenticate Username Token inside the incoming SOAP");
        stream.close(); return false;
      };
      logger.msg(INFO, "Succeeded to authenticate UsernameToken");
      stream.close();
    } catch(std::exception) {
      logger.msg(ERROR,"Incoming Message is not SOAP");
      return false;
    }  
  } else if(process_type_ == process_generate) {
    try {
      PayloadSOAP* soap = dynamic_cast<PayloadSOAP*>(msg->Payload());
      UsernameToken ut(*soap,username_,password_,std::string(""),
         (password_type_==password_digest)?(UsernameToken::PasswordDigest):(UsernameToken::PasswordText));
      if(!ut) {
        logger.msg(ERROR,"Failed to generate Username Token for outgoing SOAP");
        return false;
      };
    } catch(std::exception) {
      logger.msg(ERROR,"Outgoing Message is not SOAP");
      return false;
    }
  } else {
    logger.msg(ERROR,"Username Token handler is not configured");
    return false;
  } 
  return true;
}

Here is the call graph for this function:


Member Data Documentation

Arc::Logger ArcSec::SecHandler::logger [static, protected, inherited]

Reimplemented in ArcSec::DelegationSH.

Definition at line 31 of file SecHandler.h.

std::string ArcSec::UsernameTokenSH::password_ [private]

Definition at line 26 of file UsernameTokenSH.h.

Definition at line 27 of file UsernameTokenSH.h.

std::string ArcSec::UsernameTokenSH::username_ [private]

Definition at line 25 of file UsernameTokenSH.h.


The documentation for this class was generated from the following files: