当前位置: 首页>>代码示例>>C++>>正文

C++ Owned::credentials方法代码示例

本文整理汇总了C++中Owned::credentials方法的典型用法代码示例。如果您正苦于以下问题:C++ Owned::credentials方法的具体用法?C++ Owned::credentials怎么用?C++ Owned::credentials使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在Owned的用法示例。


在下文中一共展示了Owned::credentials方法的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。

示例1: enableScopeScans

 bool enableScopeScans(IUserDescriptor *udesc, bool enable, int * err)
 {
     bool superUser;
     StringBuffer username;
     StringBuffer password;
     udesc->getUserName(username);
     udesc->getPassword(password);
     Owned<ISecUser> user = ldapsecurity->createUser(username);
     user->credentials().setPassword(password);
     if (!ldapsecurity->authenticateUser(*user,superUser) || !superUser)
     {
         *err = -1;
         return false;
     }
     unsigned flags = getLDAPflags();
     if (enable)
     {
         DBGLOG("Scope Scans Enabled by user %s",username.str());
         flags |= (unsigned)DLF_SCOPESCANS;
     }
     else
     {
         DBGLOG("Scope Scans Disabled by user %s",username.str());
         flags &= ~(unsigned)DLF_SCOPESCANS;
     }
     setLDAPflags(flags);
     *err = 0;
     return true;
 }
开发者ID:fnisswandt,项目名称:HPCC-Platform,代码行数:29,代码来源:daldap.cpp

示例2: run

 virtual int run()
 {
     int access = 0;
     int total = 0, mint = -1, maxt = 0;
     for(int i = 0; i < m_rounds; i++)
     {
         time_t start, stop;
         time(&start);
         {
             //synchronized block(m_mutex);
             Owned<ISecUser> usr = m_secmgr->createUser(m_user.get());
             usr->credentials().setPassword(m_passwd.get());
             //access = m_secmgr->authorizeFileScope(*usr, m_resource.get());
             access = m_secmgr->authorizeEx(m_rtype, *usr, m_resource.get());
         }
         time(&stop);
         int span = (int)(stop - start);
         total += span;
         if(mint == -1 || mint > span)
             mint = span;
         if(maxt < span)
             maxt = span;
         if((i+1)%100 == 0)
             DBGLOG("Finished %d times\n", i+1);
     }
     DBGLOG("Permission: %d, min: %d, max: %d, average:%f", access, mint, maxt, total*1.0/m_rounds);
     return 0;
 }
开发者ID:RogerDev,项目名称:HPCC-Platform,代码行数:28,代码来源:ldapsecuritytest.cpp

示例3: getPermissions

    int getPermissions(const char *key,const char *obj,IUserDescriptor *udesc,unsigned auditflags)
    {
        if (!ldapsecurity||((getLDAPflags()&DLF_ENABLED)==0)) 
            return 255;
        bool filescope = stricmp(key,"Scope")==0;
        bool wuscope = stricmp(key,"workunit")==0;
        if (filescope||wuscope) {
            StringBuffer username;
            StringBuffer password;
            int perm = 0;
            if (udesc) {
                udesc->getUserName(username);
                udesc->getPassword(password);
            }
            if (username.length()==0)  {
#ifndef _NO_DALIUSER_STACKTRACE
                DBGLOG("UNEXPECTED USER (NULL) in daldap.cpp getPermissions() line %d", __LINE__);
                //following debug code to be removed
                PrintStackReport();
#endif
                username.append(filesdefaultuser);
                decrypt(password, filesdefaultpassword);
            }
            unsigned start = msTick();
            Owned<ISecUser> user = ldapsecurity->createUser(username);
            if (user) {
                user->credentials().setPassword(password);
                if (filescope)
                    perm=ldapsecurity->authorizeFileScope(*user, obj);
                else if (wuscope)
                    perm=ldapsecurity->authorizeWorkunitScope(*user, obj);
                if (perm==-1)
                    perm = 0;
            }
            unsigned taken = msTick()-start;
#ifndef _DEBUG
            if (taken>100) 
#endif
            {
                PROGLOG("LDAP: getPermissions(%s) scope=%s user=%s returns %d in %d ms",key?key:"NULL",obj?obj:"NULL",username.str(),perm,taken);
            }
            if (auditflags&DALI_LDAP_AUDIT_REPORT) {
                StringBuffer auditstr;
                if ((auditflags&DALI_LDAP_READ_WANTED)&&!HASREADPERMISSION(perm)) 
                    auditstr.append("Lookup Access Denied");
                else if ((auditflags&DALI_LDAP_WRITE_WANTED)&&!HASWRITEPERMISSION(perm)) 
                    auditstr.append("Create Access Denied");
                if (auditstr.length()) {
                    auditstr.append(":\n\tProcess:\tdaserver");
                    auditstr.appendf("\n\tUser:\t%s",username.str());
                    auditstr.appendf("\n\tScope:\t%s\n",obj?obj:"");
                    SYSLOG(AUDIT_TYPE_ACCESS_FAILURE,auditstr.str());
                }
            }
            return perm;
        }
        return 255;
    }
开发者ID:deepinit-arek,项目名称:HPCC-Platform,代码行数:58,代码来源:daldap.cpp

示例4: enableScopeScans

    bool enableScopeScans(IUserDescriptor *udesc, bool enable, int * err)
    {
        bool superUser;
        StringBuffer username;
        StringBuffer password;
        udesc->getUserName(username);
        udesc->getPassword(password);
        Owned<ISecUser> user = ldapsecurity->createUser(username);

        //Check user's digital signature, if present
        bool authenticated = false;
        if (!isEmptyString(udesc->querySignature()))
        {
            if (nullptr == pDSM)
                pDSM = queryDigitalSignatureManagerInstanceFromEnv();
            if (pDSM && pDSM->isDigiVerifierConfigured())
            {
                StringBuffer b64Signature(udesc->querySignature());
                if (!pDSM->digiVerify(username, b64Signature))//digital signature valid?
                {
                    ERRLOG("LDAP: enableScopeScans(%s) : Invalid user digital signature", username.str());
                    *err = -1;
                    return false;
                }
                else
                    authenticated = true;
            }
        }

        if (!authenticated)
        {
            user->credentials().setPassword(password);
            if (!ldapsecurity->authenticateUser(*user, &superUser) || !superUser)
            {
                *err = -1;
                return false;
            }
        }

        unsigned flags = getLDAPflags();
        if (enable)
        {
            DBGLOG("Scope Scans Enabled by user %s",username.str());
            flags |= (unsigned)DLF_SCOPESCANS;
        }
        else
        {
            DBGLOG("Scope Scans Disabled by user %s",username.str());
            flags &= ~(unsigned)DLF_SCOPESCANS;
        }
        setLDAPflags(flags);
        *err = 0;
        return true;
    }
开发者ID:johnholt,项目名称:HPCC-Platform,代码行数:54,代码来源:daldap.cpp

示例5: clearPermissionsCache

 bool clearPermissionsCache(IUserDescriptor *udesc)
 {
     if (!ldapsecurity || ((getLDAPflags() & DLF_ENABLED) == 0))
         return true;
     StringBuffer username;
     StringBuffer password;
     udesc->getUserName(username);
     udesc->getPassword(password);
     Owned<ISecUser> user = ldapsecurity->createUser(username);
     user->credentials().setPassword(password);
     return ldapsecurity->clearPermissionsCache(*user);
 }
开发者ID:johnholt,项目名称:HPCC-Platform,代码行数:12,代码来源:daldap.cpp

示例6: getPermissions

    SecAccessFlags getPermissions(const char *key,const char *obj,IUserDescriptor *udesc,unsigned auditflags,const char * reqSignature, CDateTime * reqUTCTimestamp)
    {
        if (!ldapsecurity||((getLDAPflags()&DLF_ENABLED)==0)) 
            return SecAccess_Full;
        StringBuffer username;
        StringBuffer password;
        if (udesc) 
        {
            udesc->getUserName(username);
            udesc->getPassword(password);
        }
        else
        {
            WARNLOG("NULL UserDescriptor in daldap.cpp getPermissions('%s')",key ? key : "NULL");
        }

        if (0 == username.length())
        {
            username.append(filesdefaultuser);
            decrypt(password, filesdefaultpassword);
        }

        Owned<ISecUser> user = ldapsecurity->createUser(username);
        user->credentials().setPassword(password);

        bool authenticated = false;

        //Check that the digital signature provided by the caller (signature of
        //caller's "scope;username;timeStamp") matches what we expect it to be
        if (!isEmptyString(reqSignature))
        {
            if (nullptr == pDSM)
                pDSM = queryDigitalSignatureManagerInstanceFromEnv();
            if (pDSM && pDSM->isDigiVerifierConfigured())
            {
                StringBuffer requestTimestamp;
                reqUTCTimestamp->getString(requestTimestamp, false);//extract timestamp string from Dali request

                CDateTime now;
                now.setNow();
                if (now.compare(*reqUTCTimestamp) < 0)//timestamp from the future?
                {
                    ERRLOG("LDAP: getPermissions(%s) scope=%s user=%s Request digital signature timestamp %s from the future",key?key:"NULL",obj?obj:"NULL",username.str(), requestTimestamp.str());
                    return SecAccess_None;//deny
                }

                CDateTime expiry;
                expiry.set(now);
                expiry.adjustTime(requestSignatureExpiryMinutes);//compute expiration timestamp

                if (expiry.compare(*reqUTCTimestamp) < 0)//timestamp too far in the past?
                {
                    ERRLOG("LDAP: getPermissions(%s) scope=%s user=%s Expired request digital signature timestamp %s",key?key:"NULL",obj?obj:"NULL",username.str(), requestTimestamp.str());
                    return SecAccess_None;//deny
                }

                VStringBuffer expectedStr("%s;%s;%s", obj, username.str(), requestTimestamp.str());
                StringBuffer b64Signature(reqSignature);// signature of scope;user;timestamp

                if (!pDSM->digiVerify(expectedStr, b64Signature))//does the digital signature match what we expect?
                {
                    ERRLOG("LDAP: getPermissions(%s) scope=%s user=%s fails digital signature verification",key?key:"NULL",obj?obj:"NULL",username.str());
                    return SecAccess_None;//deny
                }

                authenticated = true;//Digital signature verified
            }
            else
                ERRLOG("LDAP: getPermissions(%s) scope=%s user=%s digital signature support not available",key?key:"NULL",obj?obj:"NULL",username.str());
        }

        if (!authenticated && !ldapsecurity->authenticateUser(*user, NULL))
        {
            ERRLOG("LDAP: getPermissions(%s) scope=%s user=%s fails LDAP authentication",key?key:"NULL",obj?obj:"NULL",username.str());
            return SecAccess_None;//deny
        }

        bool filescope = stricmp(key,"Scope")==0;
        bool wuscope = stricmp(key,"workunit")==0;

        if (filescope || wuscope) {
            SecAccessFlags perm = SecAccess_None;
            unsigned start = msTick();
            if (filescope)
                perm=ldapsecurity->authorizeFileScope(*user, obj);
            else if (wuscope)
                perm=ldapsecurity->authorizeWorkunitScope(*user, obj);
            if (perm == SecAccess_Unavailable)
                perm = SecAccess_None;

            unsigned taken = msTick()-start;
#ifndef _DEBUG
            if (taken>100) 
#endif
            {
                PROGLOG("LDAP: getPermissions(%s) scope=%s user=%s returns %d in %d ms",key?key:"NULL",obj?obj:"NULL",username.str(),perm,taken);
            }
            if (auditflags&DALI_LDAP_AUDIT_REPORT) {
                StringBuffer auditstr;
                if ((auditflags&DALI_LDAP_READ_WANTED)&&!HASREADPERMISSION(perm)) 
//.........这里部分代码省略.........
开发者ID:johnholt,项目名称:HPCC-Platform,代码行数:101,代码来源:daldap.cpp

示例7: initLDAP

//-----------------------------------------------------
//
//-----------------------------------------------------
bool initLDAP(IPropertyTree * ldapProps)
{
    StringAttr serverType( ldapProps->queryProp("@serverType") );
    if (!serverType.length())
    {
        fprintf(stderr, "\nERROR: serverType not set in LDAPServer component");
        return false;
    }

    StringBuffer hpccUser;
    StringBuffer hpccPwd;
    ldapProps->getProp("@systemUser", hpccUser);
    ldapProps->getProp("@systemPassword", hpccPwd);
    if (0==hpccUser.length() || 0==hpccPwd.length())
    {
        fprintf(stderr, "\nERROR: HPCC systemUser credentials not found in configuration");
        return false;
    }

    StringBuffer ldapAddress;
    ldapProps->getProp("@ldapAddress", ldapAddress);

    //Get LDAP admin creds from user
    char buff[100];
    fprintf(stdout, "\nEnter the '%s' LDAP Admin User name on '%s'...",serverType.get(),ldapAddress.str());
    do
    {
        char * line = fgets(buff, sizeof(buff), stdin);
        if (!line)
            return false;
    }
    while (buff[0] == (char)'\n');

    if (buff[strlen(buff)-1] == '\n')
        buff[strlen(buff)-1] = (char)NULL;
    StringAttr ldapUser(buff);

    fprintf(stdout, "Enter the LDAP Admin user '%s' password...",ldapUser.get());
    char * line = fgets(buff, sizeof(buff), stdin);
    if (!line)
        return false;

    if (buff[strlen(buff)-1] == '\n')
        buff[strlen(buff)-1] = (char)NULL;
    StringAttr ldapPwd(buff);
    if (0==ldapUser.length() || 0==ldapPwd.length())
    {
        fprintf(stderr, "\nERROR: Invalid LDAP Admin account credentials entered");
        return false;
    }

    fprintf(stdout, "\nReady to initialize HPCC LDAP Environment, using the following settings");
    fprintf(stdout, "\n\tLDAP Server     : %s", ldapAddress.str());
    fprintf(stdout, "\n\tLDAP Type       : %s", serverType.get());
    fprintf(stdout, "\n\tHPCC Admin User : %s", hpccUser.str());
    fprintf(stdout, "\nProceed?  y/n ");
    for (;;)
    {
        int c = getchar();
        if (c == 'y' || c == 'Y')
            break;
        else if (c == 'n' || c == 'N')
            return true;
    }

    if (stricmp(serverType.get(),"ActiveDirectory"))
        ldapProps->setProp("@systemBasedn", "");

    //Replace system user with LDAP Admin credentials
    ldapProps->setProp("@systemUser", ldapUser);
    ldapProps->setProp("@systemCommonName", ldapUser);
    StringBuffer sb;
    encrypt(sb,ldapPwd);
    ldapProps->setProp("@systemPassword", sb.str());

    //Create security manager. This creates the required OUs
    Owned<ISecManager> secMgr;
    try
    {
        secMgr.setown(newLdapSecManager("initldap", *LINK(ldapProps)));
    }
    catch(IException *e)
    {
        StringBuffer buff;
        e->errorMessage(buff);
        e->Release();
        fprintf(stderr, "\nERROR: Unable to create security manager : %s", buff.str());
        return false;
    }

    //Create HPCC Admin user
    Owned<ISecUser> user = secMgr->createUser(hpccUser.str());
    StringBuffer pwd;
    decrypt(pwd, hpccPwd.str());
    user->credentials().setPassword(pwd.str());
    try { secMgr->addUser(*user.get()); }
    catch(...) {}//user may already exist, so just move on
//.........这里部分代码省略.........
开发者ID:RogerDev,项目名称:HPCC-Platform,代码行数:101,代码来源:initldap.cpp

示例8: main


//.........这里部分代码省略.........
            printf("security manager can't be created\n");
            return -1;
        }

        if(action == NULL || stricmp(action, "-ac") == 0)
        {
            if(username == NULL || *username == '\0')
            {
                printf("missing username\n");
                return -1;
            }
            if(resource == NULL || *resource == '\0')
            {
                printf("missing resource\n");
                return -1;
            }

            SecResourceType rtype = RT_DEFAULT;
            if((resourcetype != NULL) && (stricmp(resourcetype, "filescope") == 0))
                rtype = RT_FILE_SCOPE;
            else if((resourcetype != NULL) && (stricmp(resourcetype, "workunit") == 0))
                rtype = RT_WORKUNIT_SCOPE;

            StringBuffer passbuf;
            if(passwd == NULL || *passwd == '\0')
            {
                getpassword("Enter password: ", passbuf, false);
                passwd = passbuf.str();
            }

            if(!stress)
            {
                Owned<ISecUser> usr = secmgr->createUser(username);
                usr->credentials().setPassword(passwd);
                int access = secmgr->authorizeEx(rtype, *usr, resource);
                printf("%s's permission = %d \n", resource, access);
            }
            else
            {
                CPermissionCheckThread** thrds = new CPermissionCheckThread*[numthrds];
                for(int i = 0; i < numthrds; i++)   
                    thrds[i] = new CPermissionCheckThread(secmgr, username, passwd, resource, rtype, numrounds);
                for(int j = 0; j < numthrds; j++)
                    thrds[j]->start();
                for(int k = 0; k < numthrds; k++)
                    thrds[k]->join();
            }
        }
        else if(stricmp(action, "-au") == 0)
        {
            if(username == NULL || *username == '\0')
            {
                printf("missing username\n");
                return -1;
            }

            Owned<ISecUser> usr = secmgr->createUser(username);
            if(firstname != NULL)
                usr->setFirstName(firstname);
            if(lastname != NULL)
                usr->setLastName(lastname);
            usr->credentials().setPassword(passwd);
            bool ok = usr?secmgr->addUser(*usr):false;
            if(ok)
                printf("user %s added\n", username);
            else
开发者ID:RogerDev,项目名称:HPCC-Platform,代码行数:67,代码来源:ldapsecuritytest.cpp


注:本文中的Owned::credentials方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。