Main Page   Modules   Data Structures   File List   Data Fields   Globals   Related Pages  

lcas_userallow.c

Go to the documentation of this file.
00001 /*                                                                                                            
00002  * Copyright (c) 2001 EU DataGrid.                                                                             
00003  * For license conditions see http://www.eu-datagrid.org/license.html                                          
00004  *
00005  * Copyright (c) 2001, 2002 by 
00006  *     Martijn Steenbakkers <martijn@nikhef.nl>,
00007  *     David Groep <davidg@nikhef.nl>,
00008  *     NIKHEF Amsterdam, the Netherlands
00009  */
00010 
00055 /******************************************************************************
00056 
00057 lcas_userallow.c
00058 
00059 Description:
00060     LCAS module that does static user checking
00061     Currently it uses the gridmapfile
00062 
00063 CVS Information:
00064     $Source: /cvs/fabric_mgt/gridification/lcas/modules/userallow/lcas_userallow.c,v $
00065     $Date: 2003/08/27 14:44:10 $
00066     $Revision: 1.4 $
00067     $Author: martijn $
00068 
00069 ******************************************************************************/
00070 
00071 /*****************************************************************************
00072                             Include header files
00073 ******************************************************************************/
00074 #include "lcas_config.h"
00075 #include <stdio.h>
00076 #include <stdlib.h>
00077 #include <string.h>
00078 
00079 #if HAVE_MALLOC_H
00080 #include <malloc.h>
00081 #endif
00082 
00083 #include "lcas_modules.h"
00084 #include "lcas_gridlist.h"
00085 
00086 /******************************************************************************
00087                                 Definitions
00088 ******************************************************************************/
00089 
00090 #define USE_GRIDMAP 1
00091 
00092 /******************************************************************************
00093                        Define module specific variables
00094 ******************************************************************************/
00095 static char *                 modname="lcas_userallow.mod";
00096 static char *                 userallow_db = NULL;
00097 
00098 /******************************************************************************
00099 Function:   plugin_initialize
00100 Description:
00101     Initialize plugin
00102 Parameters:
00103     argc, argv
00104     argv[1]: database to be used by plugin
00105 Returns:
00106     LCAS_MOD_SUCCESS : succes
00107     LCAS_MOD_FAIL    : failure
00108     LCAS_MOD_NOFILE  : db file not found
00109 ******************************************************************************/
00110 #if 0
00111 int plugin_initialize(char * plugin_db)
00112 #endif
00113 int plugin_initialize(int argc, char ** argv)
00114 {
00115     int                           rc;
00116     char *                        dummy = NULL;
00117 
00118 #if USE_GRIDMAP
00119     /* test with dummy values */
00120     rc = lcas_gridlist("\0", &dummy, NULL, MATCH_ONLY_DN, NULL, NULL);
00121     if ( rc == LCAS_MOD_NOFILE )
00122     {
00123         lcas_log(LOG_NOTICE,"\t%s-plugin_initialize() error: cannot find gridmap file\n",
00124                  modname);
00125         if (dummy != NULL) free(dummy);
00126         return LCAS_MOD_NOFILE;
00127     }
00128 #else
00129     int                           i;
00130 
00131     lcas_log_debug(1,"%s-plugin_initialize(): passed arguments:\n", modname);
00132     for (i=0; i < argc; i++)
00133     {
00134         lcas_log_debug(1,"%s-plugin_initialize(): arg %d is %s\n",
00135              modname,i,argv[i]);
00136     }
00137 
00138     /* set db file (has to be freed) */
00139     if (argc > 1)
00140         userallow_db = lcas_findfile(argv[1]);
00141 
00142     /* Test if userallow_db can be opened */
00143     if (userallow_db == NULL)
00144     {
00145         lcas_log(0,"\t%s-plugin_initialize() error: allowed user file required !\n",
00146                    modname);
00147         return LCAS_MOD_NOFILE;
00148     }
00149     if (lcas_getfexist(1,userallow_db) == NULL)
00150     {
00151         lcas_log(0,
00152                  "\t%s-plugin_initialize() error: Cannot find allowed user file: %s\n",
00153                  modname,userallow_db
00154         );
00155         return LCAS_MOD_NOFILE;
00156     }
00157 #endif
00158     if (dummy != NULL) free(dummy);
00159     return LCAS_MOD_SUCCESS;
00160 }
00161 
00162 /******************************************************************************
00163 Function:   plugin_confirm_authorization
00164 Description:
00165     Static user checking.
00166     In the future the information service will be contacted to check
00167     the permissions/roles of the user.
00168     For the moment only the gridmap file is checked.
00169 Parameters:
00170     request: JDL
00171     user_cred : user globus credential handle
00172 Returns:
00173     LCAS_MOD_SUCCESS: authorization succeeded
00174     LCAS_MOD_FAIL   : authorization failed
00175     LCAS_MOD_NOFILE : db file not found
00176 ******************************************************************************/
00177 int
00178 plugin_confirm_authorization(lcas_request_t request, lcas_cred_id_t lcas_cred)
00179 {
00180     int                           rc;
00181     char *                        dummy = NULL;
00182     char *                        user_dn = NULL;
00183 
00184     /*
00185      * check credential and get the globus name
00186      */
00187     if ( (user_dn = lcas_get_dn(lcas_cred)) == NULL)
00188     {
00189         lcas_log(0, "lcas.mod-lcas_get_fabric_authorization() error: user DN empty\n");
00190         goto lcas_userallow_noauth;
00191     }
00192 
00193     /* Do the check */
00194 #if USE_GRIDMAP
00195     lcas_log_debug(0,
00196     "\t%s-plugin_confirm_authorization(): checking allowed users in gridmapfile\n",
00197              modname);
00198     lcas_log_debug(0,
00199     "\t%s-plugin_confirm_authorization(): checking user %s\n",modname,user_dn);
00200 
00201     rc = lcas_gridlist(user_dn, &dummy, NULL, MATCH_ONLY_DN, NULL, NULL);
00202     lcas_log_debug(1,"got rc = %d from lcas_gridlist()\n",rc);
00203 #else
00204     lcas_log_debug(0,
00205     "\t%s-plugin_confirm_authorization(): checking allowed users in %s\n",
00206              modname,userallow_db);
00207 
00208     rc = lcas_gridlist(user_dn, &dummy, userallow_db, MATCH_ONLY_DN, NULL, NULL);
00209     lcas_log_debug(1,"got rc = %d from lcas_gridlist()\n",rc);
00210 #endif
00211     if ( rc == LCAS_MOD_NOENTRY )
00212     {
00213         /* No entry found for user_dn */
00214         lcas_log(0,"\t%s-plugin_confirm_authorization(): no entry found for %s\n",
00215                  modname,user_dn);
00216         goto lcas_userallow_noauth;
00217     }
00218     else if ( rc == LCAS_MOD_NOFILE )
00219     {
00220         /* File not found */
00221         lcas_log(0,
00222 #if USE_GRIDMAP
00223             "\t%s-plugin_confirm_authorization() error: Cannot find gridmapfile\n",
00224             modname);
00225 #else
00226             "\t%s-plugin_confirm_authorization() error: Cannot find allowed user file: %s\n",
00227             modname,userallow_db);
00228 #endif
00229         goto lcas_userallow_nofile;
00230     }
00231 
00232  lcas_userallow_auth:
00233     /* authorization = entry found for user_dn */
00234     if (dummy != NULL) free(dummy);
00235     return LCAS_MOD_SUCCESS;
00236 
00237  lcas_userallow_noauth:
00238     /* no authorization = no entry found for user_dn */
00239     if (dummy != NULL) free(dummy);
00240     return LCAS_MOD_FAIL;
00241 
00242  lcas_userallow_nofile:
00243     /* file not found */
00244     if (dummy != NULL) free(dummy);
00245     return LCAS_MOD_NOFILE;
00246 }
00247 
00248 /******************************************************************************
00249 Function:   plugin_terminate
00250 Description:
00251     Terminate plugin
00252 Parameters:
00253 
00254 Returns:
00255     LCAS_MOD_SUCCESS : succes
00256     LCAS_MOD_FAIL    : failure
00257 ******************************************************************************/
00258 int plugin_terminate()
00259 {
00260     lcas_log_debug(1,"%s-plugin_terminate(): terminating\n",modname);
00261     if (userallow_db) { free(userallow_db); userallow_db=NULL; }
00262 
00263     return LCAS_MOD_SUCCESS;
00264 }
Generated at Tue Sep 23 15:06:52 2003 for edg-lcas by doxygen1.2.8.1 written by Dimitri van Heesch, © 1997-2001