Main Page   Modules   Data Structures   File List   Data Fields   Globals   Related Pages  

lcas_userban.c

Go to the documentation of this file.
00001 /*                                                                                                            
00002  * Copyright (c) 2001 EU DataGrid.                                                                             
00003  * For license conditions see http://www.eu-datagrid.org/license.html                                          
00004  *
00005  * Copyright (c) 2001, 2002 by 
00006  *     Martijn Steenbakkers <martijn@nikhef.nl>,
00007  *     David Groep <davidg@nikhef.nl>,
00008  *     NIKHEF Amsterdam, the Netherlands
00009  */
00010 
00056 /******************************************************************************
00057 
00058 lcas_userban.c
00059 
00060 Description:
00061     LCAS module that makes authorization decisions based
00062     on a ban list
00063     Currently it reads a plain file that contains the
00064     DN's of the banned users
00065 
00066 CVS Information:
00067     $Source: /cvs/fabric_mgt/gridification/lcas/modules/userban/lcas_userban.c,v $
00068     $Date: 2003/08/27 14:44:11 $
00069     $Revision: 1.3 $
00070     $Author: martijn $
00071 
00072 ******************************************************************************/
00073 
00074 /*****************************************************************************
00075                             Include header files
00076 ******************************************************************************/
00077 #include "lcas_config.h"
00078 #include <stdio.h>
00079 #include <stdlib.h>
00080 #include <string.h>
00081 
00082 #if HAVE_MALLOC_H
00083 #include <malloc.h>
00084 #endif
00085 
00086 #include "lcas_modules.h"
00087 #include "lcas_gridlist.h"
00088 
00089 /******************************************************************************
00090                        Define module specific variables
00091 ******************************************************************************/
00092 static char *                 modname="lcas_userban.mod";
00093 static char *                 userban_db = NULL;
00094 
00095 
00096 /******************************************************************************
00097 Function:   plugin_initialize
00098 Description:
00099     Initialize plugin
00100 Parameters:
00101     argc, argv
00102     argv[1]: database to be used by plugin
00103 Returns:
00104     LCAS_MOD_SUCCESS : succes
00105     LCAS_MOD_FAIL    : failure
00106     LCAS_MOD_NOFILE  : db file not found
00107 ******************************************************************************/
00108 #if 0
00109 int plugin_initialize(char * plugin_db)
00110 #endif
00111 int plugin_initialize(int argc, char ** argv)
00112 {
00113     int i;
00114 
00115     lcas_log_debug(2,"%s-plugin_initialize(): passed arguments:\n",modname);
00116     for (i=0; i < argc; i++)
00117     {
00118         lcas_log_debug(2,"%s-plugin_initialize(): arg %d is %s\n",
00119              modname,i,argv[i]);
00120     }
00121 
00122     if (argc > 1)
00123         userban_db = lcas_findfile(argv[1]);
00124 
00125     /* Test if userban_db can be opened */
00126     if (userban_db == NULL)
00127     {
00128         lcas_log(0,"\t%s-plugin_initialize() error: banned user file required !\n",
00129                    modname);
00130         return LCAS_MOD_NOFILE;
00131     }
00132     if (lcas_getfexist(1,userban_db) == NULL)
00133     {
00134         lcas_log(0,
00135                  "\t%s-plugin_initialize() error: Cannot find banned user file: %s\n",
00136                  modname,userban_db
00137         );
00138         return LCAS_MOD_NOFILE;
00139     }
00140     return LCAS_MOD_SUCCESS;
00141 }
00142 
00143 /******************************************************************************
00144 Function:   plugin_confirm_authorization
00145 Description:
00146     Ask for authorization by passing RSL and user credential
00147 Parameters:
00148     request:   RSL request
00149     user_cred: user credential
00150 Returns:
00151     LCAS_MOD_SUCCESS: authorization succeeded
00152     LCAS_MOD_FAIL   : authorization failed
00153     LCAS_MOD_NOFILE : db file not found
00154 ******************************************************************************/
00155 int
00156 plugin_confirm_authorization(lcas_request_t request, lcas_cred_id_t lcas_cred)
00157 {
00158     int                           rc;
00159     char *                        dummy = NULL;
00160     char *                        user_dn = NULL;
00161 
00162     /*
00163      * check credential and get the globus name
00164      */
00165     if ( (user_dn = lcas_get_dn(lcas_cred)) == NULL)
00166     {
00167         lcas_log(0, "lcas.mod-lcas_get_fabric_authorization() error: user DN empty\n");
00168         goto lcas_userban_noauth;
00169     }
00170 
00171     /* Do the check */
00172     lcas_log_debug(0,"\t%s-plugin_confirm_authorization(): checking banned users in %s\n",
00173              modname,userban_db);
00174 
00175     rc = lcas_gridlist(user_dn, &dummy, userban_db, MATCH_ONLY_DN, NULL, NULL);
00176 
00177     if ( rc == LCAS_MOD_ENTRY )
00178     {
00179         /* Entry found for user_dn, so the user is banned */
00180         lcas_log_debug(0,"\t%s-plugin_confirm_authorization(): entry found for %s\n",
00181                  modname,user_dn);
00182         goto lcas_userban_noauth;
00183     }
00184     else if ( rc == LCAS_MOD_NOFILE )
00185     {
00186         /* file not found */
00187         lcas_log(0,
00188             "\t%s-plugin_confirm_authorization() error: Cannot find banned user file: %s\n",
00189             modname,userban_db);
00190         goto lcas_userban_nofile;
00191     }
00192 
00193  lcas_userban_auth:
00194     /* authorization = no entry found for user_dn */
00195     if (dummy != NULL) free(dummy);
00196     return LCAS_MOD_SUCCESS;
00197 
00198  lcas_userban_noauth:
00199     /* no authorization = entry found for user_dn */
00200     if (dummy != NULL) free(dummy);
00201     return LCAS_MOD_FAIL;
00202 
00203  lcas_userban_nofile:
00204     /* file not found */
00205     if (dummy != NULL) free(dummy);
00206     return LCAS_MOD_NOFILE;
00207 }
00208 
00209 /******************************************************************************
00210 Function:   plugin_terminate
00211 Description:
00212     Terminate plugin
00213 Parameters:
00214 
00215 Returns:
00216     LCAS_MOD_SUCCESS : succes
00217     LCAS_MOD_FAIL    : failure
00218 ******************************************************************************/
00219 int plugin_terminate()
00220 {
00221     lcas_log_debug(1,"%s-plugin_terminate(): terminating\n",modname);
00222     if (userban_db) { free(userban_db); userban_db=NULL; }
00223 
00224     return LCAS_MOD_SUCCESS;
00225 }
Generated at Tue Sep 23 15:06:52 2003 for edg-lcas by doxygen1.2.8.1 written by Dimitri van Heesch, © 1997-2001