Monotone-Parent: 78e8177b7871651ba9b05f971e1b40376fb5e49d

Monotone-Revision: 8e4f10d6d171bd7c241c05d63d20efa7f2a66de4

Monotone-Author: wsourdeau@inverse.ca
Monotone-Date: 2009-09-11T14:38:43
Monotone-Branch: ca.inverse.sogo
This commit is contained in:
Wolfgang Sourdeau
2009-09-11 14:38:43 +00:00
parent b5dfe674de
commit 7bb57b4692
15 changed files with 367 additions and 42 deletions
+2
View File
@@ -45,6 +45,7 @@ SOGo_HEADER_FILES = \
\
SOGoAuthenticator.h \
SOGoDAVAuthenticator.h \
SOGoProxyAuthenticator.h \
SOGoWebAuthenticator.h \
SOGoWebDAVAclManager.h \
SOGoWebDAVValue.h \
@@ -94,6 +95,7 @@ SOGo_OBJC_FILES = \
NSURL+DAV.m \
\
SOGoDAVAuthenticator.m \
SOGoProxyAuthenticator.m \
SOGoWebAuthenticator.m \
SOGoWebDAVAclManager.m \
SOGoWebDAVValue.m \
+2 -1
View File
@@ -55,7 +55,8 @@
- (id) objectNamed: (NSString *) name
inContainer: (SOGoObject *) container;
- (void) registerUser: (SOGoUser *) user;
- (void) registerUser: (SOGoUser *) user
withName: (NSString *) userName;
- (id) userNamed: (NSString *) name;
- (NSMutableDictionary *) userAttributesForLogin: (NSString *) theLogin;
+4 -3
View File
@@ -216,11 +216,12 @@ static NSLock *lock;
}
- (void) registerUser: (SOGoUser *) user
withName: (NSString *) userName
{
#if defined(THREADSAFE)
[lock lock];
#endif
[users setObject: user forKey: [user login]];
[users setObject: user forKey: userName];
#if defined(THREADSAFE)
[lock unlock];
#endif
@@ -264,11 +265,11 @@ static NSLock *lock;
forLogin: (NSString *) theLogin
{
NSDictionary *d;
memcached_return rc;
const char *key;
char *s;
unsigned int len, vlen, flags;
unsigned int len, flags;
size_t vlen;
if (!handle)
return nil;
+3 -3
View File
@@ -19,8 +19,8 @@
02111-1307, USA.
*/
#ifndef __Main_SOGoDAVAuthenticator_H__
#define __Main_SOGoDAVAuthenticator_H__
#ifndef _SOGoDAVAuthenticator_H__
#define _SOGoDAVAuthenticator_H__
#import <NGObjWeb/SoHTTPAuthenticator.h>
@@ -50,4 +50,4 @@
@end
#endif /* __Main_SOGoDAVAuthenticator_H__ */
#endif /* _SOGoDAVAuthenticator_H__ */
-1
View File
@@ -27,7 +27,6 @@
#import <NGObjWeb/WORequest.h>
#import <NGObjWeb/WOResponse.h>
#import <NGExtensions/NSObject+Logs.h>
#import <NGLdap/NGLdapConnection.h>
#import "LDAPUserManager.h"
#import "SOGoPermissions.h"
+56
View File
@@ -0,0 +1,56 @@
/* SOGoProxyAuthenticator.h - this file is part of SOGo
*
* Copyright (C) 2009 Inverse inc.
*
* Author: Wolfgang Sourdeau <wsourdeau@inverse.ca>
*
* This file is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2, or (at your option)
* any later version.
*
* This file is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; see the file COPYING. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
* Boston, MA 02111-1307, USA.
*/
#ifndef _SOGoProxyAuthenticator_H__
#define _SOGoProxyAuthenticator_H__
#import <Foundation/NSObject.h>
#import <NGObjWeb/SoHTTPAuthenticator.h>
#import "SOGoAuthenticator.h"
/*
SOGoProxyAuthenticator
This just overrides the login/pwd check method and always returns YES since
the password is already checked in Apache.
*/
@class NSUserDefaults;
@class NSString;
@class SOGoUser;
// @interface SOGoProxyAuthenticator : SoHTTPAuthenticator <SOGoAuthenticator>
@interface SOGoProxyAuthenticator : NSObject
{
NSString *authMethod;
}
+ (id) sharedSOGoProxyAuthenticator;
- (SOGoUser *) userInContext: (WOContext *) _ctx;
- (NSString *) passwordInContext: (WOContext *) context;
@end
#endif /* _SOGoProxyAuthenticator_H__ */
+166
View File
@@ -0,0 +1,166 @@
/* SOGoProxyAuthenticator.h - this file is part of SOGo
*
* Copyright (C) 2009 Inverse inc.
*
* Author: Wolfgang Sourdeau <wsourdeau@inverse.ca>
*
* This file is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2, or (at your option)
* any later version.
*
* This file is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; see the file COPYING. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
* Boston, MA 02111-1307, USA.
*/
#import <Foundation/NSArray.h>
#import <Foundation/NSString.h>
#import <Foundation/NSUserDefaults.h>
#import <NGObjWeb/NSException+HTTP.h>
#import <NGObjWeb/WOContext.h>
#import <NGObjWeb/WORequest.h>
#import <NGObjWeb/WOResponse.h>
#import <NGExtensions/NSObject+Logs.h>
#import "LDAPUserManager.h"
#import "SOGoPermissions.h"
#import "SOGoUser.h"
#import "SOGoProxyAuthenticator.h"
@implementation SOGoProxyAuthenticator
+ (id) sharedSOGoProxyAuthenticator
{
static SOGoProxyAuthenticator *auth = nil;
if (!auth)
auth = [self new];
return auth;
}
- (id) init
{
NSUserDefaults *ud;
if ((self = [super init]))
{
ud = [NSUserDefaults standardUserDefaults];
authMethod = [ud stringForKey: @"SOGoAuthenticationMethod"];
if (!authMethod)
authMethod = [ud stringForKey: @"SOGoAuthentificationMethod"];
if (!authMethod)
{
authMethod = @"LDAP";
[self warnWithFormat:
@"authentication method automatically set to '%@'",
authMethod];
}
}
return self;
}
- (void) dealloc
{
[authMethod release];
[super dealloc];
}
- (BOOL) checkLogin: (NSString *) _login
password: (NSString *) _pwd
{
return YES;
}
/* create SOGoUser */
- (NSString *) checkCredentialsInContext: (WOContext *) context
{
NSString *remoteUser;
remoteUser = [[context request] headerForKey: @"x-webobjects-remote-user"];
return remoteUser;
}
- (WOResponse *) unauthorized: (NSString *) reason
inContext: (WOContext *) context
{
WOResponse *r;
if (![reason length])
reason = @"Unauthorized";
r = [context response];
[r setStatus: 403 /* unauthorized */];
[r setHeader: @"text/plain; charset=utf-8" forKey: @"content-type"];
[r appendContentString: reason];
return r;
}
- (SOGoUser *) userInContext: (WOContext *) context
{
SOGoUser *user;
NSString *login;
login = [self checkCredentialsInContext: context];
if ([login length])
user = [SOGoUser userWithLogin: login
roles: [NSArray arrayWithObject:
SoRole_Authenticated]];
else
user = nil;
return user;
}
- (NSString *) passwordInContext: (WOContext *) context
{
return @"";
}
- (WOResponse *) preprocessCredentialsInContext: (WOContext *) context
{
WOResponse *r;
if ([self userInContext: context])
{
[context setObject: [NSArray arrayWithObject: SoRole_Authenticated]
forKey: @"SoAuthenticatedRoles"];
r = nil;
}
else
r = [self unauthorized: nil inContext: context];
return r;
}
- (BOOL) renderException: (NSException *) e
inContext: (WOContext *) context
{
BOOL rc;
if ([e httpStatus] == 401)
{
[self unauthorized: [e reason] inContext: context];
rc = YES;
}
else
rc = NO;
return rc;
}
@end /* SOGoProxyAuthenticator */
+1 -1
View File
@@ -246,7 +246,7 @@ _timeValue (NSString *key)
if (user)
{
[user autorelease];
[cache registerUser: user];
[cache registerUser: user withName: newLogin];
}
}
if (newRoles)