// helper routine to fine a user's official RecordName
//
char *FindUserFromPrincipal( char *inPrincipal )
{
// now let's parse the name and see if we can find a valid user..
tDirReference dsRef = 0;
tDirNodeReference dsSearchNodeRef = 0;
tDirStatus dsStatus;
char *pRecordName = NULL;
char *pNodeName = NULL;
char *pUsername = strdup( inPrincipal );
char *pAtSymbol = strchr( pUsername, '@' );
// need to parse just the name of the user, since principal is user@REALM
if( pAtSymbol != NULL ) {
*pAtSymbol = '\0';
}
// Open Directory Services reference
dsStatus = dsOpenDirService( &dsRef );
if( dsStatus == eDSNoErr ) {
// use utility function in DSUtility.h to open the search node
dsStatus = OpenSearchNode( dsRef, &dsSearchNodeRef );
if( dsStatus == eDSNoErr ) {
// use utility function in DSUtility.h to locate the user information
dsStatus = LocateUserRecordNameAndNode( dsRef, dsSearchNodeRef, pUsername, &pRecordName, &pNodeName );
if( dsStatus == eDSNoErr ) {
// need to free any node name that may have been returned
if( pNodeName != NULL ) {
free( pNodeName );
pNodeName = NULL;
}
}
// close the search node cause we are done here
dsCloseDirNode( dsSearchNodeRef );
dsSearchNodeRef = 0;
} else {
printf( "Unable to locate and open the Search node to verify user\n" );
}
// need to close Directory Services at this point
dsCloseDirService( dsRef );
dsRef = 0;
}
if( pUsername != NULL ) {
free( pUsername );
pUsername = NULL;
}
return pRecordName;
}
CDirService::CDirService()
{
tDirStatus dsStatus;
dsRef = 0;
dsSearchNodeRef = 0;
dsStatus = dsOpenDirService(&dsRef);
if (dsStatus != eDSNoErr)
{
cleanup();
return;
}
dsStatus = OpenSearchNode(dsRef, &dsSearchNodeRef);
if (dsStatus != eDSNoErr)
{
cleanup();
return;
}
}
int AuthCleartext( char *inUsername, char *inPassword )
{
tDirReference dsRef = 0;
tDirNodeReference dsSearchNodeRef = 0;
tDirNodeReference dsUserNodeRef = 0;
tDirStatus dsStatus;
char *pRecordName = NULL;
char *pNodeName = NULL;
// Key steps to Authenticating a user:
// - First locate the user in the directory
// - Open Directory Service reference
// - Locate and open the Search Node
// - Locate the user's official RecordName and Directory Node based on the username provided
// - Then use authentication appropriate for the type of method
// Open Directory Services reference
dsStatus = dsOpenDirService( &dsRef );
if( dsStatus == eDSNoErr ) {
// use utility function in DSUtility.h to open the search node
dsStatus = OpenSearchNode( dsRef, &dsSearchNodeRef );
if( dsStatus == eDSNoErr ) {
// use utility function in DSUtility.h to locate the user information
dsStatus = LocateUserRecordNameAndNode( dsRef, dsSearchNodeRef, inUsername, &pRecordName, &pNodeName );
if( dsStatus == eDSNoErr ) {
// we should have values available, but let's check to be sure
if( pNodeName != NULL && pNodeName[0] != '\0' &&
pRecordName != NULL && pRecordName[0] != '\0' )
{
// need to create a tDataListPtr from the "/plugin/node" path, using "/" as the separator
tDataListPtr dsUserNodePath = dsBuildFromPath( dsRef, pNodeName, "/" );
dsStatus = dsOpenDirNode( dsRef, dsUserNodePath, &dsUserNodeRef );
if( dsStatus == eDSNoErr ) {
// Use our Utility routine to do the authentication
dsStatus = DoPasswordAuth( dsRef, dsUserNodeRef, kDSStdAuthNodeNativeClearTextOK,
pRecordName, inPassword );
// Determine if successful. There are cases where you may receive other errors
// such as eDSAuthPasswordExpired.
if( dsStatus == eDSNoErr ) {
printf( "Successful: Authentication successful for user '%s'\n", pRecordName );
} else {
printf( "Failure: Authentication for user '%s' - %d\n", pRecordName, dsStatus );
}
}
// free the data list as it is no longer needed
dsDataListDeallocate( dsRef, dsUserNodePath );
free( dsUserNodePath );
dsUserNodePath = NULL;
}
// need to free any node name that may have been returned
if( pNodeName != NULL ) {
free( pNodeName );
pNodeName = NULL;
}
// need to free any record name that may have been returned
if( pRecordName != NULL ) {
free( pRecordName );
pRecordName = NULL;
}
}
// close the search node cause we are done here
dsCloseDirNode( dsSearchNodeRef );
dsSearchNodeRef = 0;
} else {
printf( "Unable to locate and open the Search node\n" );
return 1;
}
// need to close Directory Services at this point
dsCloseDirService( dsRef );
dsRef = 0;
}
return dsStatus;
}
