Example #1
0
 Principal* PrincipalSet::lookup(const UserName& name) const {
     Principal* principal = lookupByDBName(name.getDB());
     if (principal && principal->getName() == name) {
         return principal;
     }
     return NULL;
 }
Example #2
0
 void AuthorizationManager::logoutDatabase(const std::string& dbname) {
     Principal* principal = _authenticatedPrincipals.lookupByDBName(dbname);
     if (!principal)
         return;
     _acquiredPrivileges.revokePrivilegesFromPrincipal(principal->getName());
     _authenticatedPrincipals.removeByDBName(dbname);
 }
Example #3
0
 void AuthorizationSession::logoutDatabase(const std::string& dbname) {
     Principal* principal = _authenticatedPrincipals.lookupByDBName(dbname);
     if (!principal)
         return;
     _acquiredPrivileges.revokePrivilegesFromUser(principal->getName());
     _authenticatedPrincipals.removeByDBName(dbname);
     _externalState->onLogoutDatabase(dbname);
 }
Example #4
0
int main(int argc, char *argv[])
{
    QApplication a(argc, argv);
    Principal w;
    w.show();
    
    return a.exec();
}
Example #5
0
int main( int argc, char ** argv )
{
  QApplication a( argc, argv );
  Principal w;
  w.show();
  a.connect( &a, SIGNAL( lastWindowClosed() ), &a, SLOT( quit() ) );
  return a.exec();
}
Example #6
0
void vagregapasajero::on_btnVolver_clicked()
{
    Principal *p = new Principal();
    p->colaEspera = this->colaEspera;
    p->colaTicket = this->colaTicket;
    p->colaTrenes = this->colaTrenes;
    p->show();
    this->close();
}
Example #7
0
    void AuthorizationManager::grantInternalAuthorization(const std::string& principalName) {
        Principal* principal = new Principal(PrincipalName(principalName, "local"));
        ActionSet actions;
        actions.addAllActions();

        addAuthorizedPrincipal(principal);
        fassert(16581, acquirePrivilege(Privilege(PrivilegeSet::WILDCARD_RESOURCE, actions),
                                    principal->getName()).isOK());
    }
Example #8
0
    void AuthorizationSession::grantInternalAuthorization(const UserName& userName) {
        Principal* principal = new Principal(userName);
        ActionSet actions;
        actions.addAllActions();

        addAuthorizedPrincipal(principal);
        fassert(16581, acquirePrivilege(Privilege(PrivilegeSet::WILDCARD_RESOURCE, actions),
                                    principal->getName()).isOK());
    }
Example #9
0
 Principal* PrincipalSet::lookupByDBName(const StringData& dbname) const {
     for (std::vector<Principal*>::const_iterator it = _principals.begin();
             it != _principals.end(); ++it) {
         Principal* current = *it;
         if (current->getName().getDB() == dbname) {
             return current;
         }
     }
     return NULL;
 }
Example #10
0
 void PrincipalSet::removeByDBName(const StringData& dbname) {
     for (std::vector<Principal*>::iterator it = _principals.begin();
             it != _principals.end(); ++it) {
         Principal* current = *it;
         if (current->getName().getDB() == dbname) {
             delete current;
             _principals.erase(it);
             break;
         }
     }
 }
Example #11
0
        void _authorizePrincipal(const std::string& principalName, bool readOnly) {
            Principal* principal = new Principal(PrincipalName(principalName, "local"));
            ActionSet actions = AuthorizationManager::getActionsForOldStyleUser(
                    "admin", readOnly);

            AuthorizationManager* authorizationManager = cc().getAuthorizationManager();
            authorizationManager->addAuthorizedPrincipal(principal);
            Status status = authorizationManager->acquirePrivilege(
                    Privilege(PrivilegeSet::WILDCARD_RESOURCE, actions), principal->getName());
            verify (status == Status::OK());
        }
Example #12
0
 void PrincipalSet::add(Principal* principal) {
     for (std::vector<Principal*>::iterator it = _principals.begin();
             it != _principals.end(); ++it) {
         Principal* current = *it;
         if (current->getName().getDB() == principal->getName().getDB()) {
             // There can be only one principal per database.
             delete current;
             *it = principal;
             return;
         }
     }
     _principals.push_back(principal);
 }
Example #13
0
void vagregaequipaje::on_btnAgregar_clicked()
{
    int peso = ui->txfPeso->text().toInt();
    bool isMano = ui->chxMano->checkState() == 1;

    Equipaje *nuevo = new Equipaje(peso, this->amo, isMano);
    this->amo->equipaje->insertar(nuevo);
    this->colaTicket->insertar(this->amo);

    Principal *p = new Principal();
    p->colaEspera = this->colaEspera;
    p->colaTicket = this->colaTicket;
    p->colaTrenes = this->colaTrenes;
    p->show();
    this->close();
}
Example #14
0
    bool CmdAuthenticate::authenticateX509(const string& dbname,
                                           BSONObj& cmdObj, 
                                           string& errmsg, 
                                           BSONObjBuilder& result) {
        if(dbname != "$external") {
            errmsg = "X.509 authentication must always use the $external database.";
            result.append(saslCommandCodeFieldName, ErrorCodes::AuthenticationFailed);
            return false;
        }

        std::string user = cmdObj.getStringField("user");
        ClientBasic *client = ClientBasic::getCurrent();
        AuthorizationSession* authorizationSession = client->getAuthorizationSession();
        StringData subjectName = client->port()->getX509SubjectName();
        
        if (user != subjectName) {
            errmsg = "There is no x.509 client certificate matching the user.";
            result.append(saslCommandCodeFieldName, ErrorCodes::AuthenticationFailed);
            return false;
        }
        else {
            StringData srvSubjectName = getSSLManager()->getSubjectName();
            StringData srvClusterId = srvSubjectName.substr(0, srvSubjectName.find("/CN")+1);
            StringData peerClusterId = subjectName.substr(0, subjectName.find("/CN")+1);

            // Handle internal cluster member 
            if (srvClusterId == peerClusterId) {
                authorizationSession->grantInternalAuthorization(UserName(user, "$external"));
            }
            // Handle normal client authentication
            else {
                Principal* principal = new Principal(UserName(user, "$external"));
                principal->setImplicitPrivilegeAcquisition(true);
                authorizationSession->addAuthorizedPrincipal(principal);
            }
            result.append( "dbname" , dbname );
            result.append( "user" , user );
            return true;
        }
    }
Example #15
0
    Status AuthorizationManager::_probeForPrivilege(const Privilege& privilege) {
        Privilege modifiedPrivilege = _modifyPrivilegeForSpecialCases(privilege);
        if (_acquiredPrivileges.hasPrivilege(modifiedPrivilege))
            return Status::OK();

        std::string dbname = nsToDatabase(modifiedPrivilege.getResource());
        for (PrincipalSet::iterator iter = _authenticatedPrincipals.begin(),
                 end = _authenticatedPrincipals.end();
             iter != end; ++iter) {

            Principal* principal = *iter;
            if (!principal->isImplicitPrivilegeAcquisitionEnabled())
                continue;
            if (principal->isDatabaseProbed(dbname))
                continue;
            _acquirePrivilegesForPrincipalFromDatabase(dbname, principal->getName());
            principal->markDatabaseAsProbed(dbname);
            if (_acquiredPrivileges.hasPrivilege(modifiedPrivilege))
                return Status::OK();
        }
        return Status(ErrorCodes::Unauthorized, "unauthorized", 0);
    }
Example #16
0
void afficher(void *data)
{
    Principal *p = static_cast<Principal *>(data);
    p->affichage();
}
Example #17
0
bool
Principal::operator==(const Principal& p) {
    return getHashCode()==p.getHashCode();
}
Example #18
0
bool
Principal::operator!=(const Principal& p) {
    return !(getHashCode()==p.getHashCode());
}
Example #19
0
    bool CmdAuthenticate::authenticateCR(const string& dbname, 
                                         BSONObj& cmdObj, 
                                         string& errmsg, 
                                         BSONObjBuilder& result) {
        
        string user = cmdObj.getStringField("user");

        if (!_areNonceAuthenticateCommandsEnabled) {
            // SERVER-8461, MONGODB-CR must be enabled for authenticating the internal user, so that
            // cluster members may communicate with each other.
            if (dbname != StringData("local", StringData::LiteralTag()) ||
                user != internalSecurity.user) {
                errmsg = _nonceAuthenticateCommandsDisabledMessage;
                result.append(saslCommandCodeFieldName, ErrorCodes::AuthenticationFailed);
                return false;
            }
        }

        string key = cmdObj.getStringField("key");
        string received_nonce = cmdObj.getStringField("nonce");

        if( user.empty() || key.empty() || received_nonce.empty() ) {
            log() << "field missing/wrong type in received authenticate command "
                  << dbname
                  << endl;
            errmsg = "auth fails";
            sleepmillis(10);
            result.append(saslCommandCodeFieldName, ErrorCodes::AuthenticationFailed);
            return false;
        }

        stringstream digestBuilder;

        {
            bool reject = false;
            ClientBasic *client = ClientBasic::getCurrent();
            AuthenticationSession *session = client->getAuthenticationSession();
            if (!session || session->getType() != AuthenticationSession::SESSION_TYPE_MONGO) {
                reject = true;
                LOG(1) << "auth: No pending nonce" << endl;
            }
            else {
                nonce64 nonce = static_cast<MongoAuthenticationSession*>(session)->getNonce();
                digestBuilder << hex << nonce;
                reject = digestBuilder.str() != received_nonce;
                if ( reject ) {
                    LOG(1) << "auth: Authentication failed for " << dbname << '$' << user << endl;
                }
            }
            client->resetAuthenticationSession(NULL);

            if ( reject ) {
                log() << "auth: bad nonce received or getnonce not called. could be a driver bug or a security attack. db:" << dbname << endl;
                errmsg = "auth fails";
                sleepmillis(30);
                result.append(saslCommandCodeFieldName, ErrorCodes::AuthenticationFailed);
                return false;
            }
        }

        BSONObj userObj;
        string pwd;
        Status status = getGlobalAuthorizationManager()->getPrivilegeDocument(
                dbname, UserName(user, dbname), &userObj);
        if (!status.isOK()) {
            log() << status.reason() << std::endl;
            errmsg = "auth fails";
            result.append(saslCommandCodeFieldName, ErrorCodes::AuthenticationFailed);
            return false;
        }
        pwd = userObj["pwd"].String();

        md5digest d;
        {
            digestBuilder << user << pwd;
            string done = digestBuilder.str();

            md5_state_t st;
            md5_init(&st);
            md5_append(&st, (const md5_byte_t *) done.c_str(), done.size());
            md5_finish(&st, d);
        }

        string computed = digestToString( d );

        if ( key != computed ) {
            log() << "auth: key mismatch " << user << ", ns:" << dbname << endl;
            errmsg = "auth fails";
            result.append(saslCommandCodeFieldName, ErrorCodes::AuthenticationFailed);
            return false;
        }

        AuthorizationSession* authorizationSession =
            ClientBasic::getCurrent()->getAuthorizationSession();
        Principal* principal = new Principal(UserName(user, dbname));
        principal->setImplicitPrivilegeAcquisition(true);
        authorizationSession->addAuthorizedPrincipal(principal);

        result.append( "dbname" , dbname );
        result.append( "user" , user );
        return true;
    }