bool LDAPAuthenticator::authenticate(UMS_Data::User& user) { bool authenticated = false; std::string uri, authlogin, authpassword, ldapbase, authSystemStatus, userid, pwd; DbFactory factory; Database* databaseVishnu = factory.getDatabaseInstance(); std::string sqlCommand = (boost::format("SELECT uri, authlogin, authpassword, ldapbase, authsystem.status, userid, pwd" " FROM ldapauthsystem, authsystem, authaccount, users" " WHERE aclogin='******'" " AND authsystem.authtype=%2%" " AND authaccount.authsystem_authsystemid=authsystem.numauthsystemid" " AND ldapauthsystem.authsystem_authsystemid=authsystem.numauthsystemid" " AND authaccount.users_numuserid=users.numuserid" " AND authsystem.status<>%3%" " AND users.status<>%4%" )%databaseVishnu->escapeData(user.getUserId()) %LDAPTYPE %vishnu::STATUS_DELETED %vishnu::STATUS_DELETED).str(); boost::scoped_ptr<DatabaseResult> result(databaseVishnu->getResult(sqlCommand.c_str())); //If there is no results if (result->getNbTuples() == 0) { UMSVishnuException e (ERRCODE_UNKNOWN_USER, "There is no user-authentication account declared in VISHNU with this identifier"); throw e; } std::vector<std::string> tmp; std::vector<std::string>::iterator ii; for (int i = 0; i < static_cast <int> (result->getNbTuples()); ++i) { tmp.clear(); tmp = result->get(i); ii=tmp.begin(); uri = *ii; authlogin = *(++ii); authpassword = *(++ii); ldapbase = *(++ii); authSystemStatus = *(++ii); userid = *(++ii); pwd = *(++ii); if (vishnu::convertToInt(authSystemStatus) != vishnu::STATUS_ACTIVE) { UMSVishnuException e (ERRCODE_UNKNOWN_AUTH_SYSTEM, "It is locked"); throw e; } try { LDAPProxy ldapPoxy(uri, user.getUserId(), "", user.getPassword()); ldapPoxy.connectLDAP(ldapbase); authenticated = true; user.setUserId(userid); user.setPassword(pwd); break; } catch (UMSVishnuException& e) { if (e.getMsgI() != ERRCODE_UNKNOWN_USER) { throw UMSVishnuException(e); } } catch (SystemException& e) { //If there is a connection problem to LDAP and it is not the last LDAP account to check if ((e.getMsgI() == ERRCODE_AUTHENTERR) && (i == (static_cast <int> (result->getNbTuples())-1))) { throw SystemException(e); } } } return authenticated; }