<userbase> <userbase group="local" storage="list:"/> <userbase group="ldap" storage="ldap:someplace"/> </userbase>If userbases are combined in this way, we scan the list; if a user authenticates against a userbase, we succeed, but otherwise we try the next userbase on the list. I think this makes a lot of sense. Feel free to correct me if I'm wrong. TODO: note that the AUTH command to remote repositories passes a password in plaintext. This is, by any rational account, really stupid. So we really need to implement some kind of digest authentication scheme or something. Which is a hassle. But it has to get done.
WFTK_EXPORT XML * repos_user_auth (XML * repository, const char * userid, const char * password) { WFTK_ADAPTOR * ad; XML * userbase; const char * storage = "list:"; XML * ret; const char * line; const char * end; XML * field; XML * mark; struct _repos_remote * sock = (struct _repos_remote *) xml_getbin (repository); if (sock) { /* Remote. */ xml_setf (sock->parms, "outgoing", "auth %s %s\n", userid, password); _repos_send (sock); line = _repos_receive (sock); if (*line == '-') return NULL; line = strchr (line, '\n') + 1; userbase = xml_create ("t"); xml_set (userbase, "r", ""); while (line[0] != '>' || line[1] != '>') { end = strchr (line, '\n'); if (end) { xml_attrncat (userbase, "r", line, end - line + 1); } else { xml_attrcat (userbase, "r", line); break; } line = end + 1; } ret = xml_parse (xml_attrval (userbase, "r")); xml_free (userbase); xml_set (sock->parms, "buffer", ""); return ret; } userbase = xml_loc (repository, ".userbase"); if (!userbase) { storage = xml_attrval (userbase, "storage"); } /* TODO: handling of multiple userbases. */ ad = wftk_get_adaptor (repository, USER, storage); if (!ad) return NULL; ret = wftk_call_adaptor (ad, "auth", userid, password); wftk_free_adaptor (repository, ad); xml_set (ret, "id", userid); wftk_session_storeuser (repository, xml_copy (ret)); return ret; } |
WFTK_EXPORT XML * repos_user_ingroup (XML * repository, const char * userid, const char * groupid) { WFTK_ADAPTOR * ad; XML * userbase; const char * storage = "list:"; XML * ret; const char * line; const char * end; XML * field; XML * mark; struct _repos_remote * sock = (struct _repos_remote *) xml_getbin (repository); if (sock) { /* Remote. */ xml_setf (sock->parms, "outgoing", "ingroup %s %s\n", userid, groupid); _repos_send (sock); line = _repos_receive (sock); if (*line == '-') return NULL; line = strchr (line, '\n') + 1; userbase = xml_create ("t"); xml_set (userbase, "r", ""); while (line[0] != '>' || line[1] != '>') { end = strchr (line, '\n'); if (end) { xml_attrncat (userbase, "r", line, end - line + 1); } else { xml_attrcat (userbase, "r", line); break; } line = end + 1; } ret = xml_parse (xml_attrval (userbase, "r")); xml_free (userbase); xml_set (sock->parms, "buffer", ""); return ret; } userbase = xml_loc (repository, ".userbase"); if (!userbase) { storage = xml_attrval (userbase, "storage"); } /* TODO: handling of multiple userbases. */ ad = wftk_get_adaptor (repository, USER, storage); if (!ad) return NULL; ret = wftk_call_adaptor (ad, "ingroup", userid, groupid); wftk_free_adaptor (repository, ad); return ret; } |
This code and documentation are released under the terms of the GNU license. They are copyright (c) 2001-2005, Vivtek. All rights reserved except those explicitly granted under the terms of the GNU license. |