2 Copyright (C) 2000-2005 SKYRIX Software AG
4 This file is part of SOPE.
6 SOPE is free software; you can redistribute it and/or modify it under
7 the terms of the GNU Lesser General Public License as published by the
8 Free Software Foundation; either version 2, or (at your option) any
11 SOPE is distributed in the hope that it will be useful, but WITHOUT ANY
12 WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
14 License for more details.
16 You should have received a copy of the GNU Lesser General Public
17 License along with SOPE; see the file COPYING. If not, write to the
18 Free Software Foundation, 59 Temple Place - Suite 330, Boston, MA
22 #include "OFSHttpPasswd.h"
23 #include <SoObjects/SoHTTPAuthenticator.h>
26 #if defined (__APPLE__) || defined(__FreeBSD__)
29 # if defined(__OpenBSD__)
37 Note: a user-folder is different to an authenticator (though a user
38 folder can be a authenticator itself) ! A user-folder manages the whole
39 user-database while an authenticator decodes HTTP authentication info,
40 checks a password against a user and retrieves only authentication related
41 information on a user.
43 So: a user-folder is strongly related to an authenticator, but isn't
44 usually the actual authenticator object (which usually inherits from
48 // TODO: implement ...
50 @interface OFSHttpPasswdAuthenticator : SoHTTPAuthenticator
52 OFSHttpPasswd *passwd; /* non-retained */
55 - (id)initWithObject:(id)_obj;
60 @implementation OFSHttpPasswd
62 static BOOL debugOn = NO;
63 static NSArray *plainRoles = nil;
64 static NSArray *rootRoles = nil;
67 if (plainRoles == nil) {
68 plainRoles = [[NSArray alloc] initWithObjects:
69 SoRole_Authenticated, SoRole_Anonymous, nil];
71 if (rootRoles == nil) {
72 rootRoles = [[NSArray alloc] initWithObjects:
73 SoRole_Manager, SoRole_Authenticated,
74 SoRole_Anonymous, nil];
79 [self->content release];
80 [self->authenticator detach];
81 [self->authenticator release];
85 - (id)authenticatorInContext:(id)_ctx {
86 if (self->authenticator == nil) {
88 [[OFSHttpPasswdAuthenticator alloc] initWithObject:self];
90 return self->authenticator;
93 /* loading htpasswd */
95 - (NSException *)primaryLoad {
96 NSMutableDictionary *md;
101 [self->content release]; self->content = nil;
103 s = [self contentAsString];
104 lines = [s componentsSeparatedByString:@"\n"];
105 count = [lines count];
106 md = [NSMutableDictionary dictionaryWithCapacity:(count + 1)];
108 for (i = 0; i < count; i++) {
111 NSString *login, *pwd;
113 s = [lines objectAtIndex:i];
114 r = [s rangeOfString:@":"];
115 if (r.length == 0) continue;
117 login = [s substringToIndex:r.location];
118 pwd = [s substringFromIndex:(r.location + r.length)];
120 [md setObject:pwd forKey:login];
122 self->content = [md copy];
126 - (NSString *)cryptedPasswordForLogin:(NSString *)_login {
129 if ([_login length] < 1)
132 return [self->content objectForKey:_login];
134 if ((error = [self primaryLoad]))
137 return [self->content objectForKey:_login];
140 /* authenticator implementation */
142 - (BOOL)checkLogin:(NSString *)_login password:(NSString *)_pwd {
143 NSString *cryptedPwd;
148 [self debugWithFormat:@"check '%@' against pwd ...", _login];
150 if ((cryptedPwd = [self cryptedPasswordForLogin:_login]) == nil) {
151 [self debugWithFormat:@" user '%@' not available in htpasswd", _login];
156 [self debugWithFormat:@" check crypted pwd of user '%@' ...", _login];
158 // salt is user-pwd itself (crypt(pwd, cryptedpwd))
159 cp = crypt([_pwd cString], [cryptedPwd cString]);
160 cpo = cp ? [NSString stringWithCString:cp] : nil;
162 return [cryptedPwd isEqualToString:cpo];
165 - (NSString *)authRealm {
166 return [(WOApplication *)[WOApplication application] name];
169 - (BOOL)isRootLogin:(NSString *)_login {
170 return [_login isEqualToString:@"root"];
172 - (NSArray *)rolesForLogin:(NSString *)_login {
173 return [self isRootLogin:_login] ? rootRoles : plainRoles;
178 - (BOOL)isDebuggingEnabled {
182 @end /* OFSHttpPasswd */
184 @implementation OFSHttpPasswdAuthenticator
186 - (id)initWithObject:(id)_obj {
187 NSAssert(_obj, @"missing htpasswd user folder in argument ...");
188 if ((self = [super init])) {
194 return [self initWithObject:nil];
201 /* implement using folder itself ... */
203 - (BOOL)checkLogin:(NSString *)_login password:(NSString *)_pwd {
204 return [self->passwd checkLogin:_login password:_pwd];
207 - (NSString *)authRealm {
208 return [self->passwd authRealm];
211 - (NSArray *)rolesForLogin:(NSString *)_login {
212 return [self->passwd rolesForLogin:_login];
217 - (BOOL)isDebuggingEnabled {
221 @end /* OFSHttpPasswdAuthenticator */