02111-1307, USA.
*/
+#import <NGLdap/NGLdapConnection.h>
+#import "SOGoPermissions.h"
+
#include "SOGoAuthenticator.h"
#include "SOGoUser.h"
#include "common.h"
@implementation SOGoAuthenticator
-static SOGoAuthenticator *auth = nil; // THREAD
+static SOGoAuthenticator *auth = nil;
-+ (id)sharedSOGoAuthenticator {
++ (id) sharedSOGoAuthenticator
+{
if (auth == nil)
auth = [[self alloc] init];
return auth;
}
-/* check credentials */
+- (id) init
+{
+ if ((self = [super init]))
+ {
+ ud = [NSUserDefaults standardUserDefaults];
+
+ LDAPBaseDN = nil;
+ LDAPHost = nil;
+ LDAPPort = -1;
+
+ authMethod = [[ud stringForKey:@"AuthentificationMethod"] retain];
+ if ([authMethod isEqualToString: @"LDAP"])
+ {
+ LDAPBaseDN = [[ud stringForKey:@"LDAPRootDN"] retain];
+ LDAPHost = [[ud stringForKey:@"LDAPHost"] retain];
+ LDAPPort = [ud integerForKey:@"LDAPPort"];
+ }
+ }
+
+ return self;
+}
+
+- (void) dealloc
+{
+ if (LDAPBaseDN)
+ [LDAPBaseDN release];
+ if (LDAPHost)
+ [LDAPHost release];
+ [authMethod release];
+ [super dealloc];
+}
+
+- (BOOL) checkLogin: (NSString *) _login
+ password: (NSString *) _pwd
+{
+ BOOL accept;
+
+ if ([authMethod isEqualToString: @"LDAP"])
+ accept = [self LDAPCheckLogin: _login password: _pwd];
+ else
+ accept = ([_login length] > 0);
-- (BOOL)checkLogin:(NSString *)_login password:(NSString *)_pwd {
- if ([_login length] == 0)
- return NO;
-
- /* we accept any password since it is checked by Apache in front */
- return YES;
+ return (([_login isEqualToString: @"freebusy"]
+ && [_pwd isEqualToString: @"freebusy"])
+ || accept);
+}
+
+- (BOOL) LDAPCheckLogin: (NSString *) _login
+ password: (NSString *) _pwd
+{
+ return [NGLdapConnection checkPassword: _pwd
+ ofLogin: _login
+ atBaseDN: LDAPBaseDN
+ onHost: LDAPHost
+ port: LDAPPort];
}
/* create SOGoUser */
-- (SoUser *)userInContext:(WOContext *)_ctx {
- static SoUser *anonymous = nil;
- NSString *login;
- NSArray *uroles;
-
- if (anonymous == nil) {
- NSArray *ar = [NSArray arrayWithObject:SoRole_Anonymous];
- anonymous = [[SOGoUser alloc] initWithLogin:@"anonymous" roles:ar];
- }
-
- if ((login = [self checkCredentialsInContext:_ctx]) == nil)
- /* some error (otherwise result would have been anonymous */
- return nil;
-
- if ([login isEqualToString:@"anonymous"])
- return anonymous;
-
- uroles = [self rolesForLogin:login];
- return [[[SOGoUser alloc] initWithLogin:login roles:uroles] autorelease];
+- (SoUser *) userInContext:(WOContext *)_ctx
+{
+ static SoUser *anonymous = nil, *freebusy;
+ SoUser *user;
+ NSArray *traversalPath;
+ NSString *login;
+
+ if (!anonymous)
+ anonymous
+ = [[SOGoUser alloc] initWithLogin:@"anonymous"
+ roles: [NSArray arrayWithObject: SoRole_Anonymous]];
+ if (!freebusy)
+ freebusy
+ = [[SOGoUser alloc] initWithLogin: @"freebusy"
+ roles: [NSArray arrayWithObject: SOGoRole_FreeBusy]];
+
+ login = [self checkCredentialsInContext:_ctx];
+ if (login)
+ {
+ if ([login isEqualToString: @"anonymous"])
+ {
+ traversalPath = [_ctx objectForKey: @"SoRequestTraversalPath"];
+ if ([[traversalPath lastObject] isEqualToString: @"freebusy.ifb"])
+ user = freebusy;
+ else
+ user = anonymous;
+ }
+ else
+ user = [[[SOGoUser alloc] initWithLogin: login
+ roles: [self rolesForLogin: login]]
+ autorelease];
+ }
+ else
+ user = nil;
+
+ return user;
}
+// - (BOOL) renderException: (NSException *) exception
+// inContext: (WOContext *) context
+// {
+// id renderedException;
+// WOComponent *tmpComponent;
+// WOResponse *response;
+// BOOL rc;
+
+// rc = [super renderException: exception inContext: context];
+// if (!rc)
+// {
+// tmpComponent = [WOComponent new];
+// renderedException = [tmpComponent pageWithName: @"UIxException"];
+// if (renderedException)
+// {
+// rc = YES;
+// response = [context response];
+// [response setHeader: @"text/html" forKey: @"content-type"];
+// [renderedException setClientObject: exception];
+// [context setPage: renderedException];
+// [renderedException appendToResponse: response
+// inContext: context];
+// }
+// [tmpComponent release];
+// }
+
+// return rc;
+// }
+
@end /* SOGoAuthenticator */