Made modifications to switch the client to communicate with ATSs over SSL. Still need to make changes to the linux rpc.c to have all of the necessary changes completed.

Also made a fix to allow credential store scoping all the way into the authentication mechanisms.
2006-11-02 03:49:16 +00:00
parent 920c9c5dff
commit c99e319a3a
16 changed files with 814 additions and 256 deletions
--- a/CASA-auth-token/non-java/client/mechanisms/pwd/get.c
+++ b/CASA-auth-token/non-java/client/mechanisms/pwd/get.c
@@ -39,6 +39,7 @@ static
 CasaStatus
 GetUserCredentials(
   IN       const char *pRealm,
+   IN       void *pCredStoreScope,
   INOUT    char **ppUsername,
   INOUT    char **ppPassword)
 //
@@ -46,6 +47,11 @@ GetUserCredentials(
 //    pRealm -
 //       The realm to which the credentials apply.
 //   
+//    pCredStoreScope -
+//       Pointer to CASA structure for scoping credential store access
+//       to specific users. This can only be leveraged when running in
+//       the context of System under Windows.
+//   
 //    ppUsername -
 //       Pointer to variable that will receive buffer with the username.
 //               
@@ -94,7 +100,7 @@ GetUserCredentials(
                                  NULL,
                                  &credtype,
                                  &credential,
-                                  (SSCS_EXT_T*) NULL);
+                                  (SSCS_EXT_T*) pCredStoreScope);
      if (rcode != NSSCS_SUCCESS)
      {
         // There were no credentials for the realm, now try to obtain the
@@ -106,7 +112,7 @@ GetUserCredentials(
                                     NULL,
                                     &credtype,
                                     &credential,
-                                     (SSCS_EXT_T*) NULL);
+                                     (SSCS_EXT_T*) pCredStoreScope);
      }
   }
   else
@@ -184,6 +190,7 @@ AuthTokenIf_GetAuthToken(
   IN       const void  *pIfInstance,
   IN       const char  *pContext,
   IN       const char  *pMechInfo,
+   IN       void        *pCredStoreScope,
   INOUT    char        *pTokenBuf,
   INOUT    int         *pTokenBufLen)
 //
@@ -191,10 +198,6 @@ AuthTokenIf_GetAuthToken(
 //    pIfInstance -
 //       Pointer to interface object.
 //   
-//    pServiceConfigIf -
-//       Pointer to service config object to which the client is trying to
-//       authenticate.
-//               
 //    pContext -
 //       Pointer to null terminated string containing mechanism specific
 //       context information. Another name for context is Authentication
@@ -208,6 +211,11 @@ AuthTokenIf_GetAuthToken(
 //       may be the service principal name to which the user will be
 //       authenticating.
 //               
+//    pCredStoreScope -
+//       Pointer to CASA structure for scoping credential store access
+//       to specific users. This can only be leveraged when running in
+//       the context of System under Windows.
+//   
 //    pTokenBuf -
 //       Pointer to buffer that will receive the authentication
 //       token. The length of this buffer is specified by the
@@ -255,7 +263,10 @@ AuthTokenIf_GetAuthToken(
   }

   // Get the user credentials
-   retStatus = GetUserCredentials(pContext, &pUsername, &pPassword);
+   retStatus = GetUserCredentials(pContext,
+                                  pCredStoreScope,
+                                  &pUsername,
+                                  &pPassword);
   if (CASA_SUCCESS(retStatus))
   {
      // Now construct the PW token with the following format:
--- a/CASA-auth-token/non-java/client/mechanisms/pwd/internal.h
+++ b/CASA-auth-token/non-java/client/mechanisms/pwd/internal.h
@@ -59,6 +59,7 @@ AuthTokenIf_GetAuthToken(
   IN       const void        *pIfInstance,
   IN       const char        *pContext,
   IN       const char        *pMechInfo,
+   IN       void              *pCredStoreScope,
   INOUT    char              *pTokenBuf,
   INOUT    int               *pTokenBufLen);