More client changes to remove the requirement that the server send mechanism information data along with the mechanism name in the auth.policy.
This commit is contained in:
parent
01b99ffc0d
commit
cf819ea918
@ -249,6 +249,7 @@ GetAuthTokenIf(
|
||||
CasaStatus
|
||||
GetAuthMechToken(
|
||||
IN AuthContext *pAuthContext,
|
||||
IN const char *pHostName,
|
||||
IN void *pCredStoreScope,
|
||||
INOUT char **ppAuthToken)
|
||||
//
|
||||
@ -286,6 +287,7 @@ GetAuthMechToken(
|
||||
retStatus = pAuthTokenIf->getAuthToken(pAuthTokenIf,
|
||||
pAuthContext->pContext,
|
||||
pAuthContext->pMechInfo,
|
||||
pHostName,
|
||||
pCredStoreScope,
|
||||
pAuthToken,
|
||||
&authTokenBufLen);
|
||||
@ -299,6 +301,7 @@ GetAuthMechToken(
|
||||
retStatus = pAuthTokenIf->getAuthToken(pAuthTokenIf,
|
||||
pAuthContext->pContext,
|
||||
pAuthContext->pMechInfo,
|
||||
pHostName,
|
||||
pCredStoreScope,
|
||||
pAuthToken,
|
||||
&authTokenBufLen);
|
||||
|
@ -58,8 +58,9 @@ CasaStatus
|
||||
ObtainSessionToken(
|
||||
IN RpcSession *pRpcSession,
|
||||
IN AuthPolicy *pAuthPolicy,
|
||||
INOUT char **ppSessionToken,
|
||||
IN void *pCredStoreScope)
|
||||
IN const char *pHostName,
|
||||
IN void *pCredStoreScope,
|
||||
INOUT char **ppSessionToken)
|
||||
//
|
||||
// Arguments:
|
||||
//
|
||||
@ -139,6 +140,7 @@ ObtainSessionToken(
|
||||
|
||||
// Get authentication mechanism token
|
||||
retStatus = GetAuthMechToken(pAuthContext,
|
||||
pHostName,
|
||||
pCredStoreScope,
|
||||
&pAuthMechToken);
|
||||
if (!CASA_SUCCESS(retStatus))
|
||||
@ -328,8 +330,9 @@ ObtainAuthTokenFromServer(
|
||||
// Now try to obtain a session token
|
||||
retStatus = ObtainSessionToken(pRpcSession,
|
||||
pAuthPolicy,
|
||||
&pSessionToken,
|
||||
pCredStoreScope);
|
||||
(g_pATSHostName != NULL) ? g_pATSHostName : pHostName,
|
||||
pCredStoreScope,
|
||||
&pSessionToken);
|
||||
if (CASA_SUCCESS(retStatus))
|
||||
{
|
||||
// Request auth token for the service
|
||||
@ -847,11 +850,36 @@ InitializeLibrary(void)
|
||||
retStatus = InitializeHostNameNormalization();
|
||||
if (CASA_SUCCESS(retStatus))
|
||||
{
|
||||
// Normalize ATS host name if configured
|
||||
if (g_pATSHostName)
|
||||
{
|
||||
char *pNormalizedHostName = NormalizeHostName(g_pATSHostName);
|
||||
if (pNormalizedHostName)
|
||||
{
|
||||
// Use this name instead of the one that we already have
|
||||
free(g_pATSHostName);
|
||||
g_pATSHostName = pNormalizedHostName;
|
||||
}
|
||||
else
|
||||
{
|
||||
DbgTrace(0, "-InitializeLibrary- ATS Hostname normalization failed\n", 0);
|
||||
}
|
||||
}
|
||||
|
||||
// Initialize the auth cache
|
||||
retStatus = InitializeAuthCache();
|
||||
if (CASA_SUCCESS(retStatus))
|
||||
{
|
||||
retStatus = InitializeRpc();
|
||||
}
|
||||
else
|
||||
{
|
||||
DbgTrace(0, "-InitializeLibrary- Auth cache intialization failed\n", 0);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
DbgTrace(0, "-InitializeLibrary- HostName Normalizer intialization failed\n", 0);
|
||||
}
|
||||
|
||||
DbgTrace(1, "-InitializeLibrary- End, retStatus = %08X\n", retStatus);
|
||||
|
@ -149,6 +149,7 @@ extern
|
||||
CasaStatus
|
||||
GetAuthMechToken(
|
||||
IN AuthContext *pAuthContext,
|
||||
IN const char *pHostName,
|
||||
IN void *pCredStoreScope,
|
||||
INOUT char **ppAuthMechToken);
|
||||
|
||||
|
@ -88,6 +88,7 @@ CasaStatus
|
||||
IN const void *pIfInstance,
|
||||
IN const char *pContext,
|
||||
IN const char *pMechInfo,
|
||||
IN const char *pHostName,
|
||||
IN void *pCredStoreScope,
|
||||
INOUT char *pTokenBuf,
|
||||
INOUT int *pTokenBufLen);
|
||||
@ -109,6 +110,10 @@ CasaStatus
|
||||
// may be the service principal name to which the user will be
|
||||
// authenticating.
|
||||
//
|
||||
// pHostName -
|
||||
// Pointer to null terminated string containing the name of the
|
||||
// host where the ATS resides.
|
||||
//
|
||||
// pCredStoreScope -
|
||||
// Pointer to CASA structure for scoping credential store access
|
||||
// to specific users. This can only be leveraged when running in
|
||||
|
@ -57,6 +57,7 @@ AuthTokenIf_GetAuthToken(
|
||||
IN const void *pIfInstance,
|
||||
IN const char *pContext,
|
||||
IN const char *pMechInfo,
|
||||
IN const char *pHostName,
|
||||
IN void *pCredStoreScope,
|
||||
INOUT char *pTokenBuf,
|
||||
INOUT int *pTokenBufLen);
|
||||
|
@ -124,7 +124,7 @@ AuthTokenIf_GetAuthToken(
|
||||
|| strlen(pKrbServiceName) == 0)
|
||||
{
|
||||
// The service name will default to host/hostname
|
||||
pKrbServiceName = malloc(5 /*"host/"*/ + strlen(pHostName) + 1 /*'/0'*/)
|
||||
pKrbServiceName = malloc(5 /*"host/"*/ + strlen(pHostName) + 1 /*'/0'*/);
|
||||
if (pKrbServiceName)
|
||||
{
|
||||
sprintf("host/%s", pHostName);
|
||||
|
@ -190,6 +190,7 @@ AuthTokenIf_GetAuthToken(
|
||||
IN const void *pIfInstance,
|
||||
IN const char *pContext,
|
||||
IN const char *pMechInfo,
|
||||
IN const char *pHostName,
|
||||
IN void *pCredStoreScope,
|
||||
INOUT char *pTokenBuf,
|
||||
INOUT int *pTokenBufLen)
|
||||
|
@ -59,6 +59,7 @@ AuthTokenIf_GetAuthToken(
|
||||
IN const void *pIfInstance,
|
||||
IN const char *pContext,
|
||||
IN const char *pMechInfo,
|
||||
IN const char *pHostName,
|
||||
IN void *pCredStoreScope,
|
||||
INOUT char *pTokenBuf,
|
||||
INOUT int *pTokenBufLen);
|
||||
|
Loading…
Reference in New Issue
Block a user